Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0pK1dMnq2Ou6M-n3yjgf6964epg.roa
File: 0pK1dMnq2Ou6M-n3yjgf6964epg.roa (raw, json)
Hash identifier: y3dYfBtnTDhOV5M5ZKpdMbWDMjxtAJXigXSKdx0kBuQ=
Subject key identifier: D2:92:B5:74:C9:EA:D8:EB:BA:33:E9:F7:CA:38:1F:EB:DE:B8:7A:98
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0186C0A36B94AA7E2709857092824C583102
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0pK1dMnq2Ou6M-n3yjgf6964epg.roa
Signing time: Wed 08 Mar 2023 09:53:00 +0000
ROA not before: Wed 08 Mar 2023 09:53:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46844
IP address blocks: 82.152.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:a3:6b:94:aa:7e:27:09:85:70:92:82:4c:58:31:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 8 09:53:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d292b574c9ead8ebba33e9f7ca381febdeb87a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d0:0c:cb:c3:b1:30:77:d6:bb:fc:6d:02:2c:
00:3f:28:ee:12:a6:c1:04:0e:2e:16:a8:ce:bb:59:
38:e0:ca:58:21:11:4c:c9:ec:e5:21:a0:5f:47:c0:
4c:e0:ea:3b:ff:12:3a:da:10:0a:9d:e9:a1:e0:fa:
6a:96:d8:5e:e3:06:9d:86:0d:80:b1:ee:26:1b:9c:
ae:49:fc:79:1a:63:37:26:16:8e:f9:ef:6f:2f:f5:
ef:db:c0:e1:1b:82:12:62:f5:55:6f:87:a5:b0:ef:
0b:07:1f:51:f3:9e:1c:06:8a:83:58:ba:96:5c:e8:
32:82:58:93:29:6f:43:e6:16:5e:fa:60:78:ae:bb:
2b:ff:a4:68:70:87:3d:ef:0f:51:75:84:ad:f9:06:
dd:c3:b4:b7:18:c1:82:e8:7f:80:d2:99:f0:1a:d0:
2a:9b:ca:4d:7c:7c:ee:fa:f6:62:02:d8:a8:ab:18:
43:ae:4e:22:e3:c5:d9:83:94:b2:97:2f:e7:0b:d5:
6d:59:f6:ca:8c:ed:fa:f6:da:92:85:48:8d:26:67:
89:8d:26:b6:33:74:97:79:53:b0:5b:ff:c3:a0:6a:
a7:b8:6a:c9:f9:da:3e:2d:2c:3d:c7:89:66:d9:be:
79:e2:98:4d:c8:3d:1b:ab:cb:fd:2a:08:be:28:c3:
fb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:92:B5:74:C9:EA:D8:EB:BA:33:E9:F7:CA:38:1F:EB:DE:B8:7A:98
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0pK1dMnq2Ou6M-n3yjgf6964epg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.253.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f6:ae:e5:a2:0d:48:4a:41:7b:c9:5b:fa:2a:f7:43:08:c8:
5a:34:19:ff:26:29:8a:98:a4:ea:f8:4c:78:6b:7c:48:82:36:
a8:72:be:62:e3:72:3c:06:0b:5e:fc:bc:89:59:e9:6d:ff:ab:
ef:bb:43:35:2c:07:7c:a4:1e:d5:ec:36:77:be:8e:9f:e3:06:
aa:fb:74:58:62:0b:e6:05:5b:3b:c3:30:bf:87:ab:78:3c:40:
fd:10:64:b2:53:a2:f3:be:c8:07:51:93:18:d5:6b:a5:df:95:
4e:8e:bf:fe:fc:6e:6a:3e:50:3b:e3:c4:1d:96:2b:45:65:05:
4a:ec:80:d2:2f:86:2d:2f:85:21:db:f7:2a:6a:eb:fd:b1:d9:
d2:67:ce:09:cf:53:37:b3:ec:94:56:01:92:c1:ed:34:ce:d9:
d7:4b:ca:87:e5:0a:fa:50:80:92:45:8d:f4:80:72:78:cd:ee:
4c:b6:37:3c:e9:82:74:48:fa:29:f4:25:d4:3c:56:b0:8f:7e:
90:11:44:07:a1:47:37:fa:01:27:56:f0:52:13:52:33:2f:b0:
16:12:f6:f8:48:93:de:af:82:a6:f5:24:db:c3:39:b7:30:56:
a4:02:32:d4:74:eb:66:dc:d9:64:e8:25:ff:13:48:74:ec:55:
52:85:2b:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbAo2uUqn4nCYVwkoJMWDECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzA4MDk1MzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkyYjU3NGM5ZWFkOGViYmEzM2U5ZjdjYTM4MWZlYmRlYjg3YTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdAMy8OxMHfWu/xtAiwAPyjuEqbB
BA4uFqjOu1k44MpYIRFMyezlIaBfR8BM4Oo7/xI62hAKnemh4Ppqlthe4wadhg2A
se4mG5yuSfx5GmM3JhaO+e9vL/Xv28DhG4ISYvVVb4elsO8LBx9R854cBoqDWLqW
XOgygliTKW9D5hZe+mB4rrsr/6RocIc97w9RdYSt+Qbdw7S3GMGC6H+A0pnwGtAq
m8pNfHzu+vZiAtioqxhDrk4i48XZg5Syly/nC9VtWfbKjO369tqShUiNJmeJjSa2
M3SXeVOwW//DoGqnuGrJ+do+LSw9x4lm2b554phNyD0bq8v9Kgi+KMP7oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKStXTJ6tjrujPp98o4H+veuHqYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHBLMWRNbnEyT3U2TS1uM3lqZ2Y2OTY0ZXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpj9MA0G
CSqGSIb3DQEBCwUAA4IBAQBy9q7log1ISkF7yVv6KvdDCMhaNBn/JimKmKTq+Ex4
a3xIgjaocr5i43I8Bgte/LyJWelt/6vvu0M1LAd8pB7V7DZ3vo6f4waq+3RYYgvm
BVs7wzC/h6t4PED9EGSyU6LzvsgHUZMY1Wul35VOjr/+/G5qPlA748QdlitFZQVK
7IDSL4YtL4Uh2/cqauv9sdnSZ84Jz1M3s+yUVgGSwe00ztnXS8qH5Qr6UICSRY30
gHJ4ze5Mtjc86YJ0SPop9CXUPFawj36QEUQHoUc3+gEnVvBSE1IzL7AWEvb4SJPe
r4Km9STbwzm3MFakAjLUdOtm3Nlk6CX/E0h07FVShSvI
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:37 2025 by rpki-client