Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kXpUWzUf1uw6XnbfsBbqG51Ojps.roa
File: kXpUWzUf1uw6XnbfsBbqG51Ojps.roa (raw, json)
Hash identifier: Rr2CghQGIoD7WKuUck5+IJWcUK82I++31dHKW6SKpeQ=
Subject key identifier: 91:7A:54:5B:35:1F:D6:EC:3A:5E:76:DF:B0:16:EA:1B:9D:4E:8E:9B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195FBFF57F06B817104767072769ADD371B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kXpUWzUf1uw6XnbfsBbqG51Ojps.roa
Signing time: Thu 03 Apr 2025 14:12:50 +0000
ROA not before: Thu 03 Apr 2025 14:12:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.210.62.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
217.145.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 08:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fb:ff:57:f0:6b:81:71:04:76:70:72:76:9a:dd:37:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 3 14:12:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=917a545b351fd6ec3a5e76dfb016ea1b9d4e8e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9c:29:67:90:e9:b0:23:be:e6:3b:e7:13:a6:
b4:65:cd:cc:65:c4:46:0c:b3:ff:e9:cf:3a:0c:79:
d3:7e:6d:3a:af:90:05:4f:12:5d:9a:7e:bc:8a:04:
01:3f:9c:f3:c0:14:5d:88:f8:05:49:88:cb:8d:69:
1c:29:6a:bb:77:ad:e2:84:43:86:64:aa:d7:02:16:
7b:90:67:9c:1e:24:78:95:03:95:f7:1e:07:06:03:
1e:a1:5f:4f:f4:5f:1d:3a:ac:9f:b1:e3:94:2b:b4:
7c:19:a8:5d:0e:b9:c6:cf:bb:c3:dd:b6:2a:2d:5c:
78:64:47:df:91:a3:33:f2:53:ef:65:d2:e5:86:7e:
7f:56:dd:4e:62:ae:c3:14:98:fa:a9:4b:13:a9:66:
b2:c2:c4:fa:2c:19:68:c0:d4:1b:fe:80:29:05:7b:
86:51:49:5d:6f:7f:3a:ba:4c:73:57:95:8f:a0:cc:
46:e8:dc:ad:f8:0b:fc:b0:e2:81:5f:29:c8:a2:f6:
63:93:90:9f:28:e7:9f:46:42:1b:21:2f:96:ba:9e:
f7:14:0e:76:ae:dd:ce:bc:4a:06:3a:9a:35:2d:59:
d5:42:c2:b5:2a:e7:7e:88:25:28:d0:bc:88:d9:b2:
ea:c5:49:69:24:31:48:c9:13:93:c1:66:d8:a5:14:
d0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7A:54:5B:35:1F:D6:EC:3A:5E:76:DF:B0:16:EA:1B:9D:4E:8E:9B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kXpUWzUf1uw6XnbfsBbqG51Ojps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.131.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.216.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.210.62.0/24
213.218.211.0/24
213.218.226.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
42:fa:c9:bf:03:09:9d:a6:73:93:38:ac:91:ae:01:0f:2b:08:
9c:e5:bf:28:2e:6f:7f:d9:40:89:90:b7:fb:3a:24:e6:5c:f9:
f4:2e:d5:f7:3d:67:62:52:4d:f0:34:5a:53:89:69:58:c5:47:
