Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4yVj_3KB5KTZCuFP0ol2MFO3AG4.roa
File: 4yVj_3KB5KTZCuFP0ol2MFO3AG4.roa (raw, json)
Hash identifier: NUcR75AQx3oucEbv/qaITSZH64Ac0x2OQ+5n98E+DXo=
Subject key identifier: E3:25:63:FF:72:81:E4:A4:D9:0A:E1:4F:D2:89:76:30:53:B7:00:6E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C34DE067BE0118D6496C0BFA3CCB52B22
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4yVj_3KB5KTZCuFP0ol2MFO3AG4.roa
Signing time: Mon 04 Dec 2023 12:46:55 +0000
ROA not before: Mon 04 Dec 2023 12:46:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206509
IP address blocks: 81.168.0.0/17 maxlen: 17
109.176.0.0/16 maxlen: 16
81.5.128.0/18 maxlen: 18
82.152.0.0/15 maxlen: 15
213.152.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:de:06:7b:e0:11:8d:64:96:c0:bf:a3:cc:b5:2b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 4 12:46:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e32563ff7281e4a4d90ae14fd289763053b7006e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:27:bf:4b:64:7b:80:9e:6c:3b:28:64:c1:d4:
64:97:66:76:93:47:4e:ce:6b:02:da:f0:e5:4b:8c:
47:e6:43:55:7c:17:b9:c9:c4:d2:0d:47:6d:9f:c3:
10:4a:4d:09:b2:8d:89:f5:9f:9b:fa:86:89:15:87:
8b:4d:a5:51:54:db:c8:52:51:5c:e3:c3:2a:0f:00:
7d:1f:68:db:f8:05:c9:40:93:d8:2c:0c:a5:6d:15:
49:ea:e6:cb:7b:65:35:39:d3:1c:cc:d4:51:27:a7:
39:a0:89:a6:73:ae:b3:80:06:bb:48:7c:c0:1c:f7:
bb:b0:bd:c2:08:3c:5b:b2:91:8f:aa:17:4c:0f:06:
91:9e:70:85:15:24:d9:4b:68:86:22:dd:80:f3:64:
ed:bc:d2:5c:fa:db:7f:ca:b6:89:e5:6a:52:f8:9a:
cb:ef:d5:4d:01:7c:0d:7b:73:83:c7:90:9b:ef:34:
37:f0:8d:be:51:c5:7f:ca:12:e6:6b:c4:43:a9:e7:
28:e0:b1:a9:22:85:7e:78:f8:fd:b9:bc:70:f7:0b:
46:09:32:e9:8b:b7:96:2a:e1:37:1b:90:ce:bb:64:
d2:8a:67:61:c8:db:29:06:a8:be:d0:06:37:b7:1e:
05:05:5b:fe:90:0d:5f:5d:c1:d5:5c:8c:99:7b:18:
3d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:25:63:FF:72:81:E4:A4:D9:0A:E1:4F:D2:89:76:30:53:B7:00:6E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4yVj_3KB5KTZCuFP0ol2MFO3AG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.128.0/18
81.168.0.0/17
82.152.0.0/15
109.176.0.0/16
213.152.32.0/19
Signature Algorithm: sha256WithRSAEncryption
52:09:b4:e8:e7:9b:ac:f4:4f:72:c2:a3:4f:29:b2:76:99:32:
1b:98:c0:6b:a2:82:0b:e9:5c:ed:55:54:c7:de:ac:3b:12:6c:
4e:96:87:ad:25:9f:29:94:e3:fa:7f:e4:64:df:54:5a:89:39:
3f:e9:0d:c6:15:80:08:b4:11:bc:47:b6:a4:93:91:f6:90:16:
cf:10:84:0e:2d:c2:05:55:42:e0:1f:3a:b4:47:63:a5:35:5c:
bc:71:a7:7c:3f:1c:e9:c6:37:ce:d1:5b:40:d9:3b:eb:60:d9:
98:2c:5b:f9:ca:4b:90:7a:e8:85:33:6e:2f:c9:ce:54:f1:7f:
4e:73:43:64:d3:25:d5:fe:f0:a8:c8:3c:70:b2:02:e2:11:5a:
8c:da:f9:e3:8d:18:ce:d5:0a:9c:72:43:65:3e:4c:33:7f:11:
68:0a:57:ee:af:7b:63:7d:de:51:c4:e1:78:d9:8b:6a:6c:ea:
1d:63:09:a8:d0:3e:27:9d:47:20:1b:8a:b1:3a:77:76:47:0a:
a6:bb:90:1e:72:c7:67:e3:67:bf:e6:0c:6f:a4:f8:d9:23:72:
5d:a6:d2:7d:ea:7a:46:60:e9:3c:66:f6:cd:c5:a0:bd:b7:dc:
4e:4e:60:26:67:84:37:34:be:bb:77:6d:ab:fd:34:9f:af:ef:
66:18:55:84
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYw03gZ74BGNZJbAv6PMtSsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjA0MTI0NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzI1NjNmZjcyODFlNGE0ZDkwYWUxNGZkMjg5NzYzMDUzYjcwMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSe/S2R7gJ5sOyhkwdRkl2Z2k0dO
zmsC2vDlS4xH5kNVfBe5ycTSDUdtn8MQSk0Jso2J9Z+b+oaJFYeLTaVRVNvIUlFc
48MqDwB9H2jb+AXJQJPYLAylbRVJ6ubLe2U1OdMczNRRJ6c5oImmc66zgAa7SHzA
HPe7sL3CCDxbspGPqhdMDwaRnnCFFSTZS2iGIt2A82TtvNJc+tt/yraJ5WpS+JrL
79VNAXwNe3ODx5Cb7zQ38I2+UcV/yhLma8RDqeco4LGpIoV+ePj9ubxw9wtGCTLp
i7eWKuE3G5DOu2TSimdhyNspBqi+0AY3tx4FBVv+kA1fXcHVXIyZexg9UwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOMlY/9ygeSk2QrhT9KJdjBTtwBuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNHlWal8zS0I1S1RaQ3VGUDBvbDJNRk8zQUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcAwQGUQWAAwQH
UagAAwMBUpgDAwBtsAMEBdWYIDANBgkqhkiG9w0BAQsFAAOCAQEAUgm06OebrPRP
csKjTymydpkyG5jAa6KCC+lc7VVUx96sOxJsTpaHrSWfKZTj+n/kZN9UWok5P+kN
xhWACLQRvEe2pJOR9pAWzxCEDi3CBVVC4B86tEdjpTVcvHGnfD8c6cY3ztFbQNk7
62DZmCxb+cpLkHrohTNuL8nOVPF/TnNDZNMl1f7wqMg8cLIC4hFajNr5440YztUK
nHJDZT5MM38RaApX7q97Y33eUcTheNmLamzqHWMJqNA+J51HIBuKsTp3dkcKpruQ
HnLHZ+Nnv+YMb6T42SNyXabSfep6RmDpPGb2zcWgvbfcTk5gJmeENzS+u3dtq/00
n6/vZhhVhA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:30:20 2025 by rpki-client