Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-QPCdwzrT1Jilpn-hYr0NnmqxBI.roa
File: 1-QPCdwzrT1Jilpn-hYr0NnmqxBI.roa (raw, json)
Hash identifier: ysXO3cwPYF4RaQnbMwZBmhz4XdCp4tbEDH4M3VGXYr8=
Subject key identifier: F9:03:C2:77:0C:EB:4F:52:62:96:99:FE:85:8A:F4:36:79:AA:C4:12
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C7C677D9A87B7A4821531BE1B79B54A4E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-QPCdwzrT1Jilpn-hYr0NnmqxBI.roa
Signing time: Mon 18 Dec 2023 10:10:06 +0000
ROA not before: Mon 18 Dec 2023 10:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
81.168.116.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.180.0/22 maxlen: 24
89.213.182.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:67:7d:9a:87:b7:a4:82:15:31:be:1b:79:b5:4a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 18 10:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f903c2770ceb4f52629699fe858af43679aac412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4c:3a:4c:8b:da:cf:56:f2:18:0e:d2:61:76:
2b:24:01:ad:48:01:7f:54:d4:bf:c2:c5:a8:56:a4:
40:5e:4e:c5:a8:b0:28:b6:e5:8d:cf:07:8c:e4:14:
1c:2f:d9:45:68:81:38:dc:a7:e6:c9:0c:94:cc:85:
4c:ca:2c:0b:95:4c:4d:f4:e1:c6:a7:d4:87:1b:ca:
4b:91:14:c6:df:97:97:45:8c:13:2d:cb:29:9c:80:
c0:15:4e:f6:8d:8e:48:76:54:33:a7:62:a1:0b:cc:
8a:f7:18:1c:a9:ef:a2:7b:89:fc:79:6d:01:9b:0b:
7d:bb:85:55:93:26:1d:e2:6f:91:66:25:61:aa:7a:
f4:66:28:5f:df:46:7e:ba:0c:48:04:69:c2:05:f2:
61:e4:55:df:ad:fe:6e:9a:f8:5e:fe:22:c3:da:e1:
95:2b:94:39:53:60:d4:98:d9:47:df:c5:51:0a:34:
8f:59:34:01:37:84:37:4c:46:0d:c7:85:01:b6:94:
6b:2b:2a:b2:01:b6:01:d9:40:78:67:3e:9b:90:6a:
35:c1:1e:64:f3:4f:34:97:c2:1e:f2:14:e5:11:5e:
39:ee:3d:4d:b9:2a:13:99:9b:5b:0a:4c:24:a5:5e:
ba:88:b8:be:1e:43:30:8c:88:10:da:07:33:3b:c3:
ca:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:03:C2:77:0C:EB:4F:52:62:96:99:FE:85:8A:F4:36:79:AA:C4:12
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-QPCdwzrT1Jilpn-hYr0NnmqxBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.116.0/24
81.168.119.0/24
81.168.126.0/24
82.153.136.0/22
82.153.246.0/24
89.213.148.0-89.213.159.255
89.213.172.0-89.213.176.255
89.213.180.0/22
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:85:f6:07:10:17:4e:c3:9e:39:49:aa:2a:a5:e3:6f:5d:a8:
8f:14:a0:1a:39:d4:f4:08:8e:97:5b:7f:24:75:88:1e:65:77:
f4:6f:3e:1f:83:20:6d:36:fd:85:0c:80:3e:4b:c8:60:68:e7:
1c:38:4c:6d:af:b8:09:8d:63:82:b8:88:e6:93:2d:8b:d9:57:
70:da:31:83:a6:1d:5d:2c:47:08:84:6d:b2:0f:9c:53:cc:b4:
a7:ac:4b:2c:d1:e3:9b:45:1d:81:d1:e5:ef:53:45:aa:4d:63:
63:e8:9b:e4:a2:7f:25:d1:03:9c:df:cc:a9:99:3e:e8:68:06:
fe:28:48:79:1d:3c:38:2b:2a:5f:5c:b9:b2:e4:d1:22:48:6e:
11:c8:dd:59:0d:78:9f:1d:c2:34:8f:0c:b3:29:4f:6c:29:ef:
b6:e0:49:97:b2:a7:a5:e7:74:93:ed:54:f6:be:82:66:06:42:
f2:43:18:b8:7c:c3:14:b3:8f:78:0a:36:0c:a7:45:ae:eb:2e:
04:97:51:c6:21:0f:df:63:2f:66:b9:27:75:b6:8e:d2:a1:d3:
5c:93:06:e3:e1:20:8f:81:fd:e9:b1:1b:26:52:68:be:8f:5a:
b2:d7:a9:f3:c1:01:81:7a:64:00:bb:b6:23:de:e1:e8:c6:18:
ef:02:2b:2a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYx8Z32ah7ekghUxvht5tUpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE4MTAxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTAzYzI3NzBjZWI0ZjUyNjI5Njk5ZmU4NThhZjQzNjc5YWFjNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUw6TIvaz1byGA7SYXYrJAGtSAF/
VNS/wsWoVqRAXk7FqLAotuWNzweM5BQcL9lFaIE43KfmyQyUzIVMyiwLlUxN9OHG
p9SHG8pLkRTG35eXRYwTLcspnIDAFU72jY5IdlQzp2KhC8yK9xgcqe+ie4n8eW0B
mwt9u4VVkyYd4m+RZiVhqnr0Zihf30Z+ugxIBGnCBfJh5FXfrf5umvhe/iLD2uGV
K5Q5U2DUmNlH38VRCjSPWTQBN4Q3TEYNx4UBtpRrKyqyAbYB2UB4Zz6bkGo1wR5k
8080l8Ie8hTlEV457j1NuSoTmZtbCkwkpV66iLi+HkMwjIgQ2gczO8PKnwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFPkDwncM609SYpaZ/oWK9DZ5qsQSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1RUENkd3pyVDFKaWxwbi1oWXIwTm5tcXhCSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBlBggrBgEFBQcBBwEB/wRWMFQwUgQCAAEwTAMEAFGodAME
AFGodwMEAFGofgMEAlKZiAMEAFKZ9jAMAwQCWdWUAwQFWdWAMAwDBAJZ1awDBABZ
1bADBAJZ1bQDBAG5MX4DBADVmCowDQYJKoZIhvcNAQELBQADggEBAHuF9gcQF07D
njlJqiql429dqI8UoBo51PQIjpdbfyR1iB5ld/RvPh+DIG02/YUMgD5LyGBo5xw4
TG2vuAmNY4K4iOaTLYvZV3DaMYOmHV0sRwiEbbIPnFPMtKesSyzR45tFHYHR5e9T
RapNY2Pom+SifyXRA5zfzKmZPuhoBv4oSHkdPDgrKl9cubLk0SJIbhHI3VkNeJ8d
wjSPDLMpT2wp77bgSZeyp6XndJPtVPa+gmYGQvJDGLh8wxSzj3gKNgynRa7rLgSX
UcYhD99jL2a5J3W2jtKh01yTBuPhII+B/emxGyZSaL6PWrLXqfPBAYF6ZAC7tiPe
4ejGGO8CKyo=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:36:53 2025 by rpki-client