Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uR4G-iGKIiLwBplzArK57uGqQ40.roa
File: uR4G-iGKIiLwBplzArK57uGqQ40.roa (raw, json)
Hash identifier: 5LuAxcpb3PKv8Dab9GT5AbP9Ka0iOzdGLdH8arNjdOs=
Subject key identifier: B9:1E:06:FA:21:8A:22:22:F0:06:99:73:02:B2:B9:EE:E1:AA:43:8D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195FFF80500CE6631124DFA1E467D7B2156
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uR4G-iGKIiLwBplzArK57uGqQ40.roa
Signing time: Fri 04 Apr 2025 08:43:19 +0000
ROA not before: Fri 04 Apr 2025 08:43:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.52.0/22 maxlen: 22
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.210.62.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.248.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 08:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:f8:05:00:ce:66:31:12:4d:fa:1e:46:7d:7b:21:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 4 08:43:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b91e06fa218a2222f006997302b2b9eee1aa438d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3c:8b:c6:8b:a8:c9:c2:ad:41:74:b0:4a:b3:
34:94:57:a7:45:f4:04:86:58:e4:25:d3:bc:a0:81:
38:a9:f5:f4:0c:92:7a:fb:88:f1:e1:f4:18:04:ed:
9b:0d:cf:37:dd:26:dc:53:87:56:54:29:c6:7f:80:
3e:14:05:2b:1c:26:29:73:39:22:05:46:8e:83:62:
1c:12:04:6c:c9:3e:5c:58:49:e9:04:df:9b:cb:7c:
0f:c4:9d:17:c5:93:4a:ee:24:b1:87:0b:a0:d6:ef:
63:a2:ba:b5:8f:e4:27:84:7e:05:21:12:5c:3b:ac:
dc:ee:bf:f8:05:14:78:ad:4a:4c:6b:3c:00:7d:ca:
68:82:4e:01:3d:1a:e4:12:3b:6d:b1:57:34:0d:4b:
17:12:ac:5b:7f:1c:87:bb:df:8a:4d:d0:94:61:3c:
40:c5:e3:ac:ee:6c:9f:3f:18:cd:ec:fd:00:58:52:
ca:55:e3:11:07:5b:e0:10:a9:a0:88:21:df:c4:ff:
30:c7:05:08:f1:92:e3:06:df:f6:00:fe:ec:c1:76:
2f:cb:ec:b7:35:a0:b2:aa:1e:a1:0f:dc:4c:d1:6d:
a5:43:fa:c2:6a:fc:a8:d6:53:93:6d:51:ba:22:c9:
3e:e8:df:d6:fd:99:89:a7:97:39:7c:97:97:1f:ea:
9f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1E:06:FA:21:8A:22:22:F0:06:99:73:02:B2:B9:EE:E1:AA:43:8D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uR4G-iGKIiLwBplzArK57uGqQ40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.131.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.216.0-82.153.218.255
82.153.243.0/24
89.213.44.0/23
89.213.50.0-89.213.59.255
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.210.62.0/24
213.218.211.0/24
213.218.226.0/24
213.218.244.0-213.218.248.255
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
7e:f4:e2:ac:4f:18:18:e8:9d:13:80:ba:62:16:57:bc:90:67:
92:53:5c:a1:31:82:ee:9d:01:b1:00:96:52:b2:f4:99:ac:e5:
