Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8dp9S7rhzB2rFloxyOfpqfZEyTk.roa
File: 8dp9S7rhzB2rFloxyOfpqfZEyTk.roa (raw, json)
Hash identifier: cP8ZHRQ3docF8OWfzQRBaoeyku8OuBtGZnrUkRSxKeI=
Subject key identifier: F1:DA:7D:4B:BA:E1:CC:1D:AB:16:5A:31:C8:E7:E9:A9:F6:44:C9:39
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018A02444B06E702850F74D652E32AAA4B47
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8dp9S7rhzB2rFloxyOfpqfZEyTk.roa
Signing time: Thu 17 Aug 2023 06:52:24 +0000
ROA not before: Thu 17 Aug 2023 06:52:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.168.41.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
109.176.245.0/24 maxlen: 24
109.176.246.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
109.176.250.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.249.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
89.213.40.0/24 maxlen: 24
89.213.41.0/24 maxlen: 24
89.213.42.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.44.0/24 maxlen: 24
89.213.45.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.174.0/24 maxlen: 24
89.213.175.0/24 maxlen: 24
89.213.179.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.177.0/24 maxlen: 24
89.213.178.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.186.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.187.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.148.0/24 maxlen: 24
89.213.149.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.158.0/24 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.172.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
89.213.5.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:44:4b:06:e7:02:85:0f:74:d6:52:e3:2a:aa:4b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 17 06:52:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1da7d4bbae1cc1dab165a31c8e7e9a9f644c939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a9:e4:fa:79:6b:07:93:4a:d6:44:c0:ff:9d:
70:12:ac:2a:5a:63:ee:67:33:2f:19:2a:28:92:8e:
a6:72:a9:c8:b4:60:50:6d:20:ca:78:d1:44:de:c6:
bc:ef:23:5a:4d:33:af:08:26:71:d1:06:e2:27:74:
51:41:70:29:ff:a6:4b:a4:74:bd:90:4c:aa:01:24:
ea:65:cf:c9:eb:08:45:99:3d:7e:ca:63:e9:4e:68:
0b:7d:a9:18:96:93:c0:cc:64:18:e0:3b:09:71:9b:
7d:de:70:51:f0:ba:61:d3:19:ff:df:1e:f9:b1:7f:
7a:3d:19:34:a5:f1:d9:88:0d:fa:d4:2c:2b:95:8f:
56:39:96:5a:69:39:d2:c2:1a:b1:02:0d:ca:3d:a9:
81:e7:ba:0c:d0:a8:61:18:19:de:60:96:7c:7c:9b:
c7:ef:20:9b:7f:21:10:15:2f:30:b7:cf:0a:e6:1d:
e7:d6:9b:e5:c0:4c:21:ad:92:e3:73:5f:9e:f5:00:
2b:3b:5a:75:f5:da:f7:a2:bf:f8:45:62:56:66:31:
b4:76:10:b3:a7:c5:02:95:02:41:1f:65:a4:0f:86:
d5:3c:b6:ce:11:69:0f:11:53:fa:7c:1b:0f:9d:9e:
49:21:ec:c9:ed:7f:65:38:dc:d2:66:97:72:06:6a:
e7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DA:7D:4B:BA:E1:CC:1D:AB:16:5A:31:C8:E7:E9:A9:F6:44:C9:39
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8dp9S7rhzB2rFloxyOfpqfZEyTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.225.0/24
82.153.227.0/24
