Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/673Oypajo2wAazUXYKY73_XLSWU.roa
File: 673Oypajo2wAazUXYKY73_XLSWU.roa (raw, json)
Hash identifier: e+7YCN8Oj8Fo//h/zAoC1mLo4CTfdTNRsnS7YAs/1+U=
Subject key identifier: EB:BD:CE:CA:96:A3:A3:6C:00:6B:35:17:60:A6:3B:DF:F5:CB:49:65
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189CF56C64487642025A2F5380D4D450528
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/673Oypajo2wAazUXYKY73_XLSWU.roa
Signing time: Mon 07 Aug 2023 09:31:57 +0000
ROA not before: Mon 07 Aug 2023 09:31:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.168.41.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
109.176.214.0/24 maxlen: 24
109.176.215.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
109.176.250.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.249.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
89.213.41.0/24 maxlen: 24
89.213.42.0/24 maxlen: 24
89.213.44.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.175.0/24 maxlen: 24
89.213.179.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.177.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.186.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.187.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.213.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.148.0/24 maxlen: 24
89.213.149.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
89.213.158.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:56:c6:44:87:64:20:25:a2:f5:38:0d:4d:45:05:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 7 09:31:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebbdceca96a3a36c006b351760a63bdff5cb4965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4a:36:5d:30:f1:4f:a7:fd:01:f1:bb:e8:91:
91:8f:e1:b8:f1:a2:b4:09:3b:06:7f:d7:b4:b1:59:
f5:3d:91:04:7b:9a:65:3f:96:a4:2e:1d:ed:ad:26:
c5:38:74:5c:77:63:0c:05:3d:00:43:69:4e:04:52:
c0:02:a5:3a:f4:18:ad:3d:d4:8d:b3:3c:2e:e1:ff:
7a:40:41:ff:cc:13:43:7d:17:6b:55:db:46:e0:01:
a6:da:5e:48:a5:33:2e:41:d3:77:50:36:99:ae:c3:
55:4a:31:08:4b:ee:96:59:3a:d1:eb:37:45:03:60:
1c:1f:80:69:0d:f6:17:91:43:c7:21:2f:b5:bf:32:
82:f4:63:9a:77:14:72:d9:8a:90:47:f5:eb:a1:03:
23:86:cd:e1:7e:13:7f:69:4c:0b:e1:7f:1f:87:8d:
5e:5c:18:5a:f0:1d:5f:1d:b9:c3:5a:c2:57:a6:58:
47:a0:94:a6:dd:ee:45:2a:48:76:c9:69:1a:e9:5a:
b4:2e:7c:c4:3f:b3:81:db:03:d5:19:45:0f:b4:b1:
78:c6:ee:31:25:c8:a7:db:df:6e:8e:0e:94:af:a4:
ea:a2:03:08:fb:79:68:32:2c:c2:e9:f8:14:d8:25:
a3:64:1d:d7:83:a1:ca:c8:36:db:bd:8e:b6:09:38:
52:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BD:CE:CA:96:A3:A3:6C:00:6B:35:17:60:A6:3B:DF:F5:CB:49:65
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/673Oypajo2wAazUXYKY73_XLSWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.227.0/24
82.153.240.0/24
82.153.249.0/24
89.213.7.0/24
89.213.41.0-89.213.42.255
89.213.44.0/24
89.213.136.0/24
89.213.139.0-89.213.140.255
89.213.148.0-89.213.150.255
