Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EICRg5j5iRxzFjh_NCTMRh4ngys.roa
File: EICRg5j5iRxzFjh_NCTMRh4ngys.roa (raw, json)
Hash identifier: z/AUjtA3OOWytQiSBB9PFUYaND2CsJ09gizS6mpltd0=
Subject key identifier: 10:80:91:83:98:F9:89:1C:73:16:38:7F:34:24:CC:46:1E:27:83:2B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018877B8608F6B8CE2BB51D527AE45374552
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EICRg5j5iRxzFjh_NCTMRh4ngys.roa
Signing time: Thu 01 Jun 2023 16:09:11 +0000
ROA not before: Thu 01 Jun 2023 16:09:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 82.152.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:b8:60:8f:6b:8c:e2:bb:51:d5:27:ae:45:37:45:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 1 16:09:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1080918398f9891c7316387f3424cc461e27832b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a3:54:f0:d6:95:b2:94:d8:38:99:65:15:83:
a9:91:69:22:6f:39:6a:44:ab:d9:89:01:57:2d:87:
1d:01:aa:56:34:47:a4:fc:17:25:c3:f2:6a:be:95:
3d:53:f2:8f:9c:4d:e5:52:27:eb:23:ff:63:7b:9c:
68:79:67:5d:30:b4:1c:ad:30:d0:0a:09:78:66:65:
0b:25:2e:24:f2:5f:6e:71:77:47:e6:02:63:77:6b:
f7:98:21:05:11:c6:34:31:cc:76:29:a8:47:af:27:
90:a3:58:d2:1f:2c:96:f9:2b:67:44:11:46:67:dc:
f7:d8:10:4c:a1:3e:3d:3a:6d:98:5c:65:2c:2d:47:
da:23:4e:dd:80:ec:30:3b:b8:02:54:4d:c8:d0:19:
0e:df:36:85:f8:29:58:45:c9:0b:32:a7:e6:c3:5f:
97:2e:78:1b:20:e2:23:ef:75:a2:6e:7e:8f:10:67:
0c:71:f2:1f:75:6d:7a:0d:46:c6:1e:02:a1:29:81:
a3:5f:65:91:f2:7f:d7:26:f4:40:02:e9:9e:19:44:
22:36:5e:b5:c6:5b:47:c5:13:6e:63:37:07:94:e1:
be:6d:c6:ef:a6:49:41:74:42:5e:9f:b7:68:2c:18:
0a:3b:f1:36:aa:c9:69:2e:5f:82:7f:20:32:a7:3e:
d0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:80:91:83:98:F9:89:1C:73:16:38:7F:34:24:CC:46:1E:27:83:2B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EICRg5j5iRxzFjh_NCTMRh4ngys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.111.0/24
Signature Algorithm: sha256WithRSAEncryption
33:86:31:cc:7f:69:a6:ab:7a:79:b0:9f:35:b6:2b:f0:80:90:
bb:ee:f0:7d:32:8c:65:ff:a9:08:e8:f1:15:a6:24:a8:01:fe:
2e:e7:1b:c8:44:a3:e2:a5:c4:8d:c9:97:9f:2d:e9:56:66:42:
73:39:1a:77:49:c3:5e:99:70:f6:4c:13:c3:19:1d:af:ca:d7:
44:29:3e:1a:85:70:cf:a9:b8:9e:fc:9a:e9:76:cd:21:d2:fa:
8d:03:e3:69:ff:a6:38:3d:bb:b3:f8:d9:00:ee:ff:46:48:af:
43:ef:05:d2:e4:fb:f6:6d:62:33:c1:74:bb:20:c5:9c:02:8b:
08:ce:96:0f:a0:5b:26:51:88:2d:23:02:f3:0f:d5:6f:56:58:
9b:85:11:cd:d1:c2:28:65:a3:3f:50:a9:02:96:f9:cb:df:61:
fa:7b:c4:d3:39:dd:4b:84:ae:65:ed:70:39:19:68:ae:a3:84:
31:6a:15:e2:3c:6b:9e:37:7d:12:2a:bc:49:09:02:fb:c5:c5:
2b:8b:2e:db:14:d2:2b:73:10:14:db:d3:f2:0b:3d:64:cc:d9:
f0:3d:89:62:f7:bf:66:f8:19:e4:f1:2a:a2:3a:58:a1:9b:d5:
45:62:b0:87:de:f0:b2:ee:ca:3c:87:03:88:63:f2:61:b8:36:
1c:cc:93:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh3uGCPa4ziu1HVJ65FN0VSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjAxMTYwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDgwOTE4Mzk4Zjk4OTFjNzMxNjM4N2YzNDI0Y2M0NjFlMjc4MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKNU8NaVspTYOJllFYOpkWkibzlq
RKvZiQFXLYcdAapWNEek/Bclw/JqvpU9U/KPnE3lUifrI/9je5xoeWddMLQcrTDQ
Cgl4ZmULJS4k8l9ucXdH5gJjd2v3mCEFEcY0Mcx2KahHryeQo1jSHyyW+StnRBFG
Z9z32BBMoT49Om2YXGUsLUfaI07dgOwwO7gCVE3I0BkO3zaF+ClYRckLMqfmw1+X
LngbIOIj73Wibn6PEGcMcfIfdW16DUbGHgKhKYGjX2WR8n/XJvRAAumeGUQiNl61
xltHxRNuYzcHlOG+bcbvpklBdEJen7doLBgKO/E2qslpLl+CfyAypz7Q0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCAkYOY+YkccxY4fzQkzEYeJ4MrMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRUlDUmc1ajVpUnh6RmpoX05DVE1SaDRuZ3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUphvMA0G
CSqGSIb3DQEBCwUAA4IBAQAzhjHMf2mmq3p5sJ81tivwgJC77vB9Moxl/6kI6PEV
piSoAf4u5xvIRKPipcSNyZefLelWZkJzORp3ScNemXD2TBPDGR2vytdEKT4ahXDP
qbie/Jrpds0h0vqNA+Np/6Y4Pbuz+NkA7v9GSK9D7wXS5Pv2bWIzwXS7IMWcAosI
zpYPoFsmUYgtIwLzD9VvVlibhRHN0cIoZaM/UKkClvnL32H6e8TTOd1LhK5l7XA5
GWiuo4QxahXiPGueN30SKrxJCQL7xcUriy7bFNIrcxAU29PyCz1kzNnwPYli979m
+Bnk8SqiOlihm9VFYrCH3vCy7so8hwOIY/JhuDYczJNm
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:01 2025 by rpki-client