c0:02:5d:e3:1a:bb:89:ed:8f:a4:63:35:59:b1:10:e8:13:93:
4c:75:29:53:22:e2:70:25:a6:70:c6:66:98:c6:8d:9a:cc:92:
d2:a6:7a:88:fd:34:24:4a:e2:21:9a:1a:28:ca:5d:14:fc:c7:
1b:39:ba:39:10:65:9d:15:cb:b0:d7:c9:8d:26:3e:b6:c6:59:
ae:c5:2b:53:99:e1:4a:39:18:ae:f9:80:29:54:6b:ba:64:10:
4f:0d:a8:c7:55:a7:1d:69:1f:31:83:75:86:a4:4b:cc:d4:34:
23:9f:a2:bc:2f:ed:c0:01:7e:3a:92:50:5b:17:94:0d:e7:06:
3d:6e:2e:36:2c:25:78:ed:82:c7:e6:a0:dc:67:22:41:aa:82:
64:90:20:fa:86:9a:40:a5:4f:5b:4a:f7:3d:d6:3c:71:79:4d:
ce:1d:5b:e9:62:8c:2c:5a:aa:0c:02:7f:24:79:ab:29:f9:e3:
d3:7f:b8:49:90:c6:53:90:9d:df:fb:dd:43:f5:ab:9f:79:f3:
85:d3:ca:e1:89:3b:81:27:e0:4e:09:bc:6e:2f:21:fd:cd:34:
bd:97:bf:b2
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISAZX/+AUAzmYxEk36HkZ9eyFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDA0MDg0MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFlMDZmYTIxOGEyMjIyZjAwNjk5NzMwMmIyYjllZWUxYWE0MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDyLxouoycKtQXSwSrM0lFenRfQE
hljkJdO8oIE4qfX0DJJ6+4jx4fQYBO2bDc833SbcU4dWVCnGf4A+FAUrHCYpczki
BUaOg2IcEgRsyT5cWEnpBN+by3wPxJ0XxZNK7iSxhwug1u9jorq1j+QnhH4FIRJc
O6zc7r/4BRR4rUpMazwAfcpogk4BPRrkEjttsVc0DUsXEqxbfxyHu9+KTdCUYTxA
xeOs7myfPxjN7P0AWFLKVeMRB1vgEKmgiCHfxP8wxwUI8ZLjBt/2AP7swXYvy+y3
NaCyqh6hD9xM0W2lQ/rCavyo1lOTbVG6Isk+6N/W/ZmJp5c5fJeXH+qfdQIDAQAB
o4IDYzCCA18wHQYDVR0OBBYEFLkeBvohiiIi8AaZcwKyue7hqkONMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdVI0Ry1pR0tJaUx3QnBsekFySzU3dUdxUTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdwYIKwYBBQUHAQcBAf8EggFmMIIBYjCCAV4EAgABMIIB
VgMEAFKYCAMEAFKYgwMEAVKYsAMEAFKZMgMEAlKZiDAMAwQDUpnYAwQAUpnaAwQA
UpnzAwQBWdUsMAwDBAFZ1TIDBAJZ1TgDBABZ1X8DBABZ1YEDBABZ1YQDBABZ1YsD
BABZ1Y8wDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWiAwQAWdWkAwQA
WdWnAwQAWdWpMAwDBABZ1asDBABZ1bADBABZ1bUDBABZ1bcDBABZ1b8wDAMEAlnV
xAMEBFnVwDAMAwQCWdXkAwQEWdXgAwQDbbAQAwQAbbDBAwQCbbDMAwQBbbDyAwQA
bbD8AwQBuTF+AwQAuWUvAwQEwmlQAwQA1CZPAwQB1CZYAwQC1YKEAwQA1ZgrAwQC
1dI0AwQA1dI+AwQA1drTAwQA1driMAwDBALV2vQDBADV2vgwDAMEANmRQQMEANmR
QgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAfvTirE8YGOidE4C6YhZXvJBnklNc
oTGC7p0BsQCWUrL0mazlwAJd4xq7ie2PpGM1WbEQ6BOTTHUpUyLicCWmcMZmmMaN
msyS0qZ6iP00JEriIZoaKMpdFPzHGzm6ORBlnRXLsNfJjSY+tsZZrsUrU5nhSjkY
rvmAKVRrumQQTw2ox1WnHWkfMYN1hqRLzNQ0I5+ivC/twAF+OpJQWxeUDecGPW4u
NiwleO2Cx+ag3GciQaqCZJAg+oaaQKVPW0r3PdY8cXlNzh1b6WKMLFqqDAJ/JHmr
Kfnj03+4SZDGU5Cd3/vdQ/Wrn3nzhdPK4Yk7gSfgTgm8bi8h/c00vZe/sg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:05:25 2025 by rpki-client