Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6f-ZdbU4NB6iBMfk69QLe9CGTHc.roa
File: 6f-ZdbU4NB6iBMfk69QLe9CGTHc.roa (raw, json)
Hash identifier: 06Og2WvOuKyY3m/OF+ULnOGkTnCmJnIo2z9WQcLCW7k=
Subject key identifier: E9:FF:99:75:B5:38:34:1E:A2:04:C7:E4:EB:D4:0B:7B:D0:86:4C:77
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0182CEE7D3B5CF4FFBC041D270950C438950
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6f-ZdbU4NB6iBMfk69QLe9CGTHc.roa
Signing time: Wed 24 Aug 2022 08:11:15 +0000
ROA not before: Wed 24 Aug 2022 08:11:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ce:e7:d3:b5:cf:4f:fb:c0:41:d2:70:95:0c:43:89:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 24 08:11:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9ff9975b538341ea204c7e4ebd40b7bd0864c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ce:b2:cf:77:0f:6a:ce:55:4d:25:a5:51:1b:
d1:15:2f:dd:3a:40:e3:f5:e8:c3:62:95:b3:70:c8:
f7:57:7d:7f:58:ad:e7:65:bc:e9:fb:85:5b:81:88:
c2:d3:33:62:d0:7d:03:d3:1a:ca:c6:e3:82:c8:b6:
f7:64:64:f2:f0:3f:74:c4:ae:d2:dd:4e:a0:4e:20:
bf:2c:e8:6b:23:02:80:4b:48:38:e1:2c:b7:90:35:
2c:e7:4f:3f:14:5e:f3:fa:30:a3:35:d7:44:50:fa:
25:70:de:d9:c5:86:bc:60:3f:9a:30:01:43:62:ee:
48:04:df:de:28:93:f6:06:38:2f:be:62:f9:06:ec:
08:84:7c:90:30:61:a4:af:93:18:cc:ee:9c:d8:3a:
a9:17:a1:e0:4d:53:3b:90:17:19:6f:13:5a:07:b6:
c5:62:62:7b:16:72:7d:e6:8b:27:12:fe:73:af:dc:
cc:e4:cf:8d:f6:45:31:2c:c9:f3:b5:08:07:2f:02:
09:69:2c:bc:dc:55:56:fb:15:7b:86:57:50:ed:00:
d2:9b:f0:54:f7:0d:1f:13:a9:9c:2f:f7:64:c7:3a:
d7:e1:ef:09:b2:cd:07:d4:fd:67:d7:01:19:9b:ab:
6e:7a:ff:e7:f1:b4:e6:94:50:b3:e3:ad:d6:fb:3f:
37:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:FF:99:75:B5:38:34:1E:A2:04:C7:E4:EB:D4:0B:7B:D0:86:4C:77
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6f-ZdbU4NB6iBMfk69QLe9CGTHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.224.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ae:f5:e2:28:b6:92:94:86:ec:54:50:ea:5b:c3:ea:cc:b2:
7c:ee:48:ec:bd:46:7b:3d:f9:08:f0:67:55:0a:bc:a1:e0:8c:
0e:2f:5d:aa:e2:f3:a3:69:13:1c:b2:74:ec:2d:42:06:0e:ca:
c5:20:5e:bb:06:a0:6a:1c:b7:4e:d2:3c:28:1d:c9:bc:64:49:
a1:9e:75:51:0e:89:ee:29:00:b9:78:93:12:d2:54:86:57:8b:
c6:e4:24:05:9b:93:b8:23:dc:9b:f3:1b:02:db:de:b3:f2:9a:
00:1e:7c:12:58:cc:af:85:5f:6d:45:1a:11:f0:66:79:76:d8:
50:f8:9d:33:17:f3:97:90:10:e9:53:27:3b:ef:c9:d4:cb:b2:
16:1c:95:5a:d2:de:4f:cd:cb:40:f7:ad:74:6c:0e:7e:f3:6b:
47:cb:e8:d3:72:6c:54:0b:bd:ff:63:cb:ea:40:53:53:7f:73:
7e:8f:8c:33:26:7d:da:c5:90:56:12:0d:c8:4d:04:18:2a:c2:
1f:9a:bc:86:48:fd:3f:84:87:83:eb:cc:db:6f:d4:34:c8:e6:
76:9f:ca:b5:12:14:ba:eb:0e:5f:ae:d6:18:26:e6:7f:f9:f0:
29:1c:d0:de:1c:f2:b6:18:69:0b:f4:3f:57:1a:24:f9:62:6d:
9e:e5:24:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLO59O1z0/7wEHScJUMQ4lQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwODI0MDgxMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWZmOTk3NWI1MzgzNDFlYTIwNGM3ZTRlYmQ0MGI3YmQwODY0Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs6yz3cPas5VTSWlURvRFS/dOkDj
9ejDYpWzcMj3V31/WK3nZbzp+4VbgYjC0zNi0H0D0xrKxuOCyLb3ZGTy8D90xK7S
3U6gTiC/LOhrIwKAS0g44Sy3kDUs508/FF7z+jCjNddEUPolcN7ZxYa8YD+aMAFD
Yu5IBN/eKJP2BjgvvmL5BuwIhHyQMGGkr5MYzO6c2DqpF6HgTVM7kBcZbxNaB7bF
YmJ7FnJ95osnEv5zr9zM5M+N9kUxLMnztQgHLwIJaSy83FVW+xV7hldQ7QDSm/BU
9w0fE6mcL/dkxzrX4e8Jss0H1P1n1wEZm6tuev/n8bTmlFCz463W+z83OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOn/mXW1ODQeogTH5OvUC3vQhkx3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNmYtWmRiVTROQjZpQk1mazY5UUxlOUNHVEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpngMA0G
CSqGSIb3DQEBCwUAA4IBAQAkrvXiKLaSlIbsVFDqW8PqzLJ87kjsvUZ7PfkI8GdV
Cryh4IwOL12q4vOjaRMcsnTsLUIGDsrFIF67BqBqHLdO0jwoHcm8ZEmhnnVRDonu
KQC5eJMS0lSGV4vG5CQFm5O4I9yb8xsC296z8poAHnwSWMyvhV9tRRoR8GZ5dthQ
+J0zF/OXkBDpUyc778nUy7IWHJVa0t5PzctA9610bA5+82tHy+jTcmxUC73/Y8vq
QFNTf3N+j4wzJn3axZBWEg3ITQQYKsIfmryGSP0/hIeD68zbb9Q0yOZ2n8q1EhS6
6w5frtYYJuZ/+fApHNDeHPK2GGkL9D9XGiT5Ym2e5SQq
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:00 2025 by rpki-client