Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2nul8tG3N6Dq5Mvjj0Hw1kHicvM.roa
File: 2nul8tG3N6Dq5Mvjj0Hw1kHicvM.roa (raw, json)
Hash identifier: uXS7mPnavDUf7K0za3YVoso/nbqL1YMkqEunaMiv/NY=
Subject key identifier: DA:7B:A5:F2:D1:B7:37:A0:EA:E4:CB:E3:8F:41:F0:D6:41:E2:72:F3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BA39162EA2F62B851BB35FC581E1CAABC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2nul8tG3N6Dq5Mvjj0Hw1kHicvM.roa
Signing time: Mon 06 Nov 2023 07:38:16 +0000
ROA not before: Mon 06 Nov 2023 07:38:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 109.176.245.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:91:62:ea:2f:62:b8:51:bb:35:fc:58:1e:1c:aa:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 6 07:38:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da7ba5f2d1b737a0eae4cbe38f41f0d641e272f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ae:48:69:93:ec:e1:01:02:ab:fe:b7:21:08:
ec:68:76:7b:ef:f0:31:af:15:83:ed:e8:de:c0:ae:
de:70:21:6c:26:dd:51:76:ac:b8:d8:fb:fc:cd:55:
14:3e:88:5c:1c:99:62:9a:7b:c8:1f:5a:e0:a0:9c:
10:64:42:6d:72:52:fd:de:b1:af:65:89:6d:66:5e:
aa:51:e3:20:bc:9e:16:28:03:40:bf:41:39:85:90:
ec:83:f1:58:9d:e0:ce:f6:e0:d3:a6:d1:33:cb:4e:
07:a2:3d:56:50:3b:0d:f4:1b:eb:33:16:5e:2d:a5:
60:0e:53:73:74:b4:43:23:dc:4a:65:7f:7f:a8:b9:
fb:c0:1f:8e:91:90:86:7b:63:1b:00:ca:63:66:a6:
ca:b2:fd:11:62:d3:e9:af:00:ce:09:b8:f8:71:3a:
80:0c:33:3d:ad:52:1f:1d:8a:84:aa:4d:1b:a9:27:
b6:49:98:cc:ad:5f:d5:d5:b3:32:42:13:93:9f:c0:
fd:c1:69:8f:9c:a2:bf:1c:69:90:b4:51:21:a2:b6:
84:ad:b8:c5:b3:f3:a5:02:57:cc:d0:99:1f:d7:da:
a0:f1:df:a3:60:d3:98:75:28:7a:8f:ec:fc:eb:fc:
53:e5:35:c8:b4:44:0d:3e:cb:21:29:4b:36:17:04:
b8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7B:A5:F2:D1:B7:37:A0:EA:E4:CB:E3:8F:41:F0:D6:41:E2:72:F3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2nul8tG3N6Dq5Mvjj0Hw1kHicvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.220.0/24
89.213.157.0/24
109.176.245.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:8a:18:fe:e3:c2:4c:82:f7:00:39:b5:73:83:70:30:e4:d2:
3d:4d:81:03:94:62:c6:6b:52:21:53:46:6a:38:05:3d:de:a5:
a8:9c:bb:23:02:58:d9:b5:50:e8:8e:76:eb:5b:d7:c9:54:6a:
d0:86:0c:7d:62:e8:01:72:33:d6:97:31:b0:1c:c7:b8:fa:29:
35:9c:42:bc:71:be:2e:d5:c4:23:5e:73:cd:2b:32:c8:f5:18:
a4:4d:c7:a0:eb:d9:b5:08:3f:d4:e6:dc:6c:69:48:aa:b0:86:
71:91:c4:f5:39:b2:19:62:48:e4:32:96:52:af:8b:a6:7b:44:
c3:c0:20:1d:2f:96:9e:ff:0e:55:b3:ac:95:b4:df:be:cc:eb:
02:b4:de:55:4e:83:97:85:0b:53:81:c5:05:48:49:58:22:13:
dc:28:51:f0:1c:e1:5b:53:ef:4b:ad:65:11:8e:6a:88:8c:45:
d1:92:30:58:2a:3b:a1:45:7a:f4:3c:ad:a9:c1:2d:34:6c:f8:
ec:73:ef:0b:12:93:ee:f6:30:2c:4e:48:fd:28:19:bf:7d:de:
99:b4:ce:d0:ac:49:b7:2e:d9:59:d4:e9:bd:45:93:72:bf:1e:
9b:13:21:50:a5:a9:83:70:9a:25:01:a9:f2:a2:fc:c8:5a:4a:
62:17:36:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYujkWLqL2K4Ubs1/FgeHKq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA2MDczODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTdiYTVmMmQxYjczN2EwZWFlNGNiZTM4ZjQxZjBkNjQxZTI3MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK5IaZPs4QECq/63IQjsaHZ77/Ax
rxWD7ejewK7ecCFsJt1Rdqy42Pv8zVUUPohcHJlimnvIH1rgoJwQZEJtclL93rGv
ZYltZl6qUeMgvJ4WKANAv0E5hZDsg/FYneDO9uDTptEzy04Hoj1WUDsN9BvrMxZe
LaVgDlNzdLRDI9xKZX9/qLn7wB+OkZCGe2MbAMpjZqbKsv0RYtPprwDOCbj4cTqA
DDM9rVIfHYqEqk0bqSe2SZjMrV/V1bMyQhOTn8D9wWmPnKK/HGmQtFEhoraErbjF
s/OlAlfM0Jkf19qg8d+jYNOYdSh6j+z86/xT5TXItEQNPsshKUs2FwS44wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNp7pfLRtzeg6uTL449B8NZB4nLzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMm51bDh0RzNONkRxNU12amowSHcxa0hpY3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpncAwQA
WdWdAwQAbbD1MA0GCSqGSIb3DQEBCwUAA4IBAQA8ihj+48JMgvcAObVzg3Aw5NI9
TYEDlGLGa1IhU0ZqOAU93qWonLsjAljZtVDojnbrW9fJVGrQhgx9YugBcjPWlzGw
HMe4+ik1nEK8cb4u1cQjXnPNKzLI9RikTceg69m1CD/U5txsaUiqsIZxkcT1ObIZ
YkjkMpZSr4ume0TDwCAdL5ae/w5Vs6yVtN++zOsCtN5VToOXhQtTgcUFSElYIhPc
KFHwHOFbU+9LrWURjmqIjEXRkjBYKjuhRXr0PK2pwS00bPjsc+8LEpPu9jAsTkj9
KBm/fd6ZtM7QrEm3LtlZ1Om9RZNyvx6bEyFQpamDcJolAanyovzIWkpiFzb/
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:31 2025 by rpki-client