Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4cKMt1mZBRsSxXNebZZEXyQ5EbE.roa
File: 4cKMt1mZBRsSxXNebZZEXyQ5EbE.roa (raw, json)
Hash identifier: OadQImap0Cwu18QvtJLgk0KQ6vZFP+4H5u1DEiAZMqQ=
Subject key identifier: E1:C2:8C:B7:59:99:05:1B:12:C5:73:5E:6D:96:44:5F:24:39:11:B1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018930FA322205BFBAAE1AA016D2BD663F4A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4cKMt1mZBRsSxXNebZZEXyQ5EbE.roa
Signing time: Fri 07 Jul 2023 15:30:50 +0000
ROA not before: Fri 07 Jul 2023 15:30:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
82.152.108.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.242.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.153.4.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:fa:32:22:05:bf:ba:ae:1a:a0:16:d2:bd:66:3f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 7 15:30:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1c28cb75999051b12c5735e6d96445f243911b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:42:23:c2:50:66:05:02:84:5c:71:d5:73:f6:
24:01:d7:f8:88:3c:fa:f4:97:ff:d9:b2:c8:7d:9d:
31:47:86:78:e2:47:6e:df:a0:d8:dc:0a:07:db:3f:
9b:92:22:d2:48:8f:65:73:7b:35:e4:34:16:02:f9:
4f:f8:f8:e4:6d:25:78:3c:51:29:51:03:19:0a:38:
ac:d4:df:9b:b7:3f:fd:7a:d1:8d:7a:02:31:b5:9c:
e8:7a:b5:35:07:dd:70:78:e0:dd:48:f8:cc:4c:dc:
6c:b4:ed:33:5e:ea:99:a4:7c:4b:b6:7a:46:12:68:
68:9c:92:40:0b:90:7f:56:ed:b3:e9:29:ce:eb:0d:
d4:04:4b:8c:de:9d:df:c5:5b:c8:1c:12:97:1c:0d:
9b:25:a7:aa:33:cf:da:97:09:02:53:dc:ed:5b:8b:
b2:3f:c9:0d:29:62:58:1c:d6:38:de:81:a3:5c:bc:
f7:9a:34:56:b3:7a:28:a0:92:7c:41:8a:3f:a0:42:
ed:a4:f5:ac:bf:9f:41:d5:64:ba:26:1c:4c:ea:e1:
b8:70:73:aa:c0:d9:53:5f:7b:58:03:8b:3e:0b:83:
db:09:ca:d0:ea:c4:0f:3e:b0:d8:66:1f:82:a1:d1:
e9:b5:5f:0a:42:25:f3:8d:d5:a9:d0:cb:e9:aa:d4:
e8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C2:8C:B7:59:99:05:1B:12:C5:73:5E:6D:96:44:5F:24:39:11:B1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4cKMt1mZBRsSxXNebZZEXyQ5EbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.152.108.0/24
82.152.111.0/24
82.152.252.0/23
82.153.4.0/24
82.153.73.0/24
82.153.136.0/22
82.153.223.0/24
82.153.242.0/24
82.153.246.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:18:4b:59:7d:ea:38:0e:6d:78:22:17:35:bf:7a:22:82:58:
2b:44:9e:c1:ba:c3:c9:e2:48:a4:7e:36:2a:6f:ac:7e:6f:bd:
ff:c3:9f:e1:af:ba:a1:39:ee:df:51:19:03:36:45:9b:1b:05:
48:4c:d8:fe:9f:0e:36:62:15:5e:0a:f4:15:08:a8:07:a1:64:
a2:c7:80:65:03:32:e4:d4:be:fe:ff:82:8f:90:93:9f:28:8d:
53:47:b7:b7:67:25:13:01:6a:a1:cc:c9:b4:90:31:78:d5:65:
4d:1b:55:7c:66:75:c0:34:ca:03:6d:ec:77:47:af:9d:1f:14:
7a:de:39:47:7a:82:23:ba:e2:d8:e1:0a:fe:ec:78:cf:ff:42:
f7:f0:8c:b8:e8:8d:2f:58:24:d0:ee:2d:6a:a5:1a:08:1e:f0:
c1:a1:cc:69:96:4f:34:1b:a1:fa:4d:91:61:3a:ad:6c:ee:41:
17:49:a6:be:9c:c8:fa:07:8b:07:7b:db:bb:b5:33:77:41:4e:
3d:e7:93:18:ec:03:7d:4d:00:0e:82:f4:d2:4d:f5:2b:01:85:
e4:0e:62:9c:f1:56:73:61:f2:2c:49:2f:e6:03:70:b8:47:3f:
59:81:2d:0a:60:17:a5:9d:8e:f0:b3:63:6d:93:f4:1b:01:a2:
9a:f7:27:37
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYkw+jIiBb+6rhqgFtK9Zj9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA3MTUzMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWMyOGNiNzU5OTkwNTFiMTJjNTczNWU2ZDk2NDQ1ZjI0MzkxMWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEIjwlBmBQKEXHHVc/YkAdf4iDz6
9Jf/2bLIfZ0xR4Z44kdu36DY3AoH2z+bkiLSSI9lc3s15DQWAvlP+PjkbSV4PFEp
UQMZCjis1N+btz/9etGNegIxtZzoerU1B91weODdSPjMTNxstO0zXuqZpHxLtnpG
EmhonJJAC5B/Vu2z6SnO6w3UBEuM3p3fxVvIHBKXHA2bJaeqM8/alwkCU9ztW4uy
P8kNKWJYHNY43oGjXLz3mjRWs3oooJJ8QYo/oELtpPWsv59B1WS6JhxM6uG4cHOq
wNlTX3tYA4s+C4PbCcrQ6sQPPrDYZh+CodHptV8KQiXzjdWp0MvpqtToUQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOHCjLdZmQUbEsVzXm2WRF8kORGxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNGNLTXQxbVpCUnNTeFhOZWJaWkVYeVE1RWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUah3AwQA
Uah7AwQAUphsAwQAUphvAwQBUpj8AwQAUpkEAwQAUplJAwQCUpmIAwQAUpnfAwQA
UpnyAwQAUpn2AwQBUpn4MA0GCSqGSIb3DQEBCwUAA4IBAQCqGEtZfeo4Dm14Ihc1
v3oiglgrRJ7BusPJ4kikfjYqb6x+b73/w5/hr7qhOe7fURkDNkWbGwVITNj+nw42
YhVeCvQVCKgHoWSix4BlAzLk1L7+/4KPkJOfKI1TR7e3ZyUTAWqhzMm0kDF41WVN
G1V8ZnXANMoDbex3R6+dHxR63jlHeoIjuuLY4Qr+7HjP/0L38Iy46I0vWCTQ7i1q
pRoIHvDBocxplk80G6H6TZFhOq1s7kEXSaa+nMj6B4sHe9u7tTN3QU4955MY7AN9
TQAOgvTSTfUrAYXkDmKc8VZzYfIsSS/mA3C4Rz9ZgS0KYBelnY7ws2Ntk/QbAaKa
9yc3
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:05 2025 by rpki-client