Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AUXdwGym54d1YBEGn5FQu7VlGm8.roa
File: AUXdwGym54d1YBEGn5FQu7VlGm8.roa (raw, json)
Hash identifier: utvPRxzx/WVDmuIn9zcmHWMcMloPi7VyY20S7/u2bJI=
Subject key identifier: 01:45:DD:C0:6C:A6:E7:87:75:60:11:06:9F:91:50:BB:B5:65:1A:6F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018703642535B5864603FEBEE6B977FFF9C1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AUXdwGym54d1YBEGn5FQu7VlGm8.roa
Signing time: Tue 21 Mar 2023 08:58:27 +0000
ROA not before: Tue 21 Mar 2023 08:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 82.153.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:64:25:35:b5:86:46:03:fe:be:e6:b9:77:ff:f9:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 21 08:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0145ddc06ca6e787756011069f9150bbb5651a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e0:52:cf:e6:8b:8c:7f:f4:a3:af:fd:f7:ae:
10:de:02:a1:b6:40:18:63:b5:39:f8:1b:74:55:27:
36:a4:d2:04:5e:69:d9:b8:dd:77:bf:fc:4a:44:eb:
44:e9:c7:49:f6:88:3e:e6:2d:86:3f:af:a4:40:ce:
7e:b8:87:ec:cf:1e:8d:40:f6:7c:e1:86:7f:f8:c0:
aa:8a:29:c0:19:52:ac:3f:60:d6:82:bc:e8:95:5c:
ea:94:e6:f9:92:c1:99:e7:29:34:3d:0e:20:ad:0e:
26:e7:e0:f8:cb:ad:23:3e:3b:31:a4:cc:ad:2c:6f:
32:ab:7e:6a:41:2c:5e:23:24:7c:18:72:d1:82:ca:
42:6d:64:e7:b9:60:50:5f:92:42:06:ec:13:fd:a7:
07:5c:3b:cb:39:19:bb:51:88:a9:f5:af:84:82:23:
55:48:c6:87:2f:3f:47:1f:94:6e:81:66:39:89:8c:
a3:c6:9d:bf:fa:74:f4:04:a9:94:38:ad:97:0c:ff:
7b:a2:32:3e:62:f7:d3:fe:96:72:6e:22:01:68:2f:
21:5a:15:82:ef:1f:0d:5c:7d:38:58:33:25:53:fe:
b2:01:73:69:33:5a:cb:85:25:83:99:52:65:d1:f3:
fe:9e:be:3b:35:e5:f1:91:e3:df:e1:ff:7b:5e:39:
af:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:45:DD:C0:6C:A6:E7:87:75:60:11:06:9F:91:50:BB:B5:65:1A:6F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AUXdwGym54d1YBEGn5FQu7VlGm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.4.0/24
Signature Algorithm: sha256WithRSAEncryption
75:22:54:bb:52:82:a3:fa:df:70:9b:6f:97:11:c7:20:f8:47:
e8:50:59:53:9e:81:26:8f:0f:9d:4e:2e:3f:3a:8c:a9:60:cb:
a2:64:42:a1:e7:f0:77:ad:55:77:d2:15:45:04:7e:60:4e:5e:
7f:75:59:53:a2:c9:ba:25:11:77:46:3e:de:b8:81:d0:8a:48:
48:4f:0a:0b:d6:50:71:89:49:6a:e8:9a:82:e8:24:c8:28:f7:
94:8e:7e:12:8a:96:ca:60:52:75:0d:c5:a4:14:05:13:6f:95:
8f:4c:2e:5d:11:37:27:1a:69:c4:ef:c3:d0:34:5b:3b:33:ec:
c8:a2:33:d9:cd:65:8d:c2:2b:f5:cf:44:1b:c4:56:23:11:94:
03:ec:96:96:77:bb:b4:2b:e7:47:8e:50:c2:38:d5:68:23:b5:
ec:62:88:32:cf:85:ee:2b:1e:b6:56:22:c8:65:a0:16:1a:7c:
17:b5:e6:ec:68:4b:bf:34:15:ff:92:63:27:6f:97:4b:65:d2:
91:9d:58:32:6b:e9:65:3b:d7:1e:5e:a8:82:b5:40:c8:fb:08:
4c:b5:a9:2f:90:d4:4f:62:37:e8:eb:14:7e:73:e1:a9:d2:94:
a5:90:ec:97:5d:ff:a2:7b:4a:ed:de:2e:95:f8:97:0c:17:5d:
30:01:71:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcDZCU1tYZGA/6+5rl3//nBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzIxMDg1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQ1ZGRjMDZjYTZlNzg3NzU2MDExMDY5ZjkxNTBiYmI1NjUxYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OBSz+aLjH/0o6/9964Q3gKhtkAY
Y7U5+Bt0VSc2pNIEXmnZuN13v/xKROtE6cdJ9og+5i2GP6+kQM5+uIfszx6NQPZ8
4YZ/+MCqiinAGVKsP2DWgrzolVzqlOb5ksGZ5yk0PQ4grQ4m5+D4y60jPjsxpMyt
LG8yq35qQSxeIyR8GHLRgspCbWTnuWBQX5JCBuwT/acHXDvLORm7UYip9a+EgiNV
SMaHLz9HH5RugWY5iYyjxp2/+nT0BKmUOK2XDP97ojI+YvfT/pZybiIBaC8hWhWC
7x8NXH04WDMlU/6yAXNpM1rLhSWDmVJl0fP+nr47NeXxkePf4f97XjmvtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFF3cBspueHdWARBp+RULu1ZRpvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQVVYZHdHeW01NGQxWUJFR241RlF1N1ZsR204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkEMA0G
CSqGSIb3DQEBCwUAA4IBAQB1IlS7UoKj+t9wm2+XEccg+EfoUFlTnoEmjw+dTi4/
OoypYMuiZEKh5/B3rVV30hVFBH5gTl5/dVlTosm6JRF3Rj7euIHQikhITwoL1lBx
iUlq6JqC6CTIKPeUjn4SipbKYFJ1DcWkFAUTb5WPTC5dETcnGmnE78PQNFs7M+zI
ojPZzWWNwiv1z0QbxFYjEZQD7JaWd7u0K+dHjlDCONVoI7XsYogyz4XuKx62ViLI
ZaAWGnwXtebsaEu/NBX/kmMnb5dLZdKRnVgya+llO9ceXqiCtUDI+whMtakvkNRP
Yjfo6xR+c+Gp0pSlkOyXXf+ie0rt3i6V+JcMF10wAXHt
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:41 2025 by rpki-client