Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5xMdFQcJEsJdfAOXb7ZcEA56vvQ.roa
File: 5xMdFQcJEsJdfAOXb7ZcEA56vvQ.roa (raw, json)
Hash identifier: lCEBfoMdiBpD/ZDAV1Wr5abG5mu1sx4yHCPDylnWhWM=
Subject key identifier: E7:13:1D:15:07:09:12:C2:5D:7C:03:97:6F:B6:5C:10:0E:7A:BE:F4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01869C6B57A9490B7086E4226BBAD0D58707
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5xMdFQcJEsJdfAOXb7ZcEA56vvQ.roa
Signing time: Wed 01 Mar 2023 09:05:25 +0000
ROA not before: Wed 01 Mar 2023 09:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 82.153.240.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
82.152.178.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:6b:57:a9:49:0b:70:86:e4:22:6b:ba:d0:d5:87:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 1 09:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7131d15070912c25d7c03976fb65c100e7abef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:54:0b:dc:53:a3:1a:f1:2c:c5:e0:29:24:d7:
41:98:6b:d1:ec:35:73:da:36:f3:c1:38:98:7f:66:
b4:f1:c9:d2:90:1b:2b:26:c2:a4:0a:f9:46:73:86:
1d:0a:a9:37:92:eb:5f:fa:91:56:e1:b4:9d:5c:fd:
fa:73:88:a8:71:7f:42:9f:9a:9e:40:18:21:f1:3f:
38:c2:7a:d5:99:e5:5b:41:d7:44:47:f6:45:c4:6b:
32:86:ce:0e:d8:ce:12:9b:f1:5d:cc:aa:7d:92:a0:
c3:58:b4:c0:df:57:fd:9a:5e:f4:d6:98:d7:2c:6a:
d3:54:ec:5a:e3:87:0a:22:05:8e:91:01:64:9f:05:
12:49:5f:43:3c:45:39:d5:1c:57:02:a9:ff:f8:87:
89:57:37:c0:46:5e:a0:82:59:5d:60:ef:27:38:0a:
c5:e7:6b:46:ce:89:af:f6:2c:a8:90:c2:a4:69:46:
e4:eb:e9:3e:a8:7e:1a:10:96:9f:8a:af:11:cf:3e:
79:15:d9:a5:3c:41:08:f8:29:55:ce:24:b9:ae:19:
e0:25:be:3a:03:bb:81:c6:b6:f9:9f:1b:ca:e2:c9:
20:ea:a6:cc:08:83:14:9b:c0:99:4f:e6:10:09:a3:
6d:a0:e1:22:cb:5e:1e:92:d1:d3:97:e8:2c:f2:86:
79:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:13:1D:15:07:09:12:C2:5D:7C:03:97:6F:B6:5C:10:0E:7A:BE:F4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5xMdFQcJEsJdfAOXb7ZcEA56vvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
82.152.178.0/24
82.153.69.0/24
82.153.240.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:d4:8a:de:86:52:46:09:c2:ba:e1:a8:ef:7d:81:b8:a1:8f:
4d:c5:b5:17:28:6b:2e:a8:67:64:c2:9e:91:74:d1:2b:cb:23:
25:f0:1f:2a:1c:16:21:5f:c8:c8:e0:0c:75:25:99:fa:de:85:
ac:b9:a4:1a:8c:e0:a4:b4:c1:d4:da:18:f1:58:b0:75:1f:ee:
51:c9:be:9c:f7:b6:d6:24:ce:0d:6d:6a:36:98:01:b9:96:bc:
78:d2:fd:c8:eb:37:01:fb:03:e6:37:f3:e4:35:66:9c:81:71:
d9:4a:e1:68:99:75:2b:ab:63:e1:5d:81:61:46:fd:9a:20:29:
ea:f4:f6:4e:b7:79:6e:94:6d:43:51:6e:ad:2d:4f:32:ff:f3:
b0:84:42:e2:39:0a:f9:79:24:36:54:f9:3c:50:87:34:e3:b2:
19:ea:76:ea:be:75:ee:75:d0:64:1b:62:37:a1:b8:dc:d7:79:
ca:26:5e:13:06:c1:38:ac:c6:8d:1e:bf:06:78:88:df:3e:96:
39:1e:d3:5d:9f:25:ef:f7:a0:2c:3e:1d:f1:b6:0c:74:f2:77:
5e:09:dc:29:25:c4:83:96:92:67:93:4a:92:2e:19:ac:2c:b2:
f1:e0:b1:d4:e0:96:c8:49:80:cc:82:de:b4:ec:22:88:30:cb:
9c:ca:87:93
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYaca1epSQtwhuQia7rQ1YcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzAxMDkwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzEzMWQxNTA3MDkxMmMyNWQ3YzAzOTc2ZmI2NWMxMDBlN2FiZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1QL3FOjGvEsxeApJNdBmGvR7DVz
2jbzwTiYf2a08cnSkBsrJsKkCvlGc4YdCqk3kutf+pFW4bSdXP36c4iocX9Cn5qe
QBgh8T84wnrVmeVbQddER/ZFxGsyhs4O2M4Sm/FdzKp9kqDDWLTA31f9ml701pjX
LGrTVOxa44cKIgWOkQFknwUSSV9DPEU51RxXAqn/+IeJVzfARl6gglldYO8nOArF
52tGzomv9iyokMKkaUbk6+k+qH4aEJafiq8Rzz55FdmlPEEI+ClVziS5rhngJb46
A7uBxrb5nxvK4skg6qbMCIMUm8CZT+YQCaNtoOEiy14ektHTl+gs8oZ5SwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOcTHRUHCRLCXXwDl2+2XBAOer70MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNXhNZEZRY0pFc0pkZkFPWGI3WmNFQTU2dnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUQW9AwQA
UagjAwQAUpiyAwQAUplFAwQAUpnwAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQCt
1IrehlJGCcK64ajvfYG4oY9NxbUXKGsuqGdkwp6RdNEryyMl8B8qHBYhX8jI4Ax1
JZn63oWsuaQajOCktMHU2hjxWLB1H+5Ryb6c97bWJM4NbWo2mAG5lrx40v3I6zcB
+wPmN/PkNWacgXHZSuFomXUrq2PhXYFhRv2aICnq9PZOt3lulG1DUW6tLU8y//Ow
hELiOQr5eSQ2VPk8UIc047IZ6nbqvnXuddBkG2I3objc13nKJl4TBsE4rMaNHr8G
eIjfPpY5HtNdnyXv96AsPh3xtgx08ndeCdwpJcSDlpJnk0qSLhmsLLLx4LHU4JbI
SYDMgt607CKIMMucyoeT
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:58 2025 by rpki-client