Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6iO3oCijJeQcxj04dr2Ll9MIsno.roa
File: 6iO3oCijJeQcxj04dr2Ll9MIsno.roa (raw, json)
Hash identifier: 1lcOduoPhNX8ZVUjxXtLu0IlPN0gWQ9Ib6MGqkEkTb0=
Subject key identifier: EA:23:B7:A0:28:A3:25:E4:1C:C6:3D:38:76:BD:8B:97:D3:08:B2:7A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C5D4D27F006766377A21EBF70DC403489
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6iO3oCijJeQcxj04dr2Ll9MIsno.roa
Signing time: Tue 12 Dec 2023 09:13:06 +0000
ROA not before: Tue 12 Dec 2023 09:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 89.213.191.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
82.152.110.0/24 maxlen: 24
89.213.131.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:4d:27:f0:06:76:63:77:a2:1e:bf:70:dc:40:34:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 12 09:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea23b7a028a325e41cc63d3876bd8b97d308b27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:35:34:d1:8e:eb:a1:e0:96:92:e9:65:f2:
1d:e1:7a:a0:7a:58:3c:df:a7:42:bd:4e:64:e6:8a:
97:16:0c:b3:a3:ec:5b:70:c1:37:26:ac:f5:42:9d:
38:eb:7b:5b:6e:7e:0d:e6:85:4f:2c:f2:52:1f:66:
5c:1a:03:ba:7c:d4:ec:2e:79:b6:78:1c:d4:1b:30:
e5:a2:5f:c2:a8:74:ef:65:97:89:2f:d2:86:1e:37:
78:d8:0f:71:81:40:55:61:f3:cd:43:3b:b9:f6:5b:
c2:cb:b5:08:b9:3c:f1:3d:68:83:0a:77:69:97:ca:
4e:2d:ae:6d:88:cf:28:4c:79:03:e2:f0:53:b7:45:
8c:81:12:58:19:2d:b6:67:69:20:ac:f8:3d:45:1c:
01:9a:3a:ea:f9:76:c9:c1:a1:e1:68:00:65:7f:2c:
ec:d9:77:3a:9c:c0:33:7a:c9:a5:af:d8:85:6f:81:
29:5c:53:92:17:7d:79:99:5f:0b:ed:09:a5:ac:99:
9f:21:b5:cd:16:10:ac:36:d5:16:f1:a3:57:0c:df:
e8:a3:9d:ba:10:74:3c:81:48:40:7d:64:e6:e2:91:
89:ad:30:9f:9a:78:a8:82:54:04:1a:f6:42:5c:c0:
65:b5:5f:86:d7:b8:7d:48:19:5b:b1:22:15:cd:eb:
93:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:23:B7:A0:28:A3:25:E4:1C:C6:3D:38:76:BD:8B:97:D3:08:B2:7A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6iO3oCijJeQcxj04dr2Ll9MIsno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.110.0/24
82.153.66.0/24
89.213.131.0/24
89.213.191.0/24
109.176.253.0/24
Signature Algorithm: sha256WithRSAEncryption
17:c0:30:a4:6b:4a:7d:51:68:7f:a0:4b:13:26:da:9b:73:ac:
24:64:61:68:3c:42:d1:42:6a:99:41:45:33:6d:4c:d7:21:67:
c9:51:fb:f9:8d:d4:ef:32:d5:a8:72:12:85:f7:68:8c:cb:8a:
04:2d:29:d1:98:0d:ed:68:c2:5e:74:62:d6:c1:9a:a2:cf:0a:
2f:f8:87:df:0b:73:f8:40:3e:ae:2d:cf:ac:dd:59:13:da:ad:
94:d2:b8:3b:bc:9c:28:7f:c8:0c:3d:bc:17:61:15:60:b6:0d:
31:94:a0:4a:76:d0:0d:6d:06:f3:0b:62:bd:86:2e:a5:e1:6b:
ed:3d:41:00:68:60:64:39:40:05:47:fd:f0:7e:09:c6:8e:cf:
36:e4:8b:d4:d5:53:80:3a:62:61:e8:5e:e0:eb:8e:58:d3:a0:
da:a5:2d:c6:e9:d3:51:1a:68:72:b6:7d:6b:ca:dd:20:82:e7:
b5:be:67:5b:c0:5b:5b:9f:c4:fd:4b:2b:56:7b:a3:52:59:6c:
61:39:3f:45:b3:5f:41:76:b2:f5:6b:b0:e9:ce:93:f9:8b:5c:
ca:95:e4:d1:b0:93:0f:9e:9f:86:b7:94:6e:78:83:77:74:88:
06:28:8d:36:92:f5:6c:92:14:12:70:37:a0:c3:bb:57:3f:f4:
35:2a:0f:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxdTSfwBnZjd6Iev3DcQDSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjEyMDkxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTIzYjdhMDI4YTMyNWU0MWNjNjNkMzg3NmJkOGI5N2QzMDhiMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUM1NNGO66HglpLpZfId4Xqgelg8
36dCvU5k5oqXFgyzo+xbcME3Jqz1Qp0463tbbn4N5oVPLPJSH2ZcGgO6fNTsLnm2
eBzUGzDlol/CqHTvZZeJL9KGHjd42A9xgUBVYfPNQzu59lvCy7UIuTzxPWiDCndp
l8pOLa5tiM8oTHkD4vBTt0WMgRJYGS22Z2kgrPg9RRwBmjrq+XbJwaHhaABlfyzs
2Xc6nMAzesmlr9iFb4EpXFOSF315mV8L7QmlrJmfIbXNFhCsNtUW8aNXDN/oo526
EHQ8gUhAfWTm4pGJrTCfmnioglQEGvZCXMBltV+G17h9SBlbsSIVzeuTvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOojt6AooyXkHMY9OHa9i5fTCLJ6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNmlPM29DaWpKZVFjeGowNGRyMkxsOU1Jc25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUphuAwQA
UplCAwQAWdWDAwQAWdW/AwQAbbD9MA0GCSqGSIb3DQEBCwUAA4IBAQAXwDCka0p9
UWh/oEsTJtqbc6wkZGFoPELRQmqZQUUzbUzXIWfJUfv5jdTvMtWochKF92iMy4oE
LSnRmA3taMJedGLWwZqizwov+IffC3P4QD6uLc+s3VkT2q2U0rg7vJwof8gMPbwX
YRVgtg0xlKBKdtANbQbzC2K9hi6l4WvtPUEAaGBkOUAFR/3wfgnGjs825IvU1VOA
OmJh6F7g645Y06DapS3G6dNRGmhytn1ryt0ggue1vmdbwFtbn8T9SytWe6NSWWxh
OT9Fs19BdrL1a7DpzpP5i1zKleTRsJMPnp+Gt5RueIN3dIgGKI02kvVskhQScDeg
w7tXP/Q1Kg85
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:21 2025 by rpki-client