Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AHqnPm4VkyESkA2q8nygkrIhJV8.roa
File: AHqnPm4VkyESkA2q8nygkrIhJV8.roa (raw, json)
Hash identifier: DAiGEqTZrSONGSMOljJvwqoeuQXmPaArcIBbZK2hhUU=
Subject key identifier: 00:7A:A7:3E:6E:15:93:21:12:90:0D:AA:F2:7C:A0:92:B2:21:25:5F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01890CD909F0368D4ABEBA4F114465FEF75A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AHqnPm4VkyESkA2q8nygkrIhJV8.roa
Signing time: Fri 30 Jun 2023 15:08:17 +0000
ROA not before: Fri 30 Jun 2023 15:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140155
IP address blocks: 82.153.227.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
109.176.252.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:d9:09:f0:36:8d:4a:be:ba:4f:11:44:65:fe:f7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 15:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=007aa73e6e15932112900daaf27ca092b221255f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ca:50:16:11:89:41:40:db:fb:2b:09:6d:b1:
85:89:dd:c6:75:c0:b1:cd:42:d1:10:65:82:ee:5e:
fc:50:a1:1f:c8:86:18:fd:f0:fa:23:cd:42:6d:43:
30:d5:6c:c3:da:3f:8c:64:b4:9e:05:43:49:2c:41:
c0:79:b4:89:aa:a6:46:0b:0b:58:a4:4b:fc:0b:b2:
2a:ed:b1:04:62:39:ed:dc:f6:5f:8c:af:c9:c0:0c:
d5:4a:3f:c9:84:5e:fa:fe:5c:8c:4b:9b:43:2a:42:
c3:c8:41:05:71:22:32:ed:a7:bf:84:c3:e5:cc:b7:
bc:c9:25:25:f5:9f:2e:86:03:ed:88:55:75:d4:7f:
ad:0a:9b:71:0c:4a:dc:26:0e:b2:7d:43:b9:8c:56:
bc:69:7a:35:3b:24:b4:2e:7c:08:1d:fc:d9:cc:56:
84:3d:56:bf:de:83:3c:21:3a:47:b4:4e:f1:11:b6:
17:1c:71:b3:8b:2b:d4:13:6f:44:9a:2c:a3:03:50:
c7:f8:8f:44:60:ae:c5:37:e6:fb:5b:29:8d:b3:65:
a5:96:51:b5:d6:4a:f1:ad:27:c3:86:6f:c9:e2:95:
c2:f2:ce:5f:7f:97:fd:3b:3a:ae:0c:59:83:80:4c:
d7:69:0d:de:be:63:dd:f1:cd:b7:ba:f6:57:00:53:
15:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7A:A7:3E:6E:15:93:21:12:90:0D:AA:F2:7C:A0:92:B2:21:25:5F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AHqnPm4VkyESkA2q8nygkrIhJV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.225.0/24
82.153.227.0/24
89.213.154.0/24
89.213.188.0/23
109.176.252.0/23
Signature Algorithm: sha256WithRSAEncryption
72:f4:fe:87:9b:f0:21:60:b1:5d:51:9a:51:b3:d3:93:f6:f7:
67:a9:b9:5c:4e:3a:1e:a4:68:15:da:f2:6e:69:fc:6f:5b:2b:
23:8a:ec:09:00:c7:22:d6:a7:e8:a5:38:78:de:81:d7:40:4b:
28:3a:25:45:3c:8f:14:99:e3:b6:a6:a0:b7:77:e4:1d:37:4d:
59:64:b9:3a:85:0a:8c:5a:04:05:56:0d:79:08:0c:e7:e1:b1:
2e:d0:10:19:1d:47:4a:96:d8:1e:cc:68:b5:08:63:8a:46:c1:
5c:ac:5d:c8:59:0a:a9:f1:c8:49:ca:ed:a9:29:a7:2f:f2:1a:
d3:d7:5f:2e:a3:c4:b1:c9:d2:9b:0e:cf:ae:6a:25:bd:38:80:
db:6a:47:ae:57:93:18:48:07:12:c8:0d:0c:82:63:ae:99:f8:
d9:35:a5:0d:16:27:d2:e0:4f:19:af:a7:69:7a:83:05:93:68:
05:4b:69:43:01:9c:b9:c4:fe:7d:3d:d4:7e:70:90:f4:70:0e:
7d:31:4a:79:88:11:63:9c:25:eb:0a:c4:e9:00:fe:19:49:be:
13:3d:3a:ac:04:b2:22:f2:5e:26:d8:58:ab:4c:f9:08:0b:86:
6a:11:05:08:49:d3:b4:ce:ef:8b:02:3e:a7:07:3f:3d:5d:16:
88:ee:4f:ed
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYkM2QnwNo1KvrpPEURl/vdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjMwMTUwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdhYTczZTZlMTU5MzIxMTI5MDBkYWFmMjdjYTA5MmIyMjEyNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMpQFhGJQUDb+ysJbbGFid3GdcCx
zULREGWC7l78UKEfyIYY/fD6I81CbUMw1WzD2j+MZLSeBUNJLEHAebSJqqZGCwtY
pEv8C7Iq7bEEYjnt3PZfjK/JwAzVSj/JhF76/lyMS5tDKkLDyEEFcSIy7ae/hMPl
zLe8ySUl9Z8uhgPtiFV11H+tCptxDErcJg6yfUO5jFa8aXo1OyS0LnwIHfzZzFaE
PVa/3oM8ITpHtE7xEbYXHHGziyvUE29EmiyjA1DH+I9EYK7FN+b7WymNs2WlllG1
1krxrSfDhm/J4pXC8s5ff5f9OzquDFmDgEzXaQ3evmPd8c23uvZXAFMVeQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAB6pz5uFZMhEpANqvJ8oJKyISVfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQUhxblBtNFZreUVTa0EycThueWdrckloSlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpnhAwQA
UpnjAwQAWdWaAwQBWdW8AwQBbbD8MA0GCSqGSIb3DQEBCwUAA4IBAQBy9P6Hm/Ah
YLFdUZpRs9OT9vdnqblcTjoepGgV2vJuafxvWysjiuwJAMci1qfopTh43oHXQEso
OiVFPI8UmeO2pqC3d+QdN01ZZLk6hQqMWgQFVg15CAzn4bEu0BAZHUdKltgezGi1
CGOKRsFcrF3IWQqp8chJyu2pKacv8hrT118uo8SxydKbDs+uaiW9OIDbakeuV5MY
SAcSyA0MgmOumfjZNaUNFifS4E8Zr6dpeoMFk2gFS2lDAZy5xP59PdR+cJD0cA59
MUp5iBFjnCXrCsTpAP4ZSb4TPTqsBLIi8l4m2FirTPkIC4ZqEQUISdO0zu+LAj6n
Bz89XRaI7k/t
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:31 2025 by rpki-client