Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/757GWgoAJuHq-j7bwjmTkxyc4aI.roa
File: 757GWgoAJuHq-j7bwjmTkxyc4aI.roa (raw, json)
Hash identifier: eeIerOtOFu+f1thzN7dE33QgCykm5o2zc9lKc2gNrB0=
Subject key identifier: EF:9E:C6:5A:0A:00:26:E1:EA:FA:3E:DB:C2:39:93:93:1C:9C:E1:A2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01877EE8D88D4145AD0E05E9D3DF9D527DC9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/757GWgoAJuHq-j7bwjmTkxyc4aI.roa
Signing time: Fri 14 Apr 2023 08:36:41 +0000
ROA not before: Fri 14 Apr 2023 08:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 82.153.243.0/24 maxlen: 24
82.153.208.0/24 maxlen: 24
82.153.211.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7e:e8:d8:8d:41:45:ad:0e:05:e9:d3:df:9d:52:7d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 14 08:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef9ec65a0a0026e1eafa3edbc23993931c9ce1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:25:f7:45:c2:28:90:02:20:71:8a:30:b0:f6:
6e:7d:b9:b4:2b:9f:22:2d:63:3d:6e:d0:1e:73:99:
f0:82:24:2d:d3:9d:a4:98:87:a0:fa:1d:7f:91:b3:
29:17:d9:0c:60:1a:8b:11:d1:07:9b:31:5f:f1:4e:
db:80:fb:e0:3e:04:f7:12:3d:54:07:f9:fa:3f:52:
60:b1:89:d4:21:84:b2:01:d9:0f:2b:4e:2c:02:d0:
4d:1e:90:70:54:03:02:71:47:bf:ee:37:3c:cd:81:
94:4a:99:24:f3:6f:82:77:4c:38:43:ea:9d:a4:a6:
a3:3a:7e:9b:30:1c:ee:9d:e4:cb:35:e4:c0:4d:30:
2f:b9:57:94:f8:4c:1e:32:c7:a3:8e:a9:61:9d:05:
8c:df:e8:1f:ce:cd:9f:1c:24:8b:8b:85:14:f2:46:
be:72:de:ab:3b:40:4a:71:4a:25:a9:a4:56:24:e3:
17:72:22:b1:51:e8:d1:0c:e7:be:a2:46:1e:10:11:
56:05:3b:3c:f0:6e:04:74:89:50:6d:84:12:0b:83:
5e:9a:33:9e:12:8d:9b:df:45:1e:f0:78:57:85:64:
21:05:c1:09:af:30:3e:4f:d5:3b:f2:80:fa:da:87:
25:7b:01:57:66:f6:b8:d6:f6:59:1b:61:25:bb:e4:
a3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9E:C6:5A:0A:00:26:E1:EA:FA:3E:DB:C2:39:93:93:1C:9C:E1:A2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/757GWgoAJuHq-j7bwjmTkxyc4aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.252.0/24
82.153.208.0/24
82.153.211.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
40:e0:4c:60:16:d6:5f:40:fb:9b:87:56:be:1c:c7:b0:08:51:
d5:61:04:94:6d:18:e8:e1:9d:7a:3c:53:2f:51:83:81:86:60:
2d:14:c3:12:b1:f6:21:13:b6:6b:09:3e:15:93:fd:67:83:06:
fd:a3:a9:97:1d:31:0d:f1:86:03:23:08:34:f4:79:7d:71:89:
44:e1:89:5f:8b:e1:9d:44:66:45:18:2b:06:48:e2:db:f3:38:
a8:5b:69:16:34:c4:68:8d:96:bb:95:cf:ce:df:89:63:11:b7:
d8:01:fd:80:fd:ab:f0:fb:da:f5:ab:c6:37:34:73:36:f8:00:
ac:68:54:9a:0e:91:11:09:a6:0c:39:99:97:1e:f8:61:c9:93:
e7:65:18:ec:6e:78:52:70:57:4e:a7:2f:af:59:ba:87:97:11:
fc:1f:44:09:02:40:8c:a2:c5:7f:9b:50:aa:32:f8:14:43:e4:
5f:32:37:60:f2:f9:4a:f5:52:91:ee:44:71:30:da:16:91:16:
9d:29:4f:a0:da:ba:77:60:66:26:a2:a8:b5:ce:1c:e1:de:76:
1a:d4:94:82:04:0e:10:75:a6:02:c3:cc:b7:48:89:2e:9c:fa:
ce:8d:4e:a3:ad:17:b2:2d:70:ee:45:27:ea:54:30:ae:84:a4:
93:e7:25:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd+6NiNQUWtDgXp09+dUn3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDE0MDgzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjllYzY1YTBhMDAyNmUxZWFmYTNlZGJjMjM5OTM5MzFjOWNlMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSX3RcIokAIgcYowsPZufbm0K58i
LWM9btAec5nwgiQt052kmIeg+h1/kbMpF9kMYBqLEdEHmzFf8U7bgPvgPgT3Ej1U
B/n6P1JgsYnUIYSyAdkPK04sAtBNHpBwVAMCcUe/7jc8zYGUSpkk82+Cd0w4Q+qd
pKajOn6bMBzuneTLNeTATTAvuVeU+EweMsejjqlhnQWM3+gfzs2fHCSLi4UU8ka+
ct6rO0BKcUolqaRWJOMXciKxUejRDOe+okYeEBFWBTs88G4EdIlQbYQSC4NemjOe
Eo2b30Ue8HhXhWQhBcEJrzA+T9U78oD62oclewFXZva41vZZG2Elu+SjsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO+exloKACbh6vo+28I5k5McnOGiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNzU3R1dnb0FKdUhxLWo3YndqbVRreHljNGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpj8AwQA
UpnQAwQAUpnTAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQBA4ExgFtZfQPubh1a+
HMewCFHVYQSUbRjo4Z16PFMvUYOBhmAtFMMSsfYhE7ZrCT4Vk/1ngwb9o6mXHTEN
8YYDIwg09Hl9cYlE4Ylfi+GdRGZFGCsGSOLb8zioW2kWNMRojZa7lc/O34ljEbfY
Af2A/avw+9r1q8Y3NHM2+ACsaFSaDpERCaYMOZmXHvhhyZPnZRjsbnhScFdOpy+v
WbqHlxH8H0QJAkCMosV/m1CqMvgUQ+RfMjdg8vlK9VKR7kRxMNoWkRadKU+g2rp3
YGYmoqi1zhzh3nYa1JSCBA4QdaYCw8y3SIkunPrOjU6jrReyLXDuRSfqVDCuhKST
5yUu
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:23:47 2025 by rpki-client