89.213.152.0/24
89.213.155.0-89.213.158.255
89.213.160.0/24
89.213.162.0/23
89.213.168.0/23
89.213.173.0/24
89.213.175.0-89.213.177.255
89.213.179.0-89.213.182.255
89.213.184.0/22
109.176.211.0/24
109.176.213.0-109.176.216.255
109.176.218.0/24
109.176.220.0/24
109.176.240.0/24
109.176.242.0/23
109.176.247.0-109.176.248.255
109.176.250.0/24
185.49.125.0-185.49.127.255
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:4e:bd:0f:60:ea:16:ec:72:7f:51:7b:ce:37:82:0e:14:51:
d9:10:99:d5:54:93:48:e7:79:9e:c0:43:19:4f:50:6d:11:19:
7b:65:2f:36:02:ac:80:8c:14:95:94:55:e1:53:2b:10:77:58:
35:3e:18:79:a2:ce:90:02:be:58:dc:0e:2d:7e:3d:76:4e:3e:
a4:fb:09:a7:24:3b:40:d4:06:b1:fa:37:13:fa:61:35:6d:ab:
14:4c:18:a8:b7:1d:48:1f:8c:7d:ff:ac:e8:40:a8:c8:b9:94:
96:52:60:bd:c3:23:85:8d:d1:74:6d:d3:03:af:5b:f0:e3:0f:
8a:90:38:ea:8d:5a:7a:29:36:16:ea:c1:60:44:eb:a3:e2:64:
a4:c5:14:80:ed:7d:71:29:2d:2b:24:a1:c7:87:67:3e:02:3c:
14:a7:a3:ee:7a:39:c0:37:6d:f7:43:ea:bb:79:a9:c8:8e:bf:
b6:18:57:4e:95:71:77:0e:92:76:e8:b9:18:25:6d:13:d6:aa:
85:7b:ee:5a:a8:9c:4c:d5:fb:ff:36:6f:2d:8a:24:94:ce:ff:
3e:b5:5c:75:ad:38:a1:65:e9:e0:1c:f1:d9:ed:f0:cb:4a:49:
2b:00:1a:ff:c6:0e:2c:f7:ab:e2:b2:6d:83:3a:19:ce:5f:6b:
d4:e3:7f:7b
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgISAYnPVsZEh2QgJaL1OA1NRQUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MDkzMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJkY2VjYTk2YTNhMzZjMDA2YjM1MTc2MGE2M2JkZmY1Y2I0OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEo2XTDxT6f9AfG76JGRj+G48aK0
CTsGf9e0sVn1PZEEe5plP5akLh3trSbFOHRcd2MMBT0AQ2lOBFLAAqU69BitPdSN
szwu4f96QEH/zBNDfRdrVdtG4AGm2l5IpTMuQdN3UDaZrsNVSjEIS+6WWTrR6zdF
A2AcH4BpDfYXkUPHIS+1vzKC9GOadxRy2YqQR/XroQMjhs3hfhN/aUwL4X8fh41e
XBha8B1fHbnDWsJXplhHoJSm3e5FKkh2yWka6Vq0LnzEP7OB2wPVGUUPtLF4xu4x
Jcin299ujg6Ur6TqogMI+3loMizC6fgU2CWjZB3Xg6HKyDbbvY62CThStQIDAQAB
o4IDWTCCA1UwHQYDVR0OBBYEFOu9zsqWo6NsAGs1F2CmO9/1y0llMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNjczT3lwYWpvMndBYXpVWFlLWTczX1hMU1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbQYIKwYBBQUHAQcBAf8EggFcMIIBWDCCAVQEAgABMIIB
TAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnjAwQAUpnwAwQAUpn5AwQAWdUHMAwDBABZ1SkDBABZ1SoDBABZ1SwDBABZ1Ygw
DAMEAFnViwMEAFnVjDAMAwQCWdWUAwQAWdWWAwQAWdWYMAwDBABZ1ZsDBABZ1Z4D
BABZ1aADBAFZ1aIDBAFZ1agDBABZ1a0wDAMEAFnVrwMEAVnVsDAMAwQAWdWzAwQA
WdW2AwQCWdW4AwQAbbDTMAwDBABtsNUDBABtsNgDBABtsNoDBABtsNwDBABtsPAD
BAFtsPIwDAMEAG2w9wMEAG2w+AMEAG2w+jAMAwQAuTF9AwQHuTEAAwQA1ZgqMA0G
CSqGSIb3DQEBCwUAA4IBAQCsTr0PYOoW7HJ/UXvON4IOFFHZEJnVVJNI53mewEMZ
T1BtERl7ZS82AqyAjBSVlFXhUysQd1g1Phh5os6QAr5Y3A4tfj12Tj6k+wmnJDtA
1Aax+jcT+mE1basUTBiotx1IH4x9/6zoQKjIuZSWUmC9wyOFjdF0bdMDr1vw4w+K
kDjqjVp6KTYW6sFgROuj4mSkxRSA7X1xKS0rJKHHh2c+AjwUp6PuejnAN233Q+q7
eanIjr+2GFdOlXF3DpJ26LkYJW0T1qqFe+5aqJxM1fv/Nm8tiiSUzv8+tVx1rTih
ZengHPHZ7fDLSkkrABr/xg4s96vism2DOhnOX2vU4397
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:00 2025 by rpki-client