Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-bphjHjOdhzy7hYlIWvo7AzrMkw.roa
File: 1-bphjHjOdhzy7hYlIWvo7AzrMkw.roa (raw, json)
Hash identifier: SBAZyxonu5JNoFJPP0VcrSks6mDpb2yISjSumjutn3g=
Subject key identifier: F9:BA:61:8C:78:CE:76:1C:F2:EE:16:25:21:6B:E8:EC:0C:EB:32:4C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01884282720A13EF424EA62352E8AF89DFDB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-bphjHjOdhzy7hYlIWvo7AzrMkw.roa
Signing time: Mon 22 May 2023 08:10:25 +0000
ROA not before: Mon 22 May 2023 08:10:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 82.153.245.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
82.153.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:82:72:0a:13:ef:42:4e:a6:23:52:e8:af:89:df:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 22 08:10:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9ba618c78ce761cf2ee1625216be8ec0ceb324c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:28:dc:eb:ba:cf:6a:d6:55:08:98:e2:b5:f9:
86:86:e0:ad:16:dd:63:48:4f:a6:a9:13:47:72:1c:
a3:f6:2d:ca:6a:aa:10:15:ad:90:dc:6d:82:e4:fb:
eb:5a:0e:94:15:15:6f:12:ef:21:77:88:45:cb:8e:
5e:20:43:91:46:4a:8b:71:7a:2f:5f:93:d9:36:c1:
33:ab:e9:4e:3c:00:8c:fb:70:dd:ee:50:57:06:dd:
f5:4b:e2:3a:ea:57:a3:20:e6:84:1f:50:2b:8d:8a:
cb:62:ce:86:b1:75:57:de:af:48:ca:fe:af:aa:e2:
9a:f4:e0:ac:2f:70:0d:47:e8:91:2a:82:ec:f9:f1:
d3:e2:1c:1a:80:7b:4c:a5:95:65:7b:6e:5f:b8:8b:
41:86:a4:f9:98:01:cc:c3:bb:c6:39:54:50:4f:27:
89:36:c5:b5:4f:6b:f7:5a:34:fb:9c:33:66:3c:f3:
f7:6c:da:86:38:77:97:12:a2:56:ea:e9:ca:a7:2e:
e7:55:a1:ec:af:67:19:a1:60:f7:71:c8:86:0b:b5:
b3:4b:80:d7:52:01:ee:12:5f:c4:d2:e5:71:aa:fd:
16:01:a4:c3:1f:dd:0f:06:07:78:48:c3:eb:8a:d6:
9c:4f:85:dc:b3:ab:bc:e0:8f:54:03:4a:8e:e6:bb:
17:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BA:61:8C:78:CE:76:1C:F2:EE:16:25:21:6B:E8:EC:0C:EB:32:4C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-bphjHjOdhzy7hYlIWvo7AzrMkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.123.0/24
82.153.10.0/24
82.153.245.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:b0:58:1b:ae:65:a4:5f:dd:2d:15:b1:7b:e8:c2:7a:e9:8d:
1c:70:2f:6f:19:b2:08:f7:6e:71:0b:dd:44:e3:f9:d6:66:dd:
8b:c5:39:77:52:76:d6:f6:b2:45:66:f4:d1:b8:09:3f:9f:e8:
10:7c:09:e7:38:19:e2:fd:ec:1d:f0:65:92:eb:a0:bd:e8:c9:
3f:cd:db:71:5d:5a:87:a1:e0:0a:2d:e2:cf:90:85:f3:63:d3:
0c:56:0b:6a:03:59:67:df:05:24:7e:88:dd:44:20:a0:74:4a:
2b:48:85:b2:cd:26:e1:11:81:ba:e3:9a:45:ef:44:73:55:d6:
76:21:6b:fa:03:47:d4:a2:57:61:b9:04:d7:8a:c4:5d:75:d8:
12:1a:a9:45:ec:ab:a0:2d:95:7b:5f:33:e0:55:e5:ef:0b:47:
47:2e:24:03:dd:66:ba:87:c3:ea:dd:20:45:02:2b:97:ae:9e:
ee:8e:6f:dd:8e:18:85:4a:8c:fb:7a:6c:d0:33:8c:4a:ce:ae:
cd:57:ad:41:a2:61:8d:66:e9:1a:0d:88:11:1f:d5:84:32:1a:
3e:09:99:48:2d:c1:0a:34:4c:59:69:6c:76:ea:7b:b7:27:b0:
19:62:de:12:33:a3:8b:bb:e6:57:71:3e:b3:ee:64:f2:0d:b7:
8b:cf:15:cc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYhCgnIKE+9CTqYjUuivid/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTIyMDgxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJhNjE4Yzc4Y2U3NjFjZjJlZTE2MjUyMTZiZThlYzBjZWIzMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyjc67rPatZVCJjitfmGhuCtFt1j
SE+mqRNHchyj9i3KaqoQFa2Q3G2C5PvrWg6UFRVvEu8hd4hFy45eIEORRkqLcXov
X5PZNsEzq+lOPACM+3Dd7lBXBt31S+I66lejIOaEH1ArjYrLYs6GsXVX3q9Iyv6v
quKa9OCsL3ANR+iRKoLs+fHT4hwagHtMpZVle25fuItBhqT5mAHMw7vGOVRQTyeJ
NsW1T2v3WjT7nDNmPPP3bNqGOHeXEqJW6unKpy7nVaHsr2cZoWD3cciGC7WzS4DX
UgHuEl/E0uVxqv0WAaTDH90PBgd4SMPritacT4Xcs6u84I9UA0qO5rsXIwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPm6YYx4znYc8u4WJSFr6OwM6zJMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1icGhqSGpPZGh6eTdoWWxJV3ZvN0F6ck1rdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFGoewME
AFKZCgMEAFKZ9TANBgkqhkiG9w0BAQsFAAOCAQEApLBYG65lpF/dLRWxe+jCeumN
HHAvbxmyCPducQvdROP51mbdi8U5d1J21vayRWb00bgJP5/oEHwJ5zgZ4v3sHfBl
kuugvejJP83bcV1ah6HgCi3iz5CF82PTDFYLagNZZ98FJH6I3UQgoHRKK0iFss0m
4RGBuuOaRe9Ec1XWdiFr+gNH1KJXYbkE14rEXXXYEhqpReyroC2Ve18z4FXl7wtH
Ry4kA91muofD6t0gRQIrl66e7o5v3Y4YhUqM+3ps0DOMSs6uzVetQaJhjWbpGg2I
ER/VhDIaPgmZSC3BCjRMWWlsdup7tyewGWLeEjOji7vmV3E+s+5k8g23i88VzA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:42 2025 by rpki-client