Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Z6GLQzy72HcQ2lGkIFM-07Ni34.roa
File: 7Z6GLQzy72HcQ2lGkIFM-07Ni34.roa (raw, json)
Hash identifier: lK/l2sfd0I+5fmhH2y2iwL1Fw9Jqf/PTf0928C3JQRA=
Subject key identifier: ED:9E:86:2D:0C:F2:EF:61:DC:43:69:46:90:81:4C:FB:4E:CD:8B:7E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01864A8317ED3CB56A9A14BB351FB8D496F6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Z6GLQzy72HcQ2lGkIFM-07Ni34.roa
Signing time: Mon 13 Feb 2023 11:22:30 +0000
ROA not before: Mon 13 Feb 2023 11:22:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135752
IP address blocks: 82.152.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:83:17:ed:3c:b5:6a:9a:14:bb:35:1f:b8:d4:96:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 13 11:22:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed9e862d0cf2ef61dc43694690814cfb4ecd8b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:17:23:99:a0:fb:37:9d:eb:86:4e:9d:94:d4:
68:31:b1:7f:2c:f9:da:c0:3b:b4:20:d6:aa:ed:28:
82:bc:d2:ea:02:29:21:d9:2e:91:af:90:29:9c:a0:
15:0f:c1:da:ab:98:7c:7e:fa:a8:81:5c:21:02:d3:
c7:4f:33:82:96:18:eb:f5:5f:5b:c3:74:ce:2d:49:
06:b1:d4:73:25:76:62:1e:36:40:55:3a:47:80:d8:
00:ee:aa:17:02:84:8f:3d:56:21:57:32:9f:1f:0a:
83:b6:e2:b0:56:0f:bd:3f:e9:f0:03:40:61:3c:5a:
4f:2f:cc:41:a5:35:48:72:d3:7c:fa:c7:43:89:ad:
b1:5a:6d:05:fe:60:6d:3f:1e:68:bf:6d:52:41:51:
e3:34:a8:3c:5b:19:d2:ee:93:84:78:36:be:96:c2:
fd:ee:57:fa:34:c2:0e:b3:52:64:95:28:cf:ff:57:
51:7f:22:54:97:19:8c:6c:cf:9b:95:10:55:dd:0f:
ce:1b:d5:45:96:d2:16:17:91:ca:0e:4d:f2:de:4d:
f4:f6:76:0d:6f:a1:03:f9:92:d1:fb:97:8c:e3:48:
71:79:8e:f3:7d:3a:cc:90:c7:ac:f0:00:fd:2b:a2:
32:22:33:90:1e:60:c7:6b:69:1b:7d:56:b8:d6:2f:
f0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9E:86:2D:0C:F2:EF:61:DC:43:69:46:90:81:4C:FB:4E:CD:8B:7E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Z6GLQzy72HcQ2lGkIFM-07Ni34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.248.0/24
Signature Algorithm: sha256WithRSAEncryption
22:cd:c7:3c:86:67:91:7f:49:2c:9c:e4:e8:cd:84:b7:6e:91:
50:4a:ca:da:4d:01:9c:d1:28:e2:c0:30:e0:3b:d4:65:00:ef:
05:9d:a6:c3:41:71:7f:58:5c:04:bb:07:8e:b3:17:22:ce:c9:
bc:b4:ec:fe:57:ab:61:ad:b0:b6:e1:0c:d9:6f:58:5f:f6:0c:
2c:4a:98:90:d7:3d:a8:59:16:71:b9:53:3f:85:5f:94:57:b5:
37:47:8f:f8:e8:bd:e0:6a:3e:ea:1b:42:bb:50:7e:07:20:f6:
3d:59:a5:e7:53:24:38:61:8c:28:73:5e:50:1d:eb:59:e7:30:
39:e2:2d:37:ce:5b:f9:e3:78:a7:ab:29:f9:11:e7:50:68:3e:
42:f1:ed:e6:5e:4d:dc:f2:b0:30:5a:07:12:bc:89:1b:59:56:
c9:23:79:4a:8a:78:fd:69:43:7e:44:ec:7c:7b:64:e6:2b:f8:
54:8c:76:91:ce:83:4a:c3:dd:92:53:71:10:9b:2c:75:35:16:
e6:a5:c9:35:6f:9e:de:12:47:59:87:18:0f:4f:d7:16:0d:2e:
68:c6:e5:b8:31:cf:72:72:79:77:3d:b4:ce:1b:52:24:20:b0:
cd:07:83:47:d6:5c:31:ae:79:8f:7e:78:a9:6f:7d:4d:57:4b:
7b:9b:de:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZKgxftPLVqmhS7NR+41Jb2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjEzMTEyMjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDllODYyZDBjZjJlZjYxZGM0MzY5NDY5MDgxNGNmYjRlY2Q4YjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRcjmaD7N53rhk6dlNRoMbF/LPna
wDu0INaq7SiCvNLqAikh2S6Rr5ApnKAVD8Haq5h8fvqogVwhAtPHTzOClhjr9V9b
w3TOLUkGsdRzJXZiHjZAVTpHgNgA7qoXAoSPPVYhVzKfHwqDtuKwVg+9P+nwA0Bh
PFpPL8xBpTVIctN8+sdDia2xWm0F/mBtPx5ov21SQVHjNKg8WxnS7pOEeDa+lsL9
7lf6NMIOs1JklSjP/1dRfyJUlxmMbM+blRBV3Q/OG9VFltIWF5HKDk3y3k309nYN
b6ED+ZLR+5eM40hxeY7zfTrMkMes8AD9K6IyIjOQHmDHa2kbfVa41i/woQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2ehi0M8u9h3ENpRpCBTPtOzYt+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN1o2R0xRenk3MkhjUTJsR2tJRk0tMDdOaTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpj4MA0G
CSqGSIb3DQEBCwUAA4IBAQAizcc8hmeRf0ksnOTozYS3bpFQSsraTQGc0SjiwDDg
O9RlAO8FnabDQXF/WFwEuweOsxcizsm8tOz+V6thrbC24QzZb1hf9gwsSpiQ1z2o
WRZxuVM/hV+UV7U3R4/46L3gaj7qG0K7UH4HIPY9WaXnUyQ4YYwoc15QHetZ5zA5
4i03zlv543inqyn5EedQaD5C8e3mXk3c8rAwWgcSvIkbWVbJI3lKinj9aUN+ROx8
e2TmK/hUjHaRzoNKw92SU3EQmyx1NRbmpck1b57eEkdZhxgPT9cWDS5oxuW4Mc9y
cnl3PbTOG1IkILDNB4NH1lwxrnmPfnipb31NV0t7m97P
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:07 2025 by rpki-client