Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-epiYkcKu61aDxBjite-r8Mifg.roa
File: E-epiYkcKu61aDxBjite-r8Mifg.roa (raw, json)
Hash identifier: uzSiM4vewDJnPTzZPyn70RN8Vp6AMr0JnkLmpnhbCec=
Subject key identifier: 13:E7:A9:89:89:1C:2A:EE:B5:68:3C:41:8E:2B:5E:FA:BF:0C:89:F8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AFEA3C3C6B5BEB15FC2A810364FB0D932
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-epiYkcKu61aDxBjite-r8Mifg.roa
Signing time: Thu 05 Oct 2023 07:00:59 +0000
ROA not before: Thu 05 Oct 2023 07:00:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49468
IP address blocks: 82.153.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:a3:c3:c6:b5:be:b1:5f:c2:a8:10:36:4f:b0:d9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 5 07:00:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13e7a989891c2aeeb5683c418e2b5efabf0c89f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8f:e9:29:6e:db:57:4a:c5:67:28:0c:59:59:
49:0d:64:36:9d:f7:3c:3b:e6:44:d8:ff:63:e7:fa:
22:c1:42:8d:d9:d9:95:7d:8e:f0:9c:0f:c5:d2:ee:
5e:13:d6:10:f2:16:28:57:29:c6:46:53:51:4f:fc:
1e:7c:51:35:dd:01:22:43:3d:26:89:d2:ce:21:eb:
86:a1:57:d5:d0:3f:f1:29:d9:dd:ca:45:c9:19:f3:
59:9a:a2:f6:2c:a0:87:fb:44:08:8d:c4:e2:d8:87:
76:45:03:90:40:c9:c8:86:93:3c:e2:0c:6b:63:7e:
21:25:88:8c:ce:d4:e8:4d:51:8d:2d:00:c1:66:c5:
61:41:e5:42:36:ce:32:df:60:a4:46:ed:06:75:9c:
33:8e:ac:92:0b:48:f4:f5:84:42:11:a6:3d:f2:06:
80:e5:be:33:a4:e5:c2:8c:8f:a5:c7:1b:32:47:a1:
8a:e0:86:64:0e:1b:7a:c3:7e:48:81:03:5a:27:e2:
33:7d:1a:0b:69:6b:42:b9:f2:43:c4:e0:7f:27:82:
63:26:38:8a:55:f2:0f:3e:79:76:0f:2d:5d:24:1e:
a4:ab:4e:a1:f9:d0:b3:7e:35:d2:ff:20:56:f5:90:
2f:9c:46:f0:c9:d6:62:ea:f6:0f:ea:90:07:58:ca:
b5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E7:A9:89:89:1C:2A:EE:B5:68:3C:41:8E:2B:5E:FA:BF:0C:89:F8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-epiYkcKu61aDxBjite-r8Mifg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.32.0/24
Signature Algorithm: sha256WithRSAEncryption
32:2a:1a:8f:fc:c2:64:a2:9e:ae:31:13:89:a3:fb:f7:5f:c1:
1a:ef:d9:5b:82:f2:e7:49:f4:1f:c6:cc:11:ad:d7:84:8e:e1:
32:5a:0b:f4:36:ee:23:9d:80:d4:e4:a0:cb:4f:49:8a:56:23:
45:5e:9d:f4:e8:54:65:d3:be:61:2a:4b:57:0e:d3:23:f2:be:
aa:34:9c:36:03:04:9f:57:8b:b7:b0:15:75:33:18:91:b6:26:
19:8c:2a:38:8b:b1:af:02:01:b0:35:5a:59:62:c5:81:2f:98:
90:1a:a3:19:3e:b1:c3:b3:12:65:e8:fd:72:b6:19:b6:f6:de:
70:db:ed:af:72:df:90:b7:97:68:3d:ef:bc:76:b6:b7:51:e7:
85:b4:b2:c7:2c:67:e4:b7:e3:89:fb:89:ee:9e:1b:62:00:e9:
16:c1:75:19:83:5f:08:6c:51:35:69:1a:9e:e6:6a:97:bc:91:
93:12:21:eb:f1:13:e6:36:1f:53:f3:93:5d:e8:a5:7e:29:ae:
f5:43:45:56:90:28:8c:c2:fa:10:b5:19:d8:32:9e:b7:63:78:
51:2a:67:e6:b6:38:a8:c8:c2:5b:f8:af:3d:37:b4:10:82:7a:
e0:33:46:ba:97:a2:19:c3:86:c8:c3:53:2a:af:79:9f:07:7a:
9a:e6:eb:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr+o8PGtb6xX8KoEDZPsNkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA1MDcwMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2U3YTk4OTg5MWMyYWVlYjU2ODNjNDE4ZTJiNWVmYWJmMGM4OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY/pKW7bV0rFZygMWVlJDWQ2nfc8
O+ZE2P9j5/oiwUKN2dmVfY7wnA/F0u5eE9YQ8hYoVynGRlNRT/wefFE13QEiQz0m
idLOIeuGoVfV0D/xKdndykXJGfNZmqL2LKCH+0QIjcTi2Id2RQOQQMnIhpM84gxr
Y34hJYiMztToTVGNLQDBZsVhQeVCNs4y32CkRu0GdZwzjqySC0j09YRCEaY98gaA
5b4zpOXCjI+lxxsyR6GK4IZkDht6w35IgQNaJ+IzfRoLaWtCufJDxOB/J4JjJjiK
VfIPPnl2Dy1dJB6kq06h+dCzfjXS/yBW9ZAvnEbwydZi6vYP6pAHWMq1/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPnqYmJHCrutWg8QY4rXvq/DIn4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRS1lcGlZa2NLdTYxYUR4QmppdGUtcjhNaWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkgMA0G
CSqGSIb3DQEBCwUAA4IBAQAyKhqP/MJkop6uMROJo/v3X8Ea79lbgvLnSfQfxswR
rdeEjuEyWgv0Nu4jnYDU5KDLT0mKViNFXp306FRl075hKktXDtMj8r6qNJw2AwSf
V4u3sBV1MxiRtiYZjCo4i7GvAgGwNVpZYsWBL5iQGqMZPrHDsxJl6P1ythm29t5w
2+2vct+Qt5doPe+8dra3UeeFtLLHLGfkt+OJ+4nunhtiAOkWwXUZg18IbFE1aRqe
5mqXvJGTEiHr8RPmNh9T85Nd6KV+Ka71Q0VWkCiMwvoQtRnYMp63Y3hRKmfmtjio
yMJb+K89N7QQgnrgM0a6l6IZw4bIw1Mqr3mfB3qa5us8
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:33 2025 by rpki-client