Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/r-td3B_hotdVdRWpEnncKscXdsg.roa
File: r-td3B_hotdVdRWpEnncKscXdsg.roa (raw, json)
Hash identifier: +BKqocD+bCWKpzWfv3R6HWl6se8TRyLE8/zb7v9ofio=
Subject key identifier: AF:EB:5D:DC:1F:E1:A2:D7:55:75:15:A9:12:79:DC:2A:C7:17:76:C8
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 03E1DD39
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/r-td3B_hotdVdRWpEnncKscXdsg.roa
Signing time: Sat 01 Jan 2022 06:57:56 +0000
ROA not before: Sat 01 Jan 2022 06:57:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8491
IP address blocks: 82.194.224.0/19 maxlen: 19
82.194.232.0/24 maxlen: 24
82.194.237.0/24 maxlen: 24
81.95.41.0/24 maxlen: 24
81.95.42.0/24 maxlen: 24
89.188.160.0/19 maxlen: 19
81.95.46.0/24 maxlen: 24
87.238.96.0/21 maxlen: 21
87.238.101.0/24 maxlen: 24
81.95.36.0/24 maxlen: 24
81.95.32.0/20 maxlen: 20
81.95.35.0/24 maxlen: 24
2a03:8640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65133881 (0x3e1dd39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 06:57:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afeb5ddc1fe1a2d7557515a91279dc2ac71776c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7c:1d:70:a8:9b:8f:e3:57:59:90:93:4d:6e:
12:b0:03:e3:0c:86:e8:59:85:e3:72:b0:00:38:41:
1f:bd:02:08:55:ba:3e:9c:96:08:9c:e5:a7:ae:38:
e4:99:39:0a:27:fd:bb:a3:9f:c4:3f:c7:73:a4:92:
a0:3b:c0:79:0d:76:e5:3e:b7:58:1e:0d:4b:a7:ce:
9d:9b:29:d7:48:4f:5a:3a:10:d8:b6:03:92:c3:2d:
52:99:f1:66:e8:8c:4e:d9:f5:34:e8:74:6f:7a:dd:
6d:94:e0:b8:58:c0:91:59:94:c3:2c:71:61:b4:16:
95:44:ea:79:07:00:4e:74:75:2e:68:5d:49:2c:6f:
c6:99:f2:25:30:51:5d:7f:e8:29:76:85:86:d4:bd:
e9:55:c3:25:89:a9:e6:cd:d0:d1:3e:d1:b2:e7:4a:
c7:62:1d:f3:6d:65:08:13:8a:b9:bb:cf:7f:df:e3:
40:0a:1c:f8:35:40:b5:03:67:a2:8f:08:51:69:6a:
95:2b:8a:53:d8:98:14:78:d2:16:90:4b:9a:80:c9:
8c:68:33:31:5b:8c:91:1d:50:2a:70:ed:61:8d:f3:
c6:31:0f:e7:4a:3e:8a:59:5f:6b:da:7e:7a:2b:5b:
9d:db:ab:c1:37:29:58:34:dd:ef:55:36:57:5a:fd:
67:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EB:5D:DC:1F:E1:A2:D7:55:75:15:A9:12:79:DC:2A:C7:17:76:C8
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/r-td3B_hotdVdRWpEnncKscXdsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.32.0/20
82.194.224.0/19
87.238.96.0/21
89.188.160.0/19
IPv6:
2a03:8640::/32
Signature Algorithm: sha256WithRSAEncryption
4e:2b:17:74:29:09:50:b4:f4:d0:e4:41:06:e8:8e:a2:9e:01:
92:b5:fc:40:f7:66:b7:6a:6a:c5:25:d5:30:fb:1f:c5:5f:85:
