Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/Or0epPsQihhxWMfcQle1nTqwXd8.roa
File: Or0epPsQihhxWMfcQle1nTqwXd8.roa (raw, json)
Hash identifier: wsZRFEMyCv4GSkLyd1Ryszz3RLQOMgc9qy+wkGWJFDg=
Subject key identifier: 3A:BD:1E:A4:FB:10:8A:18:71:58:C7:DC:42:57:B5:9D:3A:B0:5D:DF
Certificate issuer: /CN=46d9a0a4b57a0eec7c4e52a119db4b1c656f4db4
Certificate serial: 0D22E213
Authority key identifier: 46:D9:A0:A4:B5:7A:0E:EC:7C:4E:52:A1:19:DB:4B:1C:65:6F:4D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/Or0epPsQihhxWMfcQle1nTqwXd8.roa
Signing time: Sat 01 Jan 2022 00:50:13 +0000
ROA not before: Sat 01 Jan 2022 00:50:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48702
IP address blocks: 83.137.243.0/24 maxlen: 24
83.137.242.0/24 maxlen: 24
83.137.244.0/24 maxlen: 24
83.137.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220389907 (0xd22e213)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d9a0a4b57a0eec7c4e52a119db4b1c656f4db4
Validity
Not Before: Jan 1 00:50:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3abd1ea4fb108a187158c7dc4257b59d3ab05ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c7:a7:e0:ed:54:1a:6e:4a:fe:7c:5f:34:bc:
31:90:3d:f3:6b:5e:0d:ea:bd:52:26:35:c8:9a:61:
e1:15:90:a9:d0:9a:3f:6a:da:3e:b1:75:6e:e4:cf:
34:23:97:f6:bd:51:cb:88:c8:fd:dd:5c:81:05:b8:
05:0d:9b:08:e1:1f:0b:63:4c:7d:b0:25:e4:73:89:
7a:98:ba:f8:63:80:60:ca:db:46:93:e4:bc:0f:ad:
ac:38:58:99:c6:cf:27:b5:c9:96:4f:a9:2c:ef:d3:
27:a3:f7:3c:62:e8:fb:b9:d5:96:32:a2:bc:b2:52:
ea:aa:44:45:0a:19:ce:55:ac:1f:dc:d9:8d:cb:0c:
36:92:7a:67:d8:d9:4b:e7:d5:1c:29:4b:15:b7:d1:
6f:81:6d:a2:1c:a0:60:a2:d6:d0:ce:48:49:1c:df:
fb:e3:a6:de:b6:93:77:6a:d1:0f:98:52:51:38:03:
cf:62:ad:40:0c:41:1c:95:db:57:b5:7a:4a:4c:b7:
f9:63:9c:ab:52:bd:06:81:b8:53:33:fc:2c:7a:5f:
4c:81:39:09:67:76:53:17:b3:ee:23:6e:0e:37:44:
26:ea:3f:2e:fa:f4:a6:ea:d7:92:53:23:1f:50:55:
55:be:b9:44:e4:ed:c4:57:83:fc:be:17:fe:a7:0c:
5e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BD:1E:A4:FB:10:8A:18:71:58:C7:DC:42:57:B5:9D:3A:B0:5D:DF
X509v3 Authority Key Identifier:
keyid:46:D9:A0:A4:B5:7A:0E:EC:7C:4E:52:A1:19:DB:4B:1C:65:6F:4D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/Or0epPsQihhxWMfcQle1nTqwXd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.242.0-83.137.244.255
83.137.247.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:3f:16:bb:8e:d2:ad:35:f0:73:bc:72:47:65:3a:87:a8:7b:
