Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A1j0YFFqE5GVgN59zk3Fq6iJNyc.roa
File: A1j0YFFqE5GVgN59zk3Fq6iJNyc.roa (raw, json)
Hash identifier: 3nZIvwUcFDzMO7dUyudD9vljA28Ue3Ke7053nlJuN6Y=
Subject key identifier: 03:58:F4:60:51:6A:13:91:95:80:DE:7D:CE:4D:C5:AB:A8:89:37:27
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01896DCB4B24D789AFA8CC56E3BA830273E7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A1j0YFFqE5GVgN59zk3Fq6iJNyc.roa
Signing time: Wed 19 Jul 2023 10:56:26 +0000
ROA not before: Wed 19 Jul 2023 10:56:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 89.213.4.0/24 maxlen: 24
82.152.49.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6d:cb:4b:24:d7:89:af:a8:cc:56:e3:ba:83:02:73:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 19 10:56:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0358f460516a13919580de7dce4dc5aba8893727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2a:f6:d9:d9:33:d7:9c:7a:84:98:c3:a8:ac:
f1:8a:77:b7:d3:bb:e6:96:d9:1c:e5:f5:12:98:a1:
da:1e:ff:27:34:3a:68:c8:8f:f1:1d:4f:59:0b:d2:
27:6f:77:40:82:64:6a:f9:e7:7a:dd:db:8e:56:93:
a5:02:19:55:45:f0:3c:fa:da:df:fc:e2:23:c8:92:
2d:1c:06:79:e6:45:d2:27:a4:c8:8f:e1:1e:b9:30:
a9:e2:33:c9:b8:53:bd:30:8e:a3:05:08:00:82:da:
60:46:b8:b5:ad:f7:27:41:96:93:fe:d2:5c:f0:fe:
ec:fd:78:b5:15:d1:72:1b:17:d7:c6:1d:f5:f1:4e:
cb:a6:a5:e6:09:41:20:1a:07:b0:02:f6:34:e3:8b:
a6:ff:4b:63:af:05:22:24:2a:d1:25:d1:bd:57:f9:
49:ae:b4:eb:ed:42:bc:39:09:51:c8:ae:39:03:c8:
b7:6c:5c:2c:65:46:aa:74:61:45:e3:8e:45:94:2f:
bf:a9:d5:d4:47:d1:ad:20:29:e0:58:fe:d5:c2:33:
ea:ee:78:e5:b7:28:05:e7:b4:48:19:d6:b7:98:7f:
ca:1b:ba:39:35:ee:9c:be:79:d3:bf:44:8c:32:56:
08:de:71:3c:e4:9d:5f:20:19:a1:4f:b9:82:49:1d:
fd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:58:F4:60:51:6A:13:91:95:80:DE:7D:CE:4D:C5:AB:A8:89:37:27
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A1j0YFFqE5GVgN59zk3Fq6iJNyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.49.0/24
89.213.4.0/24
89.213.167.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:e2:c5:63:61:a9:e1:80:e0:34:c3:79:da:72:3e:4c:aa:89:
1f:7d:0b:90:79:02:80:44:7f:4b:5e:9c:aa:30:3e:6c:27:31:
e3:5f:62:91:d1:ae:8f:88:36:35:69:45:5c:e2:df:d9:f5:60:
ee:98:24:d8:01:9a:e8:d2:5f:70:fd:35:be:17:24:ae:ad:31:
54:d2:4e:36:cf:96:c4:f5:75:57:ca:da:68:bc:55:12:e1:73:
57:ba:f4:b2:7d:88:bc:5c:cb:ba:75:e4:40:6a:db:5c:c7:5b:
60:6e:b1:0a:71:69:2d:29:52:01:bc:35:8d:38:22:9d:31:b0:
b4:e7:a4:76:6b:93:c2:67:38:86:02:fd:0a:c4:29:dd:20:ae:
c8:a7:54:ed:e0:14:e6:55:57:32:5b:46:71:79:7c:91:1e:70:
19:f4:7e:b7:13:90:35:38:74:3f:4b:93:4d:4a:24:9f:cb:5d:
8a:5e:6c:55:93:46:24:c6:8c:b8:37:f5:5f:4b:da:73:3a:a3:
bd:bb:73:15:b1:a9:7b:04:9e:2d:70:29:58:78:d4:fe:75:9f:
7a:eb:94:8d:20:a1:c4:13:62:73:04:bb:e2:cf:55:34:3a:f3:
84:94:fb:d5:fc:22:d1:11:1d:8e:9e:4e:7b:90:30:eb:30:43:
c9:f6:1c:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlty0sk14mvqMxW47qDAnPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzE5MTA1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzU4ZjQ2MDUxNmExMzkxOTU4MGRlN2RjZTRkYzVhYmE4ODkzNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyr22dkz15x6hJjDqKzxine307vm
ltkc5fUSmKHaHv8nNDpoyI/xHU9ZC9Inb3dAgmRq+ed63duOVpOlAhlVRfA8+trf
/OIjyJItHAZ55kXSJ6TIj+EeuTCp4jPJuFO9MI6jBQgAgtpgRri1rfcnQZaT/tJc
8P7s/Xi1FdFyGxfXxh318U7LpqXmCUEgGgewAvY044um/0tjrwUiJCrRJdG9V/lJ
rrTr7UK8OQlRyK45A8i3bFwsZUaqdGFF445FlC+/qdXUR9GtICngWP7VwjPq7njl
tygF57RIGda3mH/KG7o5Ne6cvnnTv0SMMlYI3nE85J1fIBmhT7mCSR395wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFANY9GBRahORlYDefc5NxauoiTcnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQTFqMFlGRnFFNUdWZ041OXprM0ZxNmlKTnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpgxAwQA
WdUEAwQAWdWnMA0GCSqGSIb3DQEBCwUAA4IBAQA84sVjYanhgOA0w3nacj5Mqokf
fQuQeQKARH9LXpyqMD5sJzHjX2KR0a6PiDY1aUVc4t/Z9WDumCTYAZro0l9w/TW+
FySurTFU0k42z5bE9XVXytpovFUS4XNXuvSyfYi8XMu6deRAattcx1tgbrEKcWkt
KVIBvDWNOCKdMbC056R2a5PCZziGAv0KxCndIK7Ip1Tt4BTmVVcyW0ZxeXyRHnAZ
9H63E5A1OHQ/S5NNSiSfy12KXmxVk0Ykxoy4N/VfS9pzOqO9u3MVsal7BJ4tcClY
eNT+dZ9665SNIKHEE2JzBLviz1U0OvOElPvV/CLRER2Onk57kDDrMEPJ9hz8
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:14 2025 by rpki-client