Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vp71j9GIWepnf1XSsbc9w8VCIYc.roa
File: vp71j9GIWepnf1XSsbc9w8VCIYc.roa (raw, json)
Hash identifier: 6+6OtjTKD4nEIF3WR1XkdD+DjB6baqBFRYyehxGRB88=
Subject key identifier: BE:9E:F5:8F:D1:88:59:EA:67:7F:55:D2:B1:B7:3D:C3:C5:42:21:87
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193631B8E95F444DB5C49D889B80C9FA871
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vp71j9GIWepnf1XSsbc9w8VCIYc.roa
Signing time: Mon 25 Nov 2024 11:36:10 +0000
ROA not before: Mon 25 Nov 2024 11:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.105.0/24 maxlen: 24
89.213.120.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.226.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 16:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:1b:8e:95:f4:44:db:5c:49:d8:89:b8:0c:9f:a8:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 25 11:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be9ef58fd18859ea677f55d2b1b73dc3c5422187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:f1:43:3e:d7:cc:1b:78:bb:26:3c:f4:cf:
2a:7e:07:04:c5:5e:14:12:a7:0e:7e:52:2b:03:1b:
1f:08:6e:ee:8f:da:47:d4:a1:a8:91:5a:5a:97:4d:
31:71:29:1c:d3:89:b5:58:0a:0d:34:aa:5d:de:ee:
74:7c:4b:20:1f:95:f5:47:58:70:e5:6e:4c:1b:e3:
87:b9:74:3f:dd:23:ff:7d:5f:b6:2b:0d:99:3b:2c:
c8:e8:7f:e9:e8:d0:93:8b:d3:90:bc:a6:79:4a:cd:
ac:33:42:b0:03:24:d7:60:af:da:aa:92:c6:d5:2a:
ce:4b:a4:94:a1:b8:03:25:2e:5c:a2:51:8f:76:cb:
f7:e2:58:d8:5f:0e:bc:8e:ca:1d:93:b0:2d:bd:be:
82:cd:0d:28:2f:be:b0:2c:85:98:fd:21:2a:83:2a:
2b:ec:68:55:fe:54:00:3e:1a:d8:e2:58:91:d6:83:
a2:4f:e7:09:18:fd:41:12:28:cf:bd:19:ed:b7:e8:
f2:6d:da:59:b4:99:2d:de:40:27:a7:bc:16:86:b5:
7b:8c:d4:d8:ef:d6:83:6f:89:ef:86:c6:25:f8:68:
36:22:88:25:ac:20:1f:9c:f7:e1:f1:08:96:10:a2:
5f:ea:2d:31:32:e8:29:1f:03:95:16:25:8c:67:22:
6a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:9E:F5:8F:D1:88:59:EA:67:7F:55:D2:B1:B7:3D:C3:C5:42:21:87
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vp71j9GIWepnf1XSsbc9w8VCIYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.105.0/24
89.213.120.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.226.0/24
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.27.0/24
109.176.204.0/22
109.176.242.0/23
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.210.52.0/22
213.218.211.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
37:d8:fc:3d:ab:39:c6:19:dd:05:fd:0b:9f:82:03:0b:1b:30:
12:79:5c:8e:36:c3:a3:7b:22:6d:2e:4f:58:82:b7:5c:a2:d4:
51:7f:7a:34:cd:03:f5:0c:12:b4:c8:4a:aa:ad:ea:82:14:c8:
60:4b:a9:0a:e6:74:1a:6c:2f:a1:06:66:97:b2:fe:77:79:ef:
35:c9:53:fa:b4:b3:6c:83:13:38:7b:de:e6:e8:c1:02:5e:71:
f2:7e:e5:82:2f:30:68:7e:09:62:b6:43:f7:e6:f1:5e:63:7e:
46:0a:1f:44:2c:b3:d9:ae:ab:bf:21:9d:4d:55:d4:a8:82:e0:
d2:b8:f8:b1:55:f7:99:2f:fa:cc:de:c7:49:a6:48:72:5b:80:
e3:7d:02:70:68:25:06:12:0c:d2:b7:91:ef:3a:a2:56:fe:74:
80:56:5f:e7:84:04:96:cf:e4:31:29:2d:12:09:59:0b:bc:a0:
79:c6:72:98:13:75:77:ed:b4:e0:88:37:c3:2a:97:26:a7:08:
43:35:b4:5b:33:4b:d3:66:18:ca:5c:f2:6c:85:2f:84:61:13:
92:61:f2:6c:fe:6d:82:39:d1:85:ce:a2:d1:f9:8c:c6:59:57:
46:67:eb:98:45:63:81:78:65:54:4e:bc:7e:df:9b:51:70:59:
88:89:7e:4e
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZNjG46V9ETbXEnYibgMn6hxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTI1MTEzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTllZjU4ZmQxODg1OWVhNjc3ZjU1ZDJiMWI3M2RjM2M1NDIyMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa/xQz7XzBt4uyY89M8qfgcExV4U
EqcOflIrAxsfCG7uj9pH1KGokVpal00xcSkc04m1WAoNNKpd3u50fEsgH5X1R1hw
5W5MG+OHuXQ/3SP/fV+2Kw2ZOyzI6H/p6NCTi9OQvKZ5Ss2sM0KwAyTXYK/aqpLG
1SrOS6SUobgDJS5colGPdsv34ljYXw68jsodk7Atvb6CzQ0oL76wLIWY/SEqgyor
7GhV/lQAPhrY4liR1oOiT+cJGP1BEijPvRntt+jybdpZtJkt3kAnp7wWhrV7jNTY
79aDb4nvhsYl+Gg2IoglrCAfnPfh8QiWEKJf6i0xMugpHwOVFiWMZyJqLQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFL6e9Y/RiFnqZ39V0rG3PcPFQiGHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdnA3MWo5R0lXZXBuZjFYU3NiYzl3OFZDSVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBABS
mAgDBAFSmLADBAJSmYgDBAFZ1SwDBAFZ1TIDBAJZ1TgDBABZ1WkDBABZ1XgDBABZ
1YEDBABZ1YQDBABZ1YswDAMEAFnVkQMEAFnVkjAMAwQCWdWUAwQFWdWAAwQAWdWi
AwQAWdWnAwQCWdWsMAwDBAJZ1cQDBARZ1cADBABZ1eIwDAMEAlnV5AMEBFnV4AME
A22wEAMEAG2wGwMEAm2wzAMEAW2w8gMEAbkxfgMEBMJpUAMEAdQmWAMEAtXSNAME
ANXa0zAMAwQA2ZFBAwQA2ZFCAwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQA32Pw9
qznGGd0F/QufggMLGzASeVyONsOjeyJtLk9YgrdcotRRf3o0zQP1DBK0yEqqreqC
FMhgS6kK5nQabC+hBmaXsv53ee81yVP6tLNsgxM4e97m6MECXnHyfuWCLzBofgli
tkP35vFeY35GCh9ELLPZrqu/IZ1NVdSoguDSuPixVfeZL/rM3sdJpkhyW4DjfQJw
aCUGEgzSt5HvOqJW/nSAVl/nhASWz+QxKS0SCVkLvKB5xnKYE3V37bTgiDfDKpcm
pwhDNbRbM0vTZhjKXPJshS+EYROSYfJs/m2COdGFzqLR+YzGWVdGZ+uYRWOBeGVU
Trx+35tRcFmIiX5O
-----END CERTIFICATE-----
Generated at Thu May 1 08:10:06 2025 by rpki-client