Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q37WmsOU_gaT5zZ5hQklBSwkXy4.roa
File: q37WmsOU_gaT5zZ5hQklBSwkXy4.roa (raw, json)
Hash identifier: K207dAjvTeLfZJBp1CbiQlQBoRL6RJfsbjqQPhVvnP0=
Subject key identifier: AB:7E:D6:9A:C3:94:FE:06:93:E7:36:79:85:09:25:05:2C:24:5F:2E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01974BD549189D0DE4232E941995B2A70BA2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q37WmsOU_gaT5zZ5hQklBSwkXy4.roa
Signing time: Sat 07 Jun 2025 19:19:18 +0000
ROA not before: Sat 07 Jun 2025 19:19:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.54.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jun 2025 16:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:d5:49:18:9d:0d:e4:23:2e:94:19:95:b2:a7:0b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 7 19:19:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab7ed69ac394fe0693e73679850925052c245f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d3:e7:bd:2b:a5:f7:51:96:48:c1:e0:03:99:
9d:11:de:37:a7:20:87:98:8e:1a:af:a7:d4:c8:07:
49:bf:0e:7c:65:75:8a:a9:00:64:53:26:5a:6f:f5:
7c:27:3c:70:5a:1b:fe:e3:22:80:17:4b:68:99:0b:
79:d2:46:02:60:eb:6d:af:64:e8:8f:e7:91:f5:50:
0d:2d:91:2f:76:19:65:aa:ad:50:41:6b:d8:37:75:
a9:c5:34:11:c5:47:48:9a:88:d0:92:30:83:b1:11:
ea:12:a9:b3:4d:cf:ea:eb:ad:d0:fd:c6:eb:eb:45:
20:e7:4b:b3:39:06:5d:23:38:22:61:f0:50:13:d6:
3a:d6:29:b9:13:18:45:0f:87:7a:0d:45:92:13:c9:
5f:a3:19:31:64:10:af:70:72:f2:7c:15:e9:a5:39:
85:99:51:b7:a0:0e:4f:85:6c:c3:11:64:92:b9:e3:
dd:f9:f7:7b:e6:f7:2e:e9:04:e1:d3:d1:c3:5b:d9:
5c:b3:86:c9:59:41:80:f1:d6:cc:23:a5:78:df:d6:
b6:ef:24:45:a4:03:8e:a9:36:87:f4:ce:2f:88:e2:
3e:33:29:7b:c9:d5:e3:df:b5:18:77:1a:d8:75:3b:
6a:10:a3:56:f5:8d:7d:5a:67:62:82:5a:12:13:e9:
8e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:7E:D6:9A:C3:94:FE:06:93:E7:36:79:85:09:25:05:2C:24:5F:2E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/q37WmsOU_gaT5zZ5hQklBSwkXy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
89.213.43.0/24
89.213.54.0/24
89.213.98.0/24
89.213.159.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.27.0/24
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.41.0/24
213.218.214.0/24
213.218.231.0/24
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
83:70:84:de:b9:fe:8f:e5:18:90:30:81:2e:2e:b8:af:09:78:
2c:c1:55:9e:c3:c7:06:8d:4b:c4:db:29:fc:06:4c:ea:32:47:
99:fa:13:40:ac:d3:06:e4:a2:e2:0b:52:df:3d:bb:2c:b4:4c:
0d:9e:8e:ed:41:8f:d2:f4:4c:ad:05:96:a6:cd:be:f2:62:16:
45:55:7c:75:c7:8f:86:38:cd:15:b5:5e:a5:39:18:d4:de:03:
a9:6a:d4:10:e9:a1:2e:62:ee:42:4c:7d:1d:a2:0d:ac:1c:e0:
ec:06:e0:67:ff:b6:f4:10:54:41:72:83:f8:bd:26:93:71:cc:
ac:41:13:70:af:27:36:c1:0e:48:04:8a:d6:c5:a7:bf:4a:a9:
32:bf:5f:60:48:22:a0:ac:ca:5f:bd:c7:6b:fc:fc:f7:97:f3:
82:24:b1:24:1b:13:fa:2f:0c:74:37:5b:34:03:c3:6b:62:48:
8c:99:9b:8a:e3:39:e1:04:34:67:4b:d7:1c:da:21:9f:25:f0:
2c:a1:83:b0:88:37:6d:d9:0c:3b:7e:ff:33:cd:37:df:83:92:
cc:a1:14:54:9e:64:ac:c2:b3:c1:cd:9b:9b:d8:7c:8e:65:c4:
6e:fb:fa:c7:ff:bd:d4:41:51:26:77:34:75:ee:fc:4d:32:13:
b7:ea:a6:a5
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZdL1UkYnQ3kIy6UGZWypwuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjA3MTkxOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjdlZDY5YWMzOTRmZTA2OTNlNzM2Nzk4NTA5MjUwNTJjMjQ1ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNPnvSul91GWSMHgA5mdEd43pyCH
mI4ar6fUyAdJvw58ZXWKqQBkUyZab/V8JzxwWhv+4yKAF0tomQt50kYCYOttr2To
j+eR9VANLZEvdhllqq1QQWvYN3WpxTQRxUdImojQkjCDsRHqEqmzTc/q663Q/cbr
60Ug50uzOQZdIzgiYfBQE9Y61im5ExhFD4d6DUWSE8lfoxkxZBCvcHLyfBXppTmF
mVG3oA5PhWzDEWSSuePd+fd75vcu6QTh09HDW9lcs4bJWUGA8dbMI6V439a27yRF
pAOOqTaH9M4viOI+Myl7ydXj37UYdxrYdTtqEKNW9Y19WmdigloSE+mO0wIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFKt+1prDlP4Gk+c2eYUJJQUsJF8uMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcTM3V21zT1VfZ2FUNXpaNWhRa2xCU3drWHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuMAwD
BABSmDkDBABSmDoDBABSmEkwDAMEAFKYSwMEAVKYTAMEAFKYTzAMAwQBUphWAwQA
UphYAwQAUphtAwQAUpjiAwQAUpjwAwQAUpjzAwQAUpkmAwQAUpk4AwQAUpk9MAwD
BABSmVMDBABSmVQDBABSmZgDBABSmboDBABSmckDBABSme8DBABZ1SsDBABZ1TYD
BABZ1WIDBABZ1Z8DBABZ1aEwDAMEA1nV6AMEAVnV7AMEAG2wGwMEBW2wIAMEAG2w
yQMEAG2w6wMEANWCggMEANWClQMEANXSKQMEANXa1gMEANXa5wMEANXa7zANBgkq
hkiG9w0BAQsFAAOCAQEAg3CE3rn+j+UYkDCBLi64rwl4LMFVnsPHBo1LxNsp/AZM
6jJHmfoTQKzTBuSi4gtS3z27LLRMDZ6O7UGP0vRMrQWWps2+8mIWRVV8dcePhjjN
FbVepTkY1N4DqWrUEOmhLmLuQkx9HaINrBzg7AbgZ/+29BBUQXKD+L0mk3HMrEET
cK8nNsEOSASK1sWnv0qpMr9fYEgioKzKX73Ha/z895fzgiSxJBsT+i8MdDdbNAPD
a2JIjJmbiuM54QQ0Z0vXHNohnyXwLKGDsIg3bdkMO37/M80334OSzKEUVJ5krMKz
wc2bm9h8jmXEbvv6x/+91EFRJnc0de78TTITt+qmpQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:20:20 2025 by rpki-client