Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/M82905-VDXeGNmpEOmdxGaB7IjI.roa
File: M82905-VDXeGNmpEOmdxGaB7IjI.roa (raw, json)
Hash identifier: 9UNVsUe9kMuUxGd7jBofj+W4gcbn2i0N8xLi1AOO8ac=
Subject key identifier: 33:CD:BD:D3:9F:95:0D:77:86:36:6A:44:3A:67:71:19:A0:7B:22:32
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 0183C5DFB8D082205296598D8D66FE690549
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/M82905-VDXeGNmpEOmdxGaB7IjI.roa
Signing time: Tue 11 Oct 2022 07:08:36 +0000
ROA not before: Tue 11 Oct 2022 07:08:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16085
IP address blocks: 146.109.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c5:df:b8:d0:82:20:52:96:59:8d:8d:66:fe:69:05:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Oct 11 07:08:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33cdbdd39f950d7786366a443a677119a07b2232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4a:d0:db:f0:20:88:e4:97:4e:fd:84:d0:5b:
27:16:ce:9c:a6:ed:d5:46:94:b1:03:ef:b0:e6:dc:
5d:a2:cc:1e:f7:ea:0e:b6:3a:f3:0b:16:e1:e3:99:
97:e2:12:ca:02:e2:37:89:e7:34:60:5b:1c:9b:98:
1f:df:63:fa:87:b9:3e:f3:03:91:1e:bb:30:fb:26:
65:13:c5:cb:bb:56:a2:f5:97:2b:42:0a:d3:11:69:
81:6d:73:8d:b3:8b:15:9a:0e:ad:f3:ba:1d:a8:ae:
79:ab:9c:fd:f4:bc:14:bb:94:2c:07:a7:f1:11:a0:
23:e0:2e:2d:ea:f2:a8:b7:7b:a4:f1:9b:3c:9f:15:
fc:82:ce:ea:ac:bd:e0:f9:62:6f:0c:94:7c:91:3e:
95:fd:83:d6:9c:e1:5d:72:e0:cc:8f:10:a4:26:09:
8d:05:82:c6:74:4d:1e:d0:f6:3c:26:42:0a:d3:96:
bc:f4:4b:48:1d:58:c7:b4:06:38:e8:10:1f:57:31:
90:34:09:3e:f4:7f:66:1f:34:4f:c2:ff:c0:a2:3a:
16:15:b3:42:71:c8:d6:47:0d:87:ff:bc:bf:ad:ea:
c7:a5:33:3e:8f:a5:93:cf:51:5e:2a:50:7e:2f:1a:
49:be:31:9d:42:09:e7:8e:59:2d:ce:a9:f7:1e:a5:
64:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CD:BD:D3:9F:95:0D:77:86:36:6A:44:3A:67:71:19:A0:7B:22:32
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/M82905-VDXeGNmpEOmdxGaB7IjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.8.0/21
Signature Algorithm: sha256WithRSAEncryption
32:e9:23:26:96:63:40:d2:58:0f:93:5c:a4:d3:59:22:46:e8:
63:63:44:1c:3c:57:a5:02:95:01:98:85:0c:d9:da:96:8b:35:
06:b8:5c:f5:a6:29:d9:1d:0c:54:98:79:06:c5:c1:db:39:fc:
f2:a1:b0:7f:a2:14:d2:d9:df:7a:77:2c:74:72:af:4b:d3:b3:
d2:99:5a:8d:7f:84:98:5f:cc:e2:c9:50:3a:ce:9e:6b:e7:26:
a5:a0:fa:df:c0:3a:88:33:2c:47:04:be:76:a7:86:a6:57:af:
5d:b9:cd:df:ab:b1:ae:3d:cc:df:ed:37:82:39:6a:8e:a2:b8:
c1:d0:49:3d:05:7a:61:fb:89:c2:f0:6b:ed:9d:13:1d:cf:65:
9b:ed:85:a8:37:8a:58:97:00:7e:74:2c:d0:29:7b:d9:a5:ef:
30:45:39:2d:a3:21:a3:0e:a9:85:8c:e3:2d:83:bd:3d:c8:90:
54:cb:d4:33:f6:e7:76:c7:98:f0:ea:ed:8a:99:33:1f:a2:fa:
6d:9a:05:91:f6:b4:63:66:80:65:8f:3b:b6:42:97:56:61:b1:
56:90:ee:b9:10:54:3e:5e:08:8f:d5:29:58:cb:ab:ce:68:d9:
34:20:ac:b0:ef:a8:5f:68:7e:7f:3d:22:47:13:ff:cd:e2:d4:
9b:42:6a:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPF37jQgiBSllmNjWb+aQVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjQyNzc2YmU1MzJiZDA1NzUzMzI4NTVkOGM0MmM0OTUy
ZWQ5MzEwHhcNMjIxMDExMDcwODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2NkYmRkMzlmOTUwZDc3ODYzNjZhNDQzYTY3NzExOWEwN2IyMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0rQ2/AgiOSXTv2E0FsnFs6cpu3V
RpSxA++w5txdoswe9+oOtjrzCxbh45mX4hLKAuI3iec0YFscm5gf32P6h7k+8wOR
Hrsw+yZlE8XLu1ai9ZcrQgrTEWmBbXONs4sVmg6t87odqK55q5z99LwUu5QsB6fx
EaAj4C4t6vKot3uk8Zs8nxX8gs7qrL3g+WJvDJR8kT6V/YPWnOFdcuDMjxCkJgmN
BYLGdE0e0PY8JkIK05a89EtIHVjHtAY46BAfVzGQNAk+9H9mHzRPwv/AojoWFbNC
ccjWRw2H/7y/rerHpTM+j6WTz1FeKlB+LxpJvjGdQgnnjlktzqn3HqVk/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPNvdOflQ13hjZqRDpncRmgeyIyMB8GA1UdIwQY
MBaAFOz0J3a+UyvQV1MyhV2MQsSVLtkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgt
NWU1M2MyM2I1NWIwLzEvTTgyOTA1LVZEWGVHTm1wRU9tZHhHYUI3SWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgtNWU1M2MyM2I1NWIw
LzEvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkm0IMA0G
CSqGSIb3DQEBCwUAA4IBAQAy6SMmlmNA0lgPk1yk01kiRuhjY0QcPFelApUBmIUM
2dqWizUGuFz1pinZHQxUmHkGxcHbOfzyobB/ohTS2d96dyx0cq9L07PSmVqNf4SY
X8ziyVA6zp5r5yaloPrfwDqIMyxHBL52p4amV69duc3fq7GuPczf7TeCOWqOorjB
0Ek9BXph+4nC8GvtnRMdz2Wb7YWoN4pYlwB+dCzQKXvZpe8wRTktoyGjDqmFjOMt
g709yJBUy9Qz9ud2x5jw6u2KmTMfovptmgWR9rRjZoBljzu2QpdWYbFWkO65EFQ+
XgiP1SlYy6vOaNk0IKyw76hfaH5/PSJHE//N4tSbQmo3
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:57:44 2025 by rpki-client