82.153.240.0/24
82.153.249.0-82.153.250.255
89.213.5.0/24
89.213.40.0-89.213.45.255
89.213.133.0-89.213.134.255
89.213.136.0/24
89.213.139.0-89.213.141.255
89.213.146.0/24
89.213.148.0-89.213.155.255
89.213.157.0-89.213.160.255
89.213.162.0-89.213.164.255
89.213.168.0/23
89.213.172.0-89.213.189.255
109.176.211.0/24
109.176.216.0/21
109.176.240.0/24
109.176.242.0/23
109.176.245.0-109.176.246.255
109.176.248.0-109.176.250.255
185.49.125.0-185.49.127.255
213.152.42.0/24
213.152.61.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:fe:f8:21:72:36:1f:42:d2:4d:a8:f2:b5:b5:42:21:04:e7:
43:90:91:79:15:73:ed:fb:f1:83:05:f7:81:ad:27:4e:31:16:
7b:60:cc:66:d7:c4:86:08:fb:4f:23:67:7e:6d:96:14:95:00:
51:11:9e:1d:22:3f:97:02:32:86:91:7c:a5:03:13:22:3b:a8:
5a:a2:a2:9b:49:42:77:3f:c9:b6:fe:49:8b:23:1a:62:29:bb:
f1:a7:1a:3c:e9:43:bb:e8:7d:0e:9e:fb:4e:98:cd:7a:8e:11:
9f:f6:a5:d2:7e:a6:2d:16:92:c7:2f:95:3f:27:89:4f:4a:24:
02:55:a9:65:3c:c4:39:34:15:c0:ca:6d:8e:16:32:87:b0:c3:
93:fa:25:46:72:4d:38:60:c0:f7:87:e4:bb:a3:2d:19:fa:02:
7d:da:77:d7:6a:d8:ed:e5:98:29:97:60:cb:3c:9a:3f:ab:a3:
db:5f:c0:cb:1b:f1:7c:85:6d:ae:a5:64:3c:d6:e5:b5:99:de:
bd:e7:7f:23:97:71:bc:ed:b6:37:ac:e9:b2:f1:84:1d:91:f3:
ce:a4:cc:3c:78:1b:f3:2c:15:a7:0d:e1:b5:3e:14:87:ca:b9:
9b:aa:3e:98:ae:76:c9:7e:b0:4e:8b:e9:59:b8:7a:be:8d:a4:
f2:1a:56:8c
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAYoCREsG5wKFD3TWUuMqqktHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODE3MDY1MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRhN2Q0YmJhZTFjYzFkYWIxNjVhMzFjOGU3ZTlhOWY2NDRjOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKnk+nlrB5NK1kTA/51wEqwqWmPu
ZzMvGSooko6mcqnItGBQbSDKeNFE3sa87yNaTTOvCCZx0QbiJ3RRQXAp/6ZLpHS9
kEyqASTqZc/J6whFmT1+ymPpTmgLfakYlpPAzGQY4DsJcZt93nBR8Lph0xn/3x75
sX96PRk0pfHZiA361CwrlY9WOZZaaTnSwhqxAg3KPamB57oM0KhhGBneYJZ8fJvH
7yCbfyEQFS8wt88K5h3n1pvlwEwhrZLjc1+e9QArO1p19dr3or/4RWJWZjG0dhCz
p8UClQJBH2WkD4bVPLbOEWkPEVP6fBsPnZ5JIezJ7X9lONzSZpdyBmrnswIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFPHafUu64cwdqxZaMcjn6an2RMk5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOGRwOVM3cmh6QjJyRmxveHlPZnBxZlpFeVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnhAwQAUpnjAwQAUpnwMAwDBABSmfkDBABSmfoDBABZ1QUwDAMEA1nVKAMEAVnV
LDAMAwQAWdWFAwQAWdWGAwQAWdWIMAwDBABZ1YsDBAFZ1YwDBABZ1ZIwDAMEAlnV
lAMEAlnVmDAMAwQAWdWdAwQAWdWgMAwDBAFZ1aIDBABZ1aQDBAFZ1agwDAMEAlnV
rAMEAVnVvAMEAG2w0wMEA22w2AMEAG2w8AMEAW2w8jAMAwQAbbD1AwQAbbD2MAwD
BANtsPgDBABtsPowDAMEALkxfQMEB7kxAAMEANWYKgMEANWYPTANBgkqhkiG9w0B
AQsFAAOCAQEAOv74IXI2H0LSTajytbVCIQTnQ5CReRVz7fvxgwX3ga0nTjEWe2DM
ZtfEhgj7TyNnfm2WFJUAURGeHSI/lwIyhpF8pQMTIjuoWqKim0lCdz/Jtv5JiyMa
Yim78acaPOlDu+h9Dp77TpjNeo4Rn/al0n6mLRaSxy+VPyeJT0okAlWpZTzEOTQV
wMptjhYyh7DDk/olRnJNOGDA94fku6MtGfoCfdp312rY7eWYKZdgyzyaP6uj21/A
yxvxfIVtrqVkPNbltZneved/I5dxvO22N6zpsvGEHZHzzqTMPHgb8ywVpw3htT4U
h8q5m6o+mK52yX6wTovpWbh6vo2k8hpWjA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:33 2025 by rpki-client