Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-HyhxU_y5o6gGZQHrid3WJLjnSw.roa
File: 1-HyhxU_y5o6gGZQHrid3WJLjnSw.roa (raw, json)
Hash identifier: /pBDjZ2YwjQwa9+gFeIJGEK+gecNwGLoXBkS2dbSWsM=
Subject key identifier: F8:7C:A1:C5:4F:F2:E6:8E:A0:19:94:07:AE:27:77:58:92:E3:9D:2C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C342DBBDC30A6EE966D908DE8B509B965
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-HyhxU_y5o6gGZQHrid3WJLjnSw.roa
Signing time: Mon 04 Dec 2023 09:34:21 +0000
ROA not before: Mon 04 Dec 2023 09:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.213.180.0/22 maxlen: 24
89.213.182.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:2d:bb:dc:30:a6:ee:96:6d:90:8d:e8:b5:09:b9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 4 09:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f87ca1c54ff2e68ea0199407ae27775892e39d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:88:ac:a1:e1:dd:bd:81:67:33:b2:bd:98:4e:
83:f0:ca:d1:56:93:2e:60:89:13:77:a8:95:d9:90:
73:ae:f8:5c:02:91:42:f0:4b:67:1d:d2:0a:67:22:
02:47:a5:5a:c2:ff:05:2c:6b:db:d2:fb:a2:f0:57:
76:9f:43:75:93:4e:a1:27:d4:74:ab:37:c9:53:5d:
de:b9:f6:20:53:c0:7a:5e:a0:2c:e6:1c:3d:cd:e6:
f8:c1:89:0e:9c:37:18:dd:65:dd:12:bb:82:20:d9:
e2:03:fb:40:4f:59:b9:28:83:e1:30:1f:dd:12:87:
ee:ff:3e:d1:7a:e5:a6:62:24:1d:1f:ca:40:32:ca:
aa:5a:9c:d3:38:fa:a7:bd:18:b6:a6:69:58:7c:39:
43:3f:07:45:82:6b:e1:58:a4:45:ed:ec:3d:55:f6:
b0:51:a2:e4:d6:9d:18:dc:84:19:ac:e5:a2:f9:1e:
07:4f:bb:31:4b:9e:aa:6c:2a:0a:d6:8f:8e:0e:3b:
b7:8b:6e:7d:64:a3:42:67:77:18:c6:95:9a:f3:97:
1a:15:ac:9d:32:f3:31:88:ae:9c:42:cd:1e:f6:df:
df:d0:6a:af:cd:bf:0f:a0:45:1e:bc:5c:20:a8:01:
b5:57:e6:d1:24:e9:e1:60:32:57:53:a5:ab:0f:cc:
cb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7C:A1:C5:4F:F2:E6:8E:A0:19:94:07:AE:27:77:58:92:E3:9D:2C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-HyhxU_y5o6gGZQHrid3WJLjnSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/22
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
58:4d:07:2c:9a:50:b7:23:94:9f:88:da:de:3d:cf:53:80:14:
28:70:ba:a2:6d:39:70:e0:62:c9:8e:4c:60:61:9d:e1:42:bf:
21:ed:ad:47:6d:6d:0f:c4:b9:fa:37:f4:d2:b3:de:da:f1:c1:
8d:52:46:25:0d:cf:d5:b7:41:38:93:7f:97:15:7b:cc:a1:bb:
84:e0:a8:64:a9:94:fa:bc:8f:61:88:00:dc:67:47:9e:14:3e:
f1:c0:f0:23:71:66:dd:1c:3b:ae:18:99:79:cb:41:5d:47:1c:
34:f0:ae:68:31:9f:6e:d9:fa:30:f6:36:5f:51:e9:39:0b:3b:
f1:75:bd:62:06:d3:b3:ee:54:2d:a7:2f:0d:76:e1:b0:54:ca:
97:2a:8d:15:b1:ef:d1:a4:d1:9f:e8:fb:96:3a:33:e3:dd:4b:
4e:bb:3e:cd:ae:37:0c:bf:5f:d6:15:09:ac:7f:01:fe:c0:0e:
d8:a3:cc:a4:b5:c5:af:0a:b4:e8:c1:b8:d9:c5:eb:29:b3:dd:
81:e7:5f:3e:54:76:c3:f7:55:fc:66:15:d7:87:fb:da:dc:42:
bb:ee:0a:c7:f0:14:41:87:36:60:af:0c:8a:2c:43:33:41:01:
41:9d:ca:94:a0:6c:35:99:be:94:8a:ec:b3:90:80:fe:70:c9:
8b:26:d3:fc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYw0LbvcMKbulm2Qjei1CbllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjA0MDkzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODdjYTFjNTRmZjJlNjhlYTAxOTk0MDdhZTI3Nzc1ODkyZTM5ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IisoeHdvYFnM7K9mE6D8MrRVpMu
YIkTd6iV2ZBzrvhcApFC8EtnHdIKZyICR6Vawv8FLGvb0vui8Fd2n0N1k06hJ9R0
qzfJU13eufYgU8B6XqAs5hw9zeb4wYkOnDcY3WXdEruCINniA/tAT1m5KIPhMB/d
Eofu/z7ReuWmYiQdH8pAMsqqWpzTOPqnvRi2pmlYfDlDPwdFgmvhWKRF7ew9Vfaw
UaLk1p0Y3IQZrOWi+R4HT7sxS56qbCoK1o+ODju3i259ZKNCZ3cYxpWa85caFayd
MvMxiK6cQs0e9t/f0Gqvzb8PoEUevFwgqAG1V+bRJOnhYDJXU6WrD8zLkQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPh8ocVP8uaOoBmUB64nd1iS450sMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1IeWh4VV95NW82Z0daUUhyaWQzV0pMam5Tdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAFGodwME
AlKZiDAMAwQCWdWUAwQFWdWAAwQCWdWsAwQCWdW0AwQBuTF+AwQA1ZgqMA0GCSqG
SIb3DQEBCwUAA4IBAQBYTQcsmlC3I5SfiNrePc9TgBQocLqibTlw4GLJjkxgYZ3h
Qr8h7a1HbW0PxLn6N/TSs97a8cGNUkYlDc/Vt0E4k3+XFXvMobuE4KhkqZT6vI9h
iADcZ0eeFD7xwPAjcWbdHDuuGJl5y0FdRxw08K5oMZ9u2fow9jZfUek5Czvxdb1i
BtOz7lQtpy8NduGwVMqXKo0Vse/RpNGf6PuWOjPj3UtOuz7NrjcMv1/WFQmsfwH+
wA7Yo8yktcWvCrTowbjZxesps92B518+VHbD91X8ZhXXh/va3EK77grH8BRBhzZg
rwyKLEMzQQFBncqUoGw1mb6UiuyzkID+cMmLJtP8
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:22:16 2025 by rpki-client