Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tY7JH_Y5fGtr5UHRqfQp-R7JD0k.roa
File: tY7JH_Y5fGtr5UHRqfQp-R7JD0k.roa (raw, json)
Hash identifier: jjGr1gbZjy++dqmH4lZsBgQzdrmsycgvs2XJoYRttu8=
Subject key identifier: B5:8E:C9:1F:F6:39:7C:6B:6B:E5:41:D1:A9:F4:29:F9:1E:C9:0F:49
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194B715BD373BD4424420325D12FB9D9A01
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tY7JH_Y5fGtr5UHRqfQp-R7JD0k.roa
Signing time: Thu 30 Jan 2025 12:00:42 +0000
ROA not before: Thu 30 Jan 2025 12:00:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.215.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 11:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:15:bd:37:3b:d4:42:44:20:32:5d:12:fb:9d:9a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 30 12:00:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b58ec91ff6397c6b6be541d1a9f429f91ec90f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e7:43:bd:43:0b:45:48:fe:d3:89:67:3a:8b:
86:60:41:64:9c:db:65:2b:42:bd:cb:01:20:99:e9:
21:e4:11:b6:63:92:9e:05:30:00:1c:1b:ea:a4:5f:
c0:cf:3c:86:48:2f:61:4b:6e:21:97:61:99:51:d0:
0d:d1:e1:fd:e3:96:9c:8b:11:c2:6e:4f:76:06:da:
1f:16:8e:0d:25:08:06:dc:51:e8:c6:a8:42:e2:f9:
98:2c:cd:2a:2e:65:93:af:06:74:47:aa:ba:0f:ba:
29:e7:c5:33:5c:d9:c3:50:e0:de:25:51:17:20:91:
97:67:cd:d7:08:67:c9:60:df:03:14:d5:18:cd:05:
0c:32:30:0d:8e:ec:03:ee:4b:ee:2f:a6:fa:c5:69:
8c:2e:bb:e3:77:6d:e0:16:d6:17:b3:65:af:2e:27:
24:67:8d:f9:be:0a:99:62:d0:46:55:c6:e7:21:e5:
91:85:13:42:43:12:e7:2f:56:ab:07:20:be:bf:35:
79:bc:84:89:d8:7f:ce:95:2d:a5:37:45:3b:03:72:
57:76:ed:b9:3a:64:b0:02:ac:52:47:a6:47:07:f1:
c7:c6:d1:c9:09:1c:ad:1e:b2:d6:3a:74:ba:48:ff:
e8:e4:7f:bd:90:6f:3a:5d:b9:a6:94:b9:46:6e:90:
94:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8E:C9:1F:F6:39:7C:6B:6B:E5:41:D1:A9:F4:29:F9:1E:C9:0F:49
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tY7JH_Y5fGtr5UHRqfQp-R7JD0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.34.0/24
82.153.37.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.7.0/24
89.213.130.0/24
89.213.190.0/24
89.213.215.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:0d:40:f9:1d:dc:a9:5f:5c:26:03:9d:f0:36:a2:bf:64:52:
d3:77:67:1e:24:70:59:91:4f:87:59:d6:3a:65:7a:c6:b5:58:
67:dd:24:6c:77:05:93:a8:80:34:a8:5c:f9:b6:e4:89:24:2a:
a2:85:e5:92:f8:d7:7a:b8:6c:10:3b:6e:84:3a:b6:e3:e8:ac:
e6:77:54:20:07:59:3a:a0:50:00:7c:99:9e:d9:2a:c2:71:1c:
52:11:e1:73:40:3e:5e:85:40:af:d0:7b:7c:8a:42:64:4f:d3:
c0:f1:9b:81:61:d1:d1:1d:ea:6e:2e:42:1f:12:76:15:3b:77:
62:66:59:e0:f1:3a:54:70:88:d4:7a:03:46:eb:6b:8a:e3:00:
74:d6:f0:34:7d:74:7c:cb:88:9c:88:8b:42:c6:44:bc:fd:a7:
cb:05:af:cb:ce:f1:89:29:42:67:53:69:79:5e:2b:ee:ad:5a:
d7:05:95:e0:f7:a2:85:8c:7d:56:3b:34:9c:51:98:9a:10:0f:
07:49:9d:30:4c:c1:2b:e2:43:cc:25:bb:3a:a6:ea:23:31:1d:
d5:f3:0a:40:81:0b:46:63:3a:da:76:8d:f9:5a:8e:18:51:1c:
fd:4f:69:3d:34:57:12:11:f2:ce:42:06:f1:04:21:9f:17:5a:
58:47:15:c9
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZS3Fb03O9RCRCAyXRL7nZoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTMwMTIwMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNThlYzkxZmY2Mzk3YzZiNmJlNTQxZDFhOWY0MjlmOTFlYzkwZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+dDvUMLRUj+04lnOouGYEFknNtl
K0K9ywEgmekh5BG2Y5KeBTAAHBvqpF/AzzyGSC9hS24hl2GZUdAN0eH945acixHC
bk92BtofFo4NJQgG3FHoxqhC4vmYLM0qLmWTrwZ0R6q6D7op58UzXNnDUODeJVEX
IJGXZ83XCGfJYN8DFNUYzQUMMjANjuwD7kvuL6b6xWmMLrvjd23gFtYXs2WvLick
Z435vgqZYtBGVcbnIeWRhRNCQxLnL1arByC+vzV5vISJ2H/OlS2lN0U7A3JXdu25
OmSwAqxSR6ZHB/HHxtHJCRytHrLWOnS6SP/o5H+9kG86XbmmlLlGbpCUQQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFLWOyR/2OXxra+VB0an0KfkeyQ9JMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdFk3SkhfWTVmR3RyNVVIUnFmUXAtUjdKRDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFGoeAME
AFKY+AMEAFKY+wMEAFKY/gMEAFKZIgMEAFKZJQMEAFKZRQMEAFKZSAMEAFKZTwME
AFKZhAMEAFKZ4AMEAFnVBAMEAFnVBwMEAFnVggMEAFnVvgMEAFnV1wMEAG2w9wME
AG2w+wMEALkxfDANBgkqhkiG9w0BAQsFAAOCAQEAGg1A+R3cqV9cJgOd8Daiv2RS
03dnHiRwWZFPh1nWOmV6xrVYZ90kbHcFk6iANKhc+bbkiSQqooXlkvjXerhsEDtu
hDq24+is5ndUIAdZOqBQAHyZntkqwnEcUhHhc0A+XoVAr9B7fIpCZE/TwPGbgWHR
0R3qbi5CHxJ2FTt3YmZZ4PE6VHCI1HoDRutriuMAdNbwNH10fMuInIiLQsZEvP2n
ywWvy87xiSlCZ1NpeV4r7q1a1wWV4PeihYx9Vjs0nFGYmhAPB0mdMEzBK+JDzCW7
OqbqIzEd1fMKQIELRmM62naN+VqOGFEc/U9pPTRXEhHyzkIG8QQhnxdaWEcVyQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 01:11:24 2025 by rpki-client