Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/dcad13-e9e8-4d4f-afc2-62bc8fc755dd/1/up2KWLOj1ZM7UibzadEzUPtIcsc.roa
File: up2KWLOj1ZM7UibzadEzUPtIcsc.roa (raw, json)
Hash identifier: JQKPt1trvIYdPUUvdKLGgwqkp4mHyx2lFIxKJ82zTdk=
Subject key identifier: BA:9D:8A:58:B3:A3:D5:93:3B:52:26:F3:69:D1:33:50:FB:48:72:C7
Certificate issuer: /CN=8a324e4ce76939b4db57d5d350c2ad007b5980e1
Certificate serial: 017FAC5C
Authority key identifier: 8A:32:4E:4C:E7:69:39:B4:DB:57:D5:D3:50:C2:AD:00:7B:59:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ijJOTOdpObTbV9XTUMKtAHtZgOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/dcad13-e9e8-4d4f-afc2-62bc8fc755dd/1/up2KWLOj1ZM7UibzadEzUPtIcsc.roa
Signing time: Sat 01 Jan 2022 02:58:25 +0000
ROA not before: Sat 01 Jan 2022 02:58:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29446
IP address blocks: 82.146.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25144412 (0x17fac5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a324e4ce76939b4db57d5d350c2ad007b5980e1
Validity
Not Before: Jan 1 02:58:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba9d8a58b3a3d5933b5226f369d13350fb4872c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:76:f8:43:c2:08:cb:96:07:97:0a:6e:c7:3b:
7f:5e:a5:10:d7:e1:2d:49:8a:b2:06:19:22:74:d7:
9c:f1:94:88:b4:01:57:7a:9a:56:c4:c7:45:cc:2d:
48:40:22:1e:74:80:87:19:8a:f0:37:e8:c2:71:71:
f8:1f:e4:69:52:0b:22:d3:65:2e:f7:95:d6:c8:9d:
a3:8e:2c:55:ae:2e:b3:c2:87:6c:9f:ad:b4:16:a0:
99:9d:b9:28:7a:4c:61:7b:2f:58:53:f4:28:09:d6:
2d:c2:0a:b5:e0:d3:55:18:d1:83:70:ed:25:94:aa:
df:30:5f:e7:e3:7d:a7:f6:7c:16:bb:f0:23:60:29:
7a:a9:db:30:7f:2e:76:6e:09:7b:4a:ad:64:5b:2b:
ac:c6:ce:df:58:4a:90:68:02:12:30:ae:8a:b3:2c:
42:ec:c7:86:8b:ff:b4:48:62:71:ff:7b:97:f1:09:
06:67:af:fc:a9:0e:3c:c7:d4:ad:ab:6c:d6:1d:00:
94:0f:26:20:8e:bd:cf:e5:30:69:46:75:f4:ef:49:
85:ba:36:d0:9d:c7:5d:5a:6c:d9:00:fc:91:e1:3a:
d7:03:10:36:52:e2:9f:e6:e0:36:dd:00:7e:14:8a:
03:23:6e:1d:bd:6d:7a:93:a3:f6:a9:fd:a9:39:0c:
48:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9D:8A:58:B3:A3:D5:93:3B:52:26:F3:69:D1:33:50:FB:48:72:C7
X509v3 Authority Key Identifier:
keyid:8A:32:4E:4C:E7:69:39:B4:DB:57:D5:D3:50:C2:AD:00:7B:59:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ijJOTOdpObTbV9XTUMKtAHtZgOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/dcad13-e9e8-4d4f-afc2-62bc8fc755dd/1/up2KWLOj1ZM7UibzadEzUPtIcsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/dcad13-e9e8-4d4f-afc2-62bc8fc755dd/1/ijJOTOdpObTbV9XTUMKtAHtZgOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.128.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:9c:8c:a0:9a:dd:0f:8b:59:04:d7:a5:4d:f5:e0:39:61:3c:
