Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iNdps5IdJ2baSBp3TvDpU3bIk1c.roa
File: iNdps5IdJ2baSBp3TvDpU3bIk1c.roa (raw, json)
Hash identifier: nRdkQcQ9i3aUXFgNXa4b5lyPuAlAmd2+213sjcpfSYI=
Subject key identifier: 88:D7:69:B3:92:1D:27:66:DA:48:1A:77:4E:F0:E9:53:76:C8:93:57
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194D70045C1BA51EF75E0D1F7E70DCFF110
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iNdps5IdJ2baSBp3TvDpU3bIk1c.roa
Signing time: Wed 05 Feb 2025 16:45:06 +0000
ROA not before: Wed 05 Feb 2025 16:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.0.0/22 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.196.0/24 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.140.0/22 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 16:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:00:45:c1:ba:51:ef:75:e0:d1:f7:e7:0d:cf:f1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 5 16:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88d769b3921d2766da481a774ef0e95376c89357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8e:69:c5:ab:25:8e:6b:b8:7d:79:66:42:b7:
c1:e7:7f:86:40:e7:a5:17:0d:bf:82:77:01:ee:2f:
39:85:79:27:e1:e7:2d:ba:8b:bf:fc:6f:8c:8a:75:
d5:a8:71:b8:14:22:0a:5d:c8:c6:27:cd:8f:31:c1:
41:d0:30:37:48:c5:6c:6f:bb:4d:b4:79:7d:ae:b8:
ba:f1:4b:dd:19:de:a9:50:77:91:29:06:cd:f3:a3:
79:03:f0:06:97:f5:ee:1e:43:54:74:62:8e:73:14:
d5:d0:85:7f:68:cb:ad:fa:ca:e8:4e:28:c7:4c:ba:
40:12:16:9e:40:ec:9f:6e:b0:a3:0b:31:51:14:01:
4f:7a:65:dc:d0:9e:c5:2e:25:43:20:b9:db:96:3d:
0e:7e:af:84:92:18:c5:aa:25:d6:d0:3b:1c:25:9e:
55:c8:b1:2d:be:b7:40:80:51:79:bd:32:bc:95:7f:
1a:99:f1:22:e4:8d:b7:ac:43:a3:36:ce:7c:81:bf:
1c:77:2f:7c:57:26:23:6f:e1:c6:93:b1:c5:ab:20:
c8:7e:6b:83:67:dc:85:91:a7:d3:3e:87:75:db:5b:
df:07:d1:35:5b:cb:bd:58:53:4f:d7:49:bc:65:9e:
24:b5:44:bb:26:7b:87:62:21:ec:40:c1:d1:76:c8:
52:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D7:69:B3:92:1D:27:66:DA:48:1A:77:4E:F0:E9:53:76:C8:93:57
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iNdps5IdJ2baSBp3TvDpU3bIk1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.69.0/24
82.153.136.0/22
82.153.243.0/24
89.213.0.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.140.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
38:51:cb:71:d8:db:e6:03:ab:0a:a9:75:d4:df:9f:e6:71:04:
68:79:e9:91:a6:5a:9c:cc:af:4a:e4:df:c2:07:05:c5:e6:89:
e6:d9:71:31:5d:87:e2:02:2c:cd:08:29:d1:4c:60:c6:5e:93:
04:8c:97:bf:97:c0:1a:6a:e2:a1:dc:44:7a:74:6a:a1:c1:c3:
76:80:16:39:c5:4a:9f:41:53:0d:fd:df:41:03:1a:76:0d:82:
8f:b2:d5:b4:51:9b:38:32:46:27:6a:c3:c7:28:21:6c:27:c9:
da:69:ce:3e:aa:e4:de:6f:f5:bb:7d:c4:e0:0a:3c:43:2d:1f:
ec:0a:ad:58:db:93:5c:fe:8d:33:cc:77:9b:42:00:63:cb:c9:
79:5b:7a:6d:d7:77:25:3e:14:5b:bb:eb:95:39:c7:a0:9f:7f:
21:f9:a1:c2:a2:71:e8:50:c7:62:9d:1b:9d:0d:d7:0b:91:d6:
c7:d5:72:52:59:8f:cb:a1:17:1e:d9:bd:2a:0c:ab:d1:22:7c:
dc:57:cf:e5:9f:43:41:a3:48:fe:c8:17:a8:37:f6:11:0a:cf:
e6:9e:a2:9d:21:ab:34:bc:6c:83:bf:db:d9:f9:31:d8:ea:1a:
a1:3b:5c:34:14:63:ac:2e:3b:cc:43:c1:79:ab:40:4f:fe:9f:
7a:46:e6:45
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZTXAEXBulHvdeDR9+cNz/EQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjA1MTY0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ3NjliMzkyMWQyNzY2ZGE0ODFhNzc0ZWYwZTk1Mzc2Yzg5MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y5pxasljmu4fXlmQrfB53+GQOel
Fw2/gncB7i85hXkn4ectuou//G+MinXVqHG4FCIKXcjGJ82PMcFB0DA3SMVsb7tN
tHl9rri68UvdGd6pUHeRKQbN86N5A/AGl/XuHkNUdGKOcxTV0IV/aMut+sroTijH
TLpAEhaeQOyfbrCjCzFRFAFPemXc0J7FLiVDILnblj0Ofq+EkhjFqiXW0DscJZ5V
yLEtvrdAgFF5vTK8lX8amfEi5I23rEOjNs58gb8cdy98VyYjb+HGk7HFqyDIfmuD
Z9yFkafTPod121vfB9E1W8u9WFNP10m8ZZ4ktUS7JnuHYiHsQMHRdshSvQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFIjXabOSHSdm2kgad07w6VN2yJNXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaU5kcHM1SWRKMmJhU0JwM1R2RHBVM2JJazFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAFKYCAMEAVKYsAMEAFKZMgMEAFKZRQMEAlKZiAMEAFKZ8wMEAlnVAAMEAVnV
LAMEAVnVMgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQA
WdWSMAwDBAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnV
qwMEBFnVoAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eAD
BANtsBADBAJtsMwDBAFtsPIDBAG5MX4DBATCaVADBADUJk8DBAHUJlgDBALVgowD
BADVmCsDBALV0jQDBADV2tMwDAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0B
AQsFAAOCAQEAOFHLcdjb5gOrCql11N+f5nEEaHnpkaZanMyvSuTfwgcFxeaJ5tlx
MV2H4gIszQgp0Uxgxl6TBIyXv5fAGmriodxEenRqocHDdoAWOcVKn0FTDf3fQQMa
dg2Cj7LVtFGbODJGJ2rDxyghbCfJ2mnOPqrk3m/1u33E4Ao8Qy0f7AqtWNuTXP6N
M8x3m0IAY8vJeVt6bdd3JT4UW7vrlTnHoJ9/IfmhwqJx6FDHYp0bnQ3XC5HWx9Vy
UlmPy6EXHtm9Kgyr0SJ83FfP5Z9DQaNI/sgXqDf2EQrP5p6inSGrNLxsg7/b2fkx
2OoaoTtcNBRjrC47zEPBeatAT/6fekbmRQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:30:35 2025 by rpki-client