da:a2:19:f7:a4:fe:d5:b8:58:e7:5b:4f:09:40:a8:8f:2a:6a:
e0:b0:d8:97:2e:e2:69:de:e3:be:43:f6:52:c3:13:5c:39:3b:
44:62:05:e7:10:bf:76:f0:f6:cc:53:f4:54:2a:bf:9c:c4:c7:
2d:2a:45:c2:63:43:39:78:64:71:a3:15:3c:bf:79:63:8a:39:
31:59:ee:e7:15:96:be:90:8e:2a:24:5a:44:7a:03:46:6f:9f:
54:f6:d9:8b:f3:00:87:f6:a1:17:1a:40:f8:ec:6a:17:e8:1e:
f0:c5:25:3f:88:96:43:d6:6d:63:cc:0a:f4:c8:cb:6d:2e:de:
64:a3:53:aa:89:76:fd:3d:e7:fb:47:56:12:ef:3c:3d:aa:3d:
a6:5f:45:9a:4d:ad:b2:f0:49:b4:2a:2e:fe:cb:08:dd:fa:47:
a6:42:24:4e:c3:ca:41:01:4f:f7:6f:1f:b1:6b:fe:8c:34:15:
4d:7c:3e:0f:38:b9:25:33:83:bf:53:2a:c4:0a:59:9a:30:3c:
5e:33:57:2f
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAZX7/1fwa4FxBHZwcnaa3TcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDAzMTQxMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdhNTQ1YjM1MWZkNmVjM2E1ZTc2ZGZiMDE2ZWExYjlkNGU4ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pwpZ5DpsCO+5jvnE6a0Zc3MZcRG
DLP/6c86DHnTfm06r5AFTxJdmn68igQBP5zzwBRdiPgFSYjLjWkcKWq7d63ihEOG
ZKrXAhZ7kGecHiR4lQOV9x4HBgMeoV9P9F8dOqyfseOUK7R8GahdDrnGz7vD3bYq
LVx4ZEffkaMz8lPvZdLlhn5/Vt1OYq7DFJj6qUsTqWaywsT6LBlowNQb/oApBXuG
UUldb386ukxzV5WPoMxG6Nyt+Av8sOKBXynIovZjk5CfKOefRkIbIS+Wup73FA52
rt3OvEoGOpo1LVnVQsK1Kud+iCUo0LyI2bLqxUlpJDFIyROTwWbYpRTQMQIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFJF6VFs1H9bsOl5237AW6hudTo6bMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva1hwVVd6VWYxdXc2WG5iZnNCYnFHNTFPanBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAVYEAgABMIIB
TgMEAFKYCAMEAFKYgwMEAVKYsAMEAFKZMgMEAlKZiAMEAlKZ2AMEAFKZ8wMEAVnV
LDAMAwQBWdUyAwQCWdU4AwQAWdV/AwQAWdWBAwQAWdWEAwQAWdWLAwQAWdWPMAwD
BABZ1ZEDBABZ1ZIwDAMEAlnVlAMEBVnVgAMEAFnVogMEAFnVpAMEAFnVpwMEAFnV
qTAMAwQAWdWrAwQAWdWwAwQAWdW1AwQAWdW3AwQAWdW/MAwDBAJZ1cQDBARZ1cAw
DAMEAlnV5AMEBFnV4AMEA22wEAMEAG2wwQMEAm2wzAMEAW2w8gMEAG2w/AMEAbkx
fgMEALllLwMEBMJpUAMEANQmTwMEAdQmWAMEAtWChAMEANWYKwMEAtXSNAMEANXS
PgMEANXa0wMEANXa4jAMAwQC1dr0AwQA1dr4MAwDBADZkUEDBADZkUIDBAPZkUgw
DQYJKoZIhvcNAQELBQADggEBAEL6yb8DCZ2mc5M4rJGuAQ8rCJzlvygub3/ZQImQ
t/s6JOZc+fQu1fc9Z2JSTfA0WlOJaVjFR9qiGfek/tW4WOdbTwlAqI8qauCw2Jcu
4mne475D9lLDE1w5O0RiBecQv3bw9sxT9FQqv5zExy0qRcJjQzl4ZHGjFTy/eWOK
OTFZ7ucVlr6QjiokWkR6A0Zvn1T22YvzAIf2oRcaQPjsahfoHvDFJT+IlkPWbWPM
CvTIy20u3mSjU6qJdv095/tHVhLvPD2qPaZfRZpNrbLwSbQqLv7LCN36R6ZCJE7D
ykEBT/dvH7Fr/ow0FU18Pg84uSUzg79TKsQKWZowPF4zVy8=
-----END CERTIFICATE-----
Generated at Thu Jun 19 11:09:47 2025 by rpki-client