Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6UdtxCMxySQ9kuVN4V3b5KUqzJY.roa
File: 6UdtxCMxySQ9kuVN4V3b5KUqzJY.roa (raw, json)
Hash identifier: maEvHn66b+NtxlZzhtYxV/S/HbB/7IoXOrc8L503yQo=
Subject key identifier: E9:47:6D:C4:23:31:C9:24:3D:92:E5:4D:E1:5D:DB:E4:A5:2A:CC:96
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018571FA2666F31482FB82690D39F7F0E22B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6UdtxCMxySQ9kuVN4V3b5KUqzJY.roa
Signing time: Mon 02 Jan 2023 10:14:57 +0000
ROA not before: Mon 02 Jan 2023 10:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 82.153.240.0/24 maxlen: 24
82.152.176.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:26:66:f3:14:82:fb:82:69:0d:39:f7:f0:e2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 10:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9476dc42331c9243d92e54de15ddbe4a52acc96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:af:31:82:3b:b5:ee:89:9d:92:64:9b:e9:1e:
03:4a:57:64:ac:c7:0d:2b:01:3b:05:63:e1:77:37:
c4:23:86:2e:6b:6b:11:ad:16:3b:ce:89:d1:ec:cd:
cf:ff:32:1a:42:61:fc:22:1b:f9:14:2b:a4:b3:14:
9c:e4:b9:d3:7f:20:ad:2d:a3:0e:04:f3:78:fb:78:
60:d2:d7:82:6b:de:9f:a1:14:bc:97:43:29:f4:4b:
c1:14:e1:9b:11:1f:12:01:da:1d:ca:c2:bc:09:9c:
75:da:95:42:c6:f7:2a:f6:a2:5e:39:7b:46:d1:c5:
5c:30:dc:e2:4e:c5:d9:f5:ee:b6:07:85:c2:80:68:
f4:ed:ff:1a:4a:da:5e:78:95:7d:f3:b0:60:08:47:
b3:b0:14:ba:51:d3:26:1f:37:3e:03:7b:cb:63:09:
f6:c0:60:ec:19:4a:ab:22:da:6a:ae:e4:7b:69:68:
50:76:90:00:95:78:ce:b5:4f:39:e6:6e:a3:0c:6e:
21:2f:bb:47:f5:79:dc:85:c2:94:47:4a:bb:0b:76:
b9:ed:0f:8d:83:d5:d1:93:c4:56:61:73:58:29:dc:
e0:b9:ef:16:7e:f6:70:3e:a2:a4:b7:84:78:9f:b4:
2d:33:08:34:d5:ae:83:1f:5b:f2:bf:5a:ae:17:fc:
44:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:47:6D:C4:23:31:C9:24:3D:92:E5:4D:E1:5D:DB:E4:A5:2A:CC:96
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6UdtxCMxySQ9kuVN4V3b5KUqzJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/24
82.153.68.0/24
82.153.240.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
11:66:53:b8:2c:65:87:87:43:3c:8f:47:06:fc:cd:ce:90:ad:
ac:29:54:ae:e7:02:4e:7e:ea:94:ae:19:83:ad:cd:34:f4:d6:
29:16:20:eb:ce:44:4f:d5:b9:ba:5d:e7:f8:3e:72:20:17:f8:
a6:b0:2b:1c:c9:5a:c8:24:b0:f0:f1:9c:bc:ff:bd:b7:c5:eb:
b9:c9:54:c6:07:80:5c:8e:1b:0d:b6:14:1c:17:6e:58:da:b5:
67:af:64:e7:04:bb:7c:b8:c3:f6:a7:97:2d:0c:ea:54:bd:2b:
da:0b:c9:2c:b8:12:31:eb:1a:da:0d:40:7b:ea:27:4e:02:26:
71:20:e7:a1:c0:8f:fc:04:28:3b:92:72:88:21:1e:9e:c1:e4:
67:6a:2c:9d:4b:a8:ba:51:30:06:27:8e:c4:44:4f:3d:ce:6a:
65:93:13:17:78:8d:8c:6e:26:12:80:83:37:8c:f9:3e:ae:b9:
fd:03:85:cd:1e:0c:ab:16:7d:f3:f8:58:6f:1e:b1:00:79:4a:
fa:13:a2:a7:23:ac:4b:cd:10:55:d5:4d:34:2c:4f:31:9f:10:
a8:ed:1b:cc:3e:f3:4a:07:ea:89:f9:94:46:37:76:74:81:a2:
0b:74:c4:61:7a:5b:b5:20:47:38:84:e7:00:44:8f:43:0d:d4:
a1:b0:2e:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVx+iZm8xSC+4JpDTn38OIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTQ3NmRjNDIzMzFjOTI0M2Q5MmU1NGRlMTVkZGJlNGE1MmFjYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq8xgju17omdkmSb6R4DSldkrMcN
KwE7BWPhdzfEI4Yua2sRrRY7zonR7M3P/zIaQmH8Ihv5FCuksxSc5LnTfyCtLaMO
BPN4+3hg0teCa96foRS8l0Mp9EvBFOGbER8SAdodysK8CZx12pVCxvcq9qJeOXtG
0cVcMNziTsXZ9e62B4XCgGj07f8aStpeeJV987BgCEezsBS6UdMmHzc+A3vLYwn2
wGDsGUqrItpqruR7aWhQdpAAlXjOtU855m6jDG4hL7tH9XnchcKUR0q7C3a57Q+N
g9XRk8RWYXNYKdzgue8WfvZwPqKkt4R4n7QtMwg01a6DH1vyv1quF/xE9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOlHbcQjMckkPZLlTeFd2+SlKsyWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNlVkdHhDTXh5U1E5a3VWTjRWM2I1S1VxekpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpiwAwQA
UplEAwQAUpnwAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQARZlO4LGWHh0M8j0cG
/M3OkK2sKVSu5wJOfuqUrhmDrc009NYpFiDrzkRP1bm6Xef4PnIgF/imsCscyVrI
JLDw8Zy8/723xeu5yVTGB4BcjhsNthQcF25Y2rVnr2TnBLt8uMP2p5ctDOpUvSva
C8ksuBIx6xraDUB76idOAiZxIOehwI/8BCg7knKIIR6eweRnaiydS6i6UTAGJ47E
RE89zmplkxMXeI2MbiYSgIM3jPk+rrn9A4XNHgyrFn3z+FhvHrEAeUr6E6KnI6xL
zRBV1U00LE8xnxCo7RvMPvNKB+qJ+ZRGN3Z0gaILdMRhelu1IEc4hOcARI9DDdSh
sC7b
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:43 2025 by rpki-client