Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DbDM29r-BhGYb3csBKMgUeE6fhM.roa
File: DbDM29r-BhGYb3csBKMgUeE6fhM.roa (raw, json)
Hash identifier: 1SZonmjsJCk5eCFJNMq7G3pEnwJftTUhVAeLTW3wAC4=
Subject key identifier: 0D:B0:CC:DB:DA:FE:06:11:98:6F:77:2C:04:A3:20:51:E1:3A:7E:13
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BA39078D0ED1FCC7F0CEE9F2416BE6369
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DbDM29r-BhGYb3csBKMgUeE6fhM.roa
Signing time: Mon 06 Nov 2023 07:37:16 +0000
ROA not before: Mon 06 Nov 2023 07:37:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.152.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:90:78:d0:ed:1f:cc:7f:0c:ee:9f:24:16:be:63:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 6 07:37:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0db0ccdbdafe0611986f772c04a32051e13a7e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cd:33:92:dc:30:d6:d6:19:bd:58:20:05:68:
04:69:f8:b0:7a:ee:4e:8c:4f:23:3d:a6:77:35:85:
7d:82:a5:67:cc:3b:27:f8:50:96:96:3b:17:fa:cc:
71:66:e0:7d:0d:fd:49:73:df:95:9b:94:aa:3f:37:
01:dc:1f:c8:0a:63:09:24:25:71:b0:0d:ba:cf:ab:
ab:d8:35:78:6d:44:c7:26:81:6b:02:e5:b6:6d:2a:
53:be:d4:92:05:67:35:93:b6:c4:63:05:26:e3:73:
e3:85:56:a5:30:a8:12:02:20:03:51:32:f6:5a:12:
a7:26:03:c4:53:4e:2b:44:22:43:07:33:6e:1c:b3:
5c:70:fb:3c:6d:5b:95:11:4f:df:5f:99:6c:1b:03:
25:29:ad:e1:f0:41:be:6d:30:0d:ad:05:09:b4:9f:
c7:18:5f:ab:22:43:f9:33:47:ea:1c:d4:f5:93:89:
33:83:bd:6e:94:77:91:43:78:8c:2a:fc:1b:8f:1f:
49:20:fe:4d:0f:71:7f:d1:ba:aa:09:bf:f4:5b:ec:
b5:62:fe:25:34:1d:6d:48:7d:2f:08:96:2d:1b:ec:
3a:81:32:cd:eb:9c:85:a8:2e:1b:12:de:a7:37:e0:
fd:aa:0b:8a:47:28:48:21:d4:48:5b:3a:21:28:c1:
5c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B0:CC:DB:DA:FE:06:11:98:6F:77:2C:04:A3:20:51:E1:3A:7E:13
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DbDM29r-BhGYb3csBKMgUeE6fhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.49.0/24
82.153.65.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:12:c7:99:4e:20:2d:46:96:3c:73:95:6a:38:be:d6:68:a7:
75:d2:bd:6a:10:03:41:7e:ef:b9:35:d7:08:86:8a:cb:c6:23:
df:e0:34:f9:09:f9:10:5d:15:fd:52:d8:c0:0f:73:38:1b:ec:
f1:50:ce:5b:d6:ac:4f:87:da:5b:c7:e7:2c:a5:82:29:3c:84:
38:ed:79:22:1d:3e:fd:bb:94:98:79:e4:1c:d3:64:4c:87:41:
d7:22:8b:7a:24:c6:b9:47:a9:40:7a:7b:f8:1e:2c:00:98:a3:
15:bf:45:f4:a3:cf:56:1c:aa:de:c6:25:7c:76:2b:cc:41:d9:
7a:a9:68:f2:de:a3:c2:c9:12:7c:37:2d:0c:04:59:ed:64:1b:
37:16:fc:89:f0:bf:0c:66:10:36:af:85:fc:f8:bc:86:46:08:
f7:27:bc:82:3f:75:c8:13:93:cc:78:b6:55:7b:9b:fa:74:a7:
2f:6e:c1:93:05:d7:0d:f6:6d:5d:d2:5b:8c:07:26:ed:71:45:
55:45:3d:e5:58:d1:8c:fe:2c:50:78:a2:68:c5:dd:15:a1:6a:
3b:9f:ef:73:cb:bc:9d:fc:4a:c8:91:65:d8:48:42:e8:ee:09:
84:11:e8:60:8e:0f:e8:83:05:e9:7e:1c:89:18:3b:8d:8b:41:
67:50:86:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYujkHjQ7R/MfwzunyQWvmNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA2MDczNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGIwY2NkYmRhZmUwNjExOTg2Zjc3MmMwNGEzMjA1MWUxM2E3ZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp80zktww1tYZvVggBWgEafiweu5O
jE8jPaZ3NYV9gqVnzDsn+FCWljsX+sxxZuB9Df1Jc9+Vm5SqPzcB3B/ICmMJJCVx
sA26z6ur2DV4bUTHJoFrAuW2bSpTvtSSBWc1k7bEYwUm43PjhValMKgSAiADUTL2
WhKnJgPEU04rRCJDBzNuHLNccPs8bVuVEU/fX5lsGwMlKa3h8EG+bTANrQUJtJ/H
GF+rIkP5M0fqHNT1k4kzg71ulHeRQ3iMKvwbjx9JIP5ND3F/0bqqCb/0W+y1Yv4l
NB1tSH0vCJYtG+w6gTLN65yFqC4bEt6nN+D9qguKRyhIIdRIWzohKMFc0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA2wzNva/gYRmG93LASjIFHhOn4TMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRGJETTI5ci1CaEdZYjNjc0JLTWdVZUU2ZmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUQW9AwQA
UpgxAwQAUplBMA0GCSqGSIb3DQEBCwUAA4IBAQB6EseZTiAtRpY8c5VqOL7WaKd1
0r1qEANBfu+5NdcIhorLxiPf4DT5CfkQXRX9UtjAD3M4G+zxUM5b1qxPh9pbx+cs
pYIpPIQ47XkiHT79u5SYeeQc02RMh0HXIot6JMa5R6lAenv4HiwAmKMVv0X0o89W
HKrexiV8divMQdl6qWjy3qPCyRJ8Ny0MBFntZBs3FvyJ8L8MZhA2r4X8+LyGRgj3
J7yCP3XIE5PMeLZVe5v6dKcvbsGTBdcN9m1d0luMBybtcUVVRT3lWNGM/ixQeKJo
xd0VoWo7n+9zy7yd/ErIkWXYSELo7gmEEehgjg/ogwXpfhyJGDuNi0FnUIaH
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:11 2025 by rpki-client