Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5DYxDbzFNwN03Xbt2ItKB20f0cE.roa
File: 5DYxDbzFNwN03Xbt2ItKB20f0cE.roa (raw, json)
Hash identifier: kKf23Jn6xEtEse/HIzjAGF8WooVdVNGoOGzzOAiOfGc=
Subject key identifier: E4:36:31:0D:BC:C5:37:03:74:DD:76:ED:D8:8B:4A:07:6D:1F:D1:C1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0183AC5D84852CE9BE2139C66E14476A9BF0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5DYxDbzFNwN03Xbt2ItKB20f0cE.roa
Signing time: Thu 06 Oct 2022 08:15:53 +0000
ROA not before: Thu 06 Oct 2022 08:15:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150303
IP address blocks: 82.153.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:5d:84:85:2c:e9:be:21:39:c6:6e:14:47:6a:9b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 6 08:15:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e436310dbcc5370374dd76edd88b4a076d1fd1c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5e:b8:9c:2d:43:bd:ad:95:d8:03:24:31:72:
18:a8:73:38:a0:55:f9:36:8d:8e:a6:f1:a6:5c:89:
07:85:72:33:eb:31:da:48:4b:8c:29:43:5b:6a:de:
7a:17:60:e3:ea:ed:d5:93:67:1d:6b:51:8f:c7:05:
8d:63:0c:4e:2e:12:07:ba:0a:5c:de:0d:27:2f:33:
4b:b6:aa:b1:33:f9:8e:15:28:d4:93:2b:fc:a2:ab:
e1:4b:bd:87:6b:95:b6:ad:10:bf:e0:85:71:93:81:
95:da:27:82:6e:d3:7c:ef:85:3a:83:af:bd:7b:01:
87:19:2e:8f:d2:43:b8:68:a4:50:02:3a:ca:f9:04:
72:a7:d6:99:58:94:b5:59:5d:f8:fd:df:ac:a3:91:
29:de:de:84:21:ec:5d:1d:66:d7:44:88:48:59:8f:
27:15:86:98:15:c0:45:f0:be:32:19:e6:5e:5b:92:
7d:68:33:e3:13:d4:82:5b:98:1b:bb:41:b3:86:ae:
5c:02:6e:f9:cf:70:e1:1b:cc:c7:51:d4:ed:ec:b8:
79:d2:d2:51:77:c0:56:51:33:ee:4f:26:cc:58:df:
02:17:3e:a3:fd:09:d3:4d:c2:9e:7e:97:fc:35:a8:
83:4b:ac:57:54:01:23:8a:4a:fa:19:73:d0:8a:0b:
79:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:36:31:0D:BC:C5:37:03:74:DD:76:ED:D8:8B:4A:07:6D:1F:D1:C1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5DYxDbzFNwN03Xbt2ItKB20f0cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.66.0/24
Signature Algorithm: sha256WithRSAEncryption
57:50:7e:b2:1e:bd:c5:dd:87:3d:90:31:25:a9:09:ff:4f:35:
58:15:84:3c:ae:2e:8a:68:46:e3:d8:1b:d0:fe:be:ea:05:43:
b7:b1:17:5a:fe:6c:fa:bc:c8:c2:58:17:7d:f2:97:be:72:1e:
47:9d:45:f5:6b:ee:ea:59:45:2d:e0:5a:d6:83:76:32:45:12:
0e:75:33:85:9d:a3:0f:e1:60:8b:98:fd:57:89:ef:4b:1c:39:
ac:4e:77:ec:e6:81:6d:1b:66:64:b5:77:01:ee:e3:1f:42:cf:
26:0a:66:7f:db:23:50:6a:d1:c3:b8:6b:57:60:4f:5b:3f:be:
4f:26:c0:c2:77:0b:14:f6:10:30:aa:b3:f1:1d:50:a3:45:f0:
d8:3e:5f:86:07:bc:6e:d2:57:a0:71:77:f1:e9:20:8c:72:00:
7c:eb:b2:b6:d5:71:00:b1:ae:3f:c2:97:2d:d8:54:b5:aa:fd:
a3:6c:a5:2c:85:15:dc:e4:c5:68:7e:b1:03:63:5e:f3:18:88:
34:a7:60:95:19:c2:5e:bc:cd:82:76:4d:ff:05:72:4e:00:0e:
7e:3b:91:62:88:64:b5:23:9b:fc:2b:f3:20:57:a8:b2:12:1d:
cf:e5:c3:b3:6e:58:56:6f:29:c2:ec:00:16:2f:5b:a8:1a:5e:
2e:94:f3:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOsXYSFLOm+ITnGbhRHapvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMDA2MDgxNTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM2MzEwZGJjYzUzNzAzNzRkZDc2ZWRkODhiNGEwNzZkMWZkMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi164nC1Dva2V2AMkMXIYqHM4oFX5
No2OpvGmXIkHhXIz6zHaSEuMKUNbat56F2Dj6u3Vk2cda1GPxwWNYwxOLhIHugpc
3g0nLzNLtqqxM/mOFSjUkyv8oqvhS72Ha5W2rRC/4IVxk4GV2ieCbtN874U6g6+9
ewGHGS6P0kO4aKRQAjrK+QRyp9aZWJS1WV34/d+so5Ep3t6EIexdHWbXRIhIWY8n
FYaYFcBF8L4yGeZeW5J9aDPjE9SCW5gbu0Gzhq5cAm75z3DhG8zHUdTt7Lh50tJR
d8BWUTPuTybMWN8CFz6j/QnTTcKefpf8NaiDS6xXVAEjikr6GXPQigt5vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQ2MQ28xTcDdN127diLSgdtH9HBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNURZeERiekZOd04wM1hidDJJdEtCMjBmMGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplCMA0G
CSqGSIb3DQEBCwUAA4IBAQBXUH6yHr3F3Yc9kDElqQn/TzVYFYQ8ri6KaEbj2BvQ
/r7qBUO3sRda/mz6vMjCWBd98pe+ch5HnUX1a+7qWUUt4FrWg3YyRRIOdTOFnaMP
4WCLmP1Xie9LHDmsTnfs5oFtG2ZktXcB7uMfQs8mCmZ/2yNQatHDuGtXYE9bP75P
JsDCdwsU9hAwqrPxHVCjRfDYPl+GB7xu0legcXfx6SCMcgB867K21XEAsa4/wpct
2FS1qv2jbKUshRXc5MVofrEDY17zGIg0p2CVGcJevM2Cdk3/BXJOAA5+O5FiiGS1
I5v8K/MgV6iyEh3P5cOzblhWbynC7AAWL1uoGl4ulPOb
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:45 2025 by rpki-client