33:7e:ac:ff:4c:41:d6:aa:02:ed:1b:3a:cd:74:70:75:99:48:
0c:63:f5:27:88:3b:dc:e5:48:78:72:b0:e8:d6:7c:c7:7b:ae:
83:aa:13:31:c8:e5:30:54:c9:c8:59:50:d1:07:f4:55:81:dd:
9b:c3:d7:8c:88:65:7e:0e:09:9c:f2:9c:c2:d7:23:60:24:f9:
70:ba:ba:49:25:bc:11:d5:5f:2c:e5:31:cf:05:15:61:c3:78:
15:06:60:48:10:37:cd:72:78:0c:e6:69:79:3c:e6:19:27:59:
b9:57:94:83:e0:d9:d6:96:d6:f9:b8:dd:c8:f9:b0:de:b4:82:
1a:15:f8:20:a6:4a:dc:a2:0d:5d:df:b5:6d:9e:04:f1:f8:1f:
1a:0f:3b:f2:df:11:b0:85:6c:73:c8:aa:19:99:e2:0d:71:fe:
70:da:10:1b:6c:ff:60:ca:df:15:a4:ee:76:94:e1:b0:2c:4d:
7c:f2:32:13:23:74:a3:d3:92:70:58:bf:6b:06:ed:a6:f5:3e:
0b:98:ad:0c:f6:f1:b8:e1:ba:9b:48:42:b1:f2:ee:d6:32:fb:
2b:ea:ad:54:b4:7e:96:65:5a:3f:30:62:0c:da:6e:39:68:31:
fd:f8:71:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAX+sXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YTMyNGU0Y2U3NjkzOWI0ZGI1N2Q1ZDM1MGMyYWQwMDdiNTk4MGUxMB4XDTIyMDEw
MTAyNTgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE5ZDhhNThiM2Ez
ZDU5MzNiNTIyNmYzNjlkMTMzNTBmYjQ4NzJjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOR2+EPCCMuWB5cKbsc7f16lENfhLUmKsgYZInTXnPGUiLQB
V3qaVsTHRcwtSEAiHnSAhxmK8DfownFx+B/kaVILItNlLveV1sido44sVa4us8KH
bJ+ttBagmZ25KHpMYXsvWFP0KAnWLcIKteDTVRjRg3DtJZSq3zBf5+N9p/Z8Frvw
I2ApeqnbMH8udm4Je0qtZFsrrMbO31hKkGgCEjCuirMsQuzHhov/tEhicf97l/EJ
Bmev/KkOPMfUrats1h0AlA8mII69z+UwaUZ19O9Jhbo20J3HXVps2QD8keE61wMQ
NlLin+bgNt0AfhSKAyNuHb1tepOj9qn9qTkMSOECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS6nYpYs6PVkztSJvNp0TNQ+0hyxzAfBgNVHSMEGDAWgBSKMk5M52k5tNtX
1dNQwq0Ae1mA4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lqSk9UT2RwT2JUYlY5WFRVTUt0QUh0WmdPRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvZGNhZDEzLWU5ZTgtNGQ0Zi1hZmMyLTYyYmM4ZmM3NTVkZC8x
L3VwMktXTE9qMVpNN1VpYnphZEV6VVB0SWNzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
ZGNhZDEzLWU5ZTgtNGQ0Zi1hZmMyLTYyYmM4ZmM3NTVkZC8xL2lqSk9UT2RwT2JU
YlY5WFRVTUt0QUh0WmdPRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVKSgDANBgkqhkiG9w0BAQsFAAOC
AQEAPpyMoJrdD4tZBNelTfXgOWE8M36s/0xB1qoC7Rs6zXRwdZlIDGP1J4g73OVI
eHKw6NZ8x3uug6oTMcjlMFTJyFlQ0Qf0VYHdm8PXjIhlfg4JnPKcwtcjYCT5cLq6
SSW8EdVfLOUxzwUVYcN4FQZgSBA3zXJ4DOZpeTzmGSdZuVeUg+DZ1pbW+bjdyPmw
3rSCGhX4IKZK3KINXd+1bZ4E8fgfGg878t8RsIVsc8iqGZniDXH+cNoQG2z/YMrf
FaTudpThsCxNfPIyEyN0o9OScFi/awbtpvU+C5itDPbxuOG6m0hCsfLu1jL7K+qt
VLR+lmVaPzBiDNpuOWgx/fhxMA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:10 2025 by rpki-client