Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FpUAPDvKDhp_xh9Kz7Otl1f-Tvc.roa
File: FpUAPDvKDhp_xh9Kz7Otl1f-Tvc.roa (raw, json)
Hash identifier: EMJKFaa+pIzBau0paVeTFfZzJjRBMMvFA0YgM2Ay9Hw=
Subject key identifier: 16:95:00:3C:3B:CA:0E:1A:7F:C6:1F:4A:CF:B3:AD:97:57:FE:4E:F7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0188B9B764476B987C00161B69922AB57E6A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FpUAPDvKDhp_xh9Kz7Otl1f-Tvc.roa
Signing time: Wed 14 Jun 2023 11:43:03 +0000
ROA not before: Wed 14 Jun 2023 11:43:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
82.153.249.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:b7:64:47:6b:98:7c:00:16:1b:69:92:2a:b5:7e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 14 11:43:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1695003c3bca0e1a7fc61f4acfb3ad9757fe4ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:45:f6:41:ac:35:63:1c:85:ce:84:99:23:c8:
9d:5d:05:a5:77:2b:22:ff:bd:a4:f6:c8:f0:b3:c1:
48:68:cf:58:2d:ce:4f:70:d6:5b:64:4c:7b:7e:64:
76:a0:e9:a2:6d:54:62:17:59:c4:6b:0a:6b:e3:f0:
a4:6e:4d:b5:f8:96:50:9c:07:f8:85:89:19:b4:60:
9d:d9:10:ab:08:9c:34:be:3a:3f:72:f5:b8:12:53:
a3:b1:df:43:8e:e5:90:99:4d:89:56:99:7f:9b:d0:
b1:a4:f9:d3:a4:44:71:26:6c:50:f1:59:b2:3d:d7:
d9:7c:57:f1:93:27:68:fb:e7:39:20:9f:7e:71:19:
a9:f6:bd:e6:f4:34:f3:70:81:14:a7:ff:0d:b4:3f:
f4:c4:d8:df:88:47:09:4f:65:40:12:8a:f0:9e:f9:
5d:24:fa:94:f8:bc:b8:2e:cb:a6:2b:7c:4a:8a:3f:
a2:40:db:b0:d1:82:f7:77:d9:55:e0:83:3f:f0:93:
82:a1:a3:67:7a:76:0b:de:5a:86:d5:48:c3:85:d3:
de:50:cd:ec:26:12:76:61:aa:3d:41:4e:20:3c:37:
f9:86:8d:40:03:49:9b:c8:a5:8a:36:5c:c9:49:10:
55:de:0a:2a:14:36:6d:b1:f5:5d:b3:2c:59:c6:4a:
3e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:95:00:3C:3B:CA:0E:1A:7F:C6:1F:4A:CF:B3:AD:97:57:FE:4E:F7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FpUAPDvKDhp_xh9Kz7Otl1f-Tvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.153.73.0/24
82.153.136.0/22
82.153.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:8c:8b:3c:ef:b5:39:f0:59:d9:b3:f7:d4:39:a3:9f:8c:ea:
e8:b8:b2:08:2b:1d:ae:32:59:a5:bb:20:76:42:e6:c5:3f:1d:
ad:54:57:b4:d9:18:4c:a1:53:26:60:d2:05:17:df:34:67:67:
e9:1c:6c:36:dd:c9:91:7e:69:a9:e5:b2:d7:26:c3:77:73:41:
7a:78:ec:4c:1c:88:c3:25:6d:cf:a6:e3:bd:41:2a:6a:7a:06:
a5:34:fa:4d:20:2a:59:af:2f:bb:34:43:4d:a3:41:32:05:c0:
d3:d4:54:d9:a1:c0:c8:96:e4:e4:cd:48:21:cc:60:48:b6:3b:
ea:cc:12:44:a5:04:38:af:6d:ae:b9:5e:c9:cd:d0:d0:fa:d3:
6a:45:30:49:d4:1a:2e:0a:fe:a7:da:b6:57:73:2a:ed:4a:ac:
c8:63:32:29:13:20:0e:ff:85:e8:c0:10:19:0a:b6:6f:57:55:
80:61:2d:e3:9b:19:70:2f:da:b1:4f:5c:ff:52:b1:0d:b6:2b:
94:4c:b2:de:5f:81:46:ae:7d:a5:6d:e7:28:65:03:08:5b:2f:
19:bc:32:c8:c5:d7:78:d6:58:60:32:d8:91:e2:cc:57:6e:43:
f1:d0:0b:ba:7a:5f:9f:fb:be:de:0c:ba:f2:37:7e:72:56:fd:
ba:30:37:32
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYi5t2RHa5h8ABYbaZIqtX5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjE0MTE0MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjk1MDAzYzNiY2EwZTFhN2ZjNjFmNGFjZmIzYWQ5NzU3ZmU0ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EX2Qaw1YxyFzoSZI8idXQWldysi
/72k9sjws8FIaM9YLc5PcNZbZEx7fmR2oOmibVRiF1nEawpr4/Ckbk21+JZQnAf4
hYkZtGCd2RCrCJw0vjo/cvW4ElOjsd9DjuWQmU2JVpl/m9CxpPnTpERxJmxQ8Vmy
PdfZfFfxkydo++c5IJ9+cRmp9r3m9DTzcIEUp/8NtD/0xNjfiEcJT2VAEorwnvld
JPqU+Ly4LsumK3xKij+iQNuw0YL3d9lV4IM/8JOCoaNnenYL3lqG1UjDhdPeUM3s
JhJ2Yao9QU4gPDf5ho1AA0mbyKWKNlzJSRBV3goqFDZtsfVdsyxZxko+6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBaVADw7yg4af8YfSs+zrZdX/k73MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRnBVQVBEdktEaHBfeGg5S3o3T3RsMWYtVHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUah3AwQA
Uah7AwQAUplJAwQCUpmIAwQAUpn5MA0GCSqGSIb3DQEBCwUAA4IBAQAsjIs877U5
8FnZs/fUOaOfjOrouLIIKx2uMlmluyB2QubFPx2tVFe02RhMoVMmYNIFF980Z2fp
HGw23cmRfmmp5bLXJsN3c0F6eOxMHIjDJW3PpuO9QSpqegalNPpNICpZry+7NENN
o0EyBcDT1FTZocDIluTkzUghzGBItjvqzBJEpQQ4r22uuV7JzdDQ+tNqRTBJ1Bou
Cv6n2rZXcyrtSqzIYzIpEyAO/4XowBAZCrZvV1WAYS3jmxlwL9qxT1z/UrENtiuU
TLLeX4FGrn2lbecoZQMIWy8ZvDLIxdd41lhgMtiR4sxXbkPx0Au6el+f+77eDLry
N35yVv26MDcy
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:21 2025 by rpki-client