95:eb:5e:fb:6c:8f:ad:27:a3:d1:e2:7b:b0:e8:3d:1e:0a:9b:
0d:f5:f4:3f:d2:8c:30:3e:25:fc:bb:9e:60:e8:34:4a:32:26:
99:1d:ab:fe:7c:17:27:84:23:c6:43:f4:49:e5:e3:3d:be:82:
7a:6a:f4:82:e4:c7:7b:8d:3a:b5:3c:4b:3a:dc:45:2e:df:79:
13:6e:a3:09:b4:96:40:ea:4a:a8:4b:29:9f:f7:12:ed:ca:b2:
02:59:ff:c2:91:ee:ff:de:1d:94:fa:25:dc:be:d2:c3:8c:6a:
92:c7:c8:d6:ee:cb:22:6f:87:bd:46:ad:b4:0d:26:c7:9f:af:
dc:11:db:86:2f:54:b9:d5:8f:00:a8:bc:c8:54:b7:60:46:bd:
dd:36:e3:44:0a:7a:b9:fc:d8:4c:97:54:99:30:c4:44:cd:d4:
a3:94:bf:e2:6c:43:83:dd:36:5c:30:15:71:9e:22:4a:1d:e3:
8c:f6:27:51:d7:9b:75:b9:52:6a:ff:84:c3:3f:db:50:cb:24:
51:1a:dc:75:2d:04:38:39:5a:e0:32:7f:25:b0:b1:bb:3d:3a:
07:0c:59:9e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEA+HdOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2UzZDkyYmZlMTY2MTljYTUwMGMwMzI2N2VmZmE5YWE3Y2EwYzQ3MB4XDTIyMDEw
MTA2NTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZlYjVkZGMxZmUx
YTJkNzU1NzUxNWE5MTI3OWRjMmFjNzE3NzZjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKd8HXCom4/jV1mQk01uErAD4wyG6FmF43KwADhBH70CCFW6
PpyWCJzlp6445Jk5Cif9u6OfxD/Hc6SSoDvAeQ125T63WB4NS6fOnZsp10hPWjoQ
2LYDksMtUpnxZuiMTtn1NOh0b3rdbZTguFjAkVmUwyxxYbQWlUTqeQcATnR1Lmhd
SSxvxpnyJTBRXX/oKXaFhtS96VXDJYmp5s3Q0T7RsudKx2Id821lCBOKubvPf9/j
QAoc+DVAtQNnoo8IUWlqlSuKU9iYFHjSFpBLmoDJjGgzMVuMkR1QKnDtYY3zxjEP
50o+illfa9p+eitbndurwTcpWDTd71U2V1r9Z68CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSv613cH+Gi11V1FakSedwqxxd2yDAfBgNVHSMEGDAWgBQj49kr/hZhnKUA
wDJn7/qap8oMRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ktUFpLXzRXWVp5bEFNQXlaLV82bXFmS0RFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvOWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8x
L3ItdGQzQl9ob3RkVmRSV3BFbm5jS3NjWGRzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
OWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8xL0ktUFpLXzRXWVp5
bEFNQXlaLV82bXFmS0RFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFFfIAMEBVLC4AMEA1fuYAMEBVm8
oDANBAIAAjAHAwUAKgOGQDANBgkqhkiG9w0BAQsFAAOCAQEATisXdCkJULT00ORB
BuiOop4BkrX8QPdmt2pqxSXVMPsfxV+Flete+2yPrSej0eJ7sOg9HgqbDfX0P9KM
MD4l/LueYOg0SjImmR2r/nwXJ4QjxkP0SeXjPb6Cemr0guTHe406tTxLOtxFLt95
E26jCbSWQOpKqEspn/cS7cqyAln/wpHu/94dlPol3L7Sw4xqksfI1u7LIm+HvUat
tA0mx5+v3BHbhi9UudWPAKi8yFS3YEa93TbjRAp6ufzYTJdUmTDERM3Uo5S/4mxD
g902XDAVcZ4iSh3jjPYnUdebdblSav+Ewz/bUMskURrcdS0EODla4DJ/JbCxuz06
BwxZng==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:25 2025 by rpki-client