e6:20:85:4a:ff:a6:f4:7d:39:c8:9c:c0:4e:85:65:0d:f5:e9:
ea:2d:e7:41:07:32:3d:ac:9b:16:5c:7d:10:9a:59:c8:a6:38:
47:af:47:fe:be:6b:cb:f7:5c:28:f2:4a:52:e3:73:a5:7f:25:
e3:70:38:b7:4e:d6:1f:14:e1:0a:ed:39:e2:65:3d:4f:86:9c:
d7:72:cf:3a:2b:06:66:89:29:f7:97:2f:26:f0:09:6f:70:8d:
9a:a9:42:4b:8e:28:ca:7f:ec:97:05:9f:15:95:87:82:60:8e:
1d:7c:ba:89:43:f4:9d:1e:76:5e:30:be:c2:79:9a:36:67:20:
80:77:7d:b9:4a:ea:a3:50:3a:da:43:80:0b:99:dc:3c:6d:2d:
be:c6:c0:68:de:6c:2b:0c:30:a4:3d:8c:f9:27:18:0e:af:36:
39:52:14:73:74:64:50:5a:58:df:6c:85:ba:01:df:21:a7:6f:
25:81:20:00:64:73:d0:15:8f:37:9f:be:fa:9b:f1:4f:1d:04:
5c:c0:b1:60:94:db:c8:24:e6:a5:82:43:e0:27:96:23:36:45:
1b:d1:07:a0:cf:97:cc:17:ee:c6:0c:28:b7:36:52:cf:c0:2c:
55:11:21:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEDSLiEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmQ5YTBhNGI1N2EwZWVjN2M0ZTUyYTExOWRiNGIxYzY1NmY0ZGI0MB4XDTIyMDEw
MTAwNTAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FiZDFlYTRmYjEw
OGExODcxNThjN2RjNDI1N2I1OWQzYWIwNWRkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOrHp+DtVBpuSv58XzS8MZA982teDeq9UiY1yJph4RWQqdCa
P2raPrF1buTPNCOX9r1Ry4jI/d1cgQW4BQ2bCOEfC2NMfbAl5HOJepi6+GOAYMrb
RpPkvA+trDhYmcbPJ7XJlk+pLO/TJ6P3PGLo+7nVljKivLJS6qpERQoZzlWsH9zZ
jcsMNpJ6Z9jZS+fVHClLFbfRb4FtohygYKLW0M5ISRzf++Om3raTd2rRD5hSUTgD
z2KtQAxBHJXbV7V6Sky3+WOcq1K9BoG4UzP8LHpfTIE5CWd2Uxez7iNuDjdEJuo/
Lvr0purXklMjH1BVVb65ROTtxFeD/L4X/qcMXpkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQ6vR6k+xCKGHFYx9xCV7WdOrBd3zAfBgNVHSMEGDAWgBRG2aCktXoO7HxO
UqEZ20scZW9NtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1J0bWdwTFY2RHV4OFRsS2hHZHRMSEdWdlRiUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvNjczYjFkLTZkMTQtNGRmNS05OWFkLTJlZTJiNzI5NWRmZi8x
L09yMGVwUHNRaWhoeFdNZmNRbGUxblRxd1hkOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
NjczYjFkLTZkMTQtNGRmNS05OWFkLTJlZTJiNzI5NWRmZi8xL1J0bWdwTFY2RHV4
OFRsS2hHZHRMSEdWdlRiUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQBU4nyAwQAU4n0AwQAU4n3MA0G
CSqGSIb3DQEBCwUAA4IBAQAOPxa7jtKtNfBzvHJHZTqHqHvmIIVK/6b0fTnInMBO
hWUN9enqLedBBzI9rJsWXH0QmlnIpjhHr0f+vmvL91wo8kpS43OlfyXjcDi3TtYf
FOEK7TniZT1PhpzXcs86KwZmiSn3ly8m8AlvcI2aqUJLjijKf+yXBZ8VlYeCYI4d
fLqJQ/SdHnZeML7CeZo2ZyCAd325SuqjUDraQ4ALmdw8bS2+xsBo3mwrDDCkPYz5
JxgOrzY5UhRzdGRQWljfbIW6Ad8hp28lgSAAZHPQFY83n776m/FPHQRcwLFglNvI
JOalgkPgJ5YjNkUb0Qegz5fMF+7GDCi3NlLPwCxVESHR
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:04:41 2025 by rpki-client