Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gabd0f56zJKLb1z09owS78yDq2E.roa
File: Gabd0f56zJKLb1z09owS78yDq2E.roa (raw, json)
Hash identifier: jh2F/aztFdzUmxJuCd7tOo8nSMKcucUrWFOpRfJYbNE=
Subject key identifier: 19:A6:DD:D1:FE:7A:CC:92:8B:6F:5C:F4:F6:8C:12:EF:CC:83:AB:61
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0187FF9F195A04506157445152CA1D3741D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gabd0f56zJKLb1z09owS78yDq2E.roa
Signing time: Tue 09 May 2023 08:27:09 +0000
ROA not before: Tue 09 May 2023 08:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.68.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.70.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.153.208.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.153.209.0/24 maxlen: 24
82.153.210.0/24 maxlen: 24
82.153.211.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.4.0/24 maxlen: 24
82.153.10.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:9f:19:5a:04:50:61:57:44:51:52:ca:1d:37:41:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 9 08:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19a6ddd1fe7acc928b6f5cf4f68c12efcc83ab61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5c:c2:de:9d:7a:ad:66:d3:63:bf:09:48:b2:
3f:4c:36:0e:06:fb:4d:fb:cb:96:2b:fa:ff:5c:91:
cc:c0:84:c2:60:59:26:0c:3e:7b:4c:75:2d:25:a3:
d4:30:e8:a6:90:3f:34:4a:f6:24:23:8b:02:34:7c:
68:2b:9c:23:26:bf:a9:7f:b7:57:6a:14:14:12:fe:
5a:36:65:50:b7:b8:00:f7:a8:69:42:2a:ff:f6:7b:
64:ad:ff:4c:b5:e7:1b:67:e8:79:c9:ae:17:e1:58:
1a:73:7c:9a:8c:80:01:42:c8:41:28:34:f8:c8:d4:
d6:46:a1:99:9a:f2:02:c5:0d:8e:21:41:62:d7:43:
bb:9c:e8:59:1b:c4:f4:f0:91:73:8f:47:91:c8:f4:
b4:b5:20:01:b9:4b:c0:1e:bb:05:a5:df:a3:11:08:
17:2b:f0:15:49:55:f5:ee:88:fd:8e:5b:e7:5d:b5:
08:39:2f:4d:79:27:a0:75:3e:b9:e5:a9:05:4f:d0:
5e:7f:c4:0b:b7:0f:e3:b3:b3:b0:c2:ef:48:34:43:
de:1d:a8:d8:2c:e5:54:f5:09:5c:e7:91:f9:a1:a1:
6b:a4:20:cf:c0:f0:93:68:cb:08:23:d2:4d:71:27:
15:c6:5a:c8:64:15:01:1f:3d:f5:10:e9:36:f5:fd:
ea:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A6:DD:D1:FE:7A:CC:92:8B:6F:5C:F4:F6:8C:12:EF:CC:83:AB:61
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gabd0f56zJKLb1z09owS78yDq2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.35.0/24
81.168.119.0/24
81.168.123.0/24
82.152.174.0/23
82.152.249.0/24
82.152.251.0/24
82.152.253.0-82.152.255.255
82.153.4.0/24
82.153.10.0/24
82.153.65.0/24
82.153.68.0/24
82.153.70.0/23
82.153.208.0/22
82.153.222.0/24
82.153.246.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
08:f2:d7:1b:b4:74:85:f2:ed:b9:81:2d:50:44:39:3a:08:07:
b7:92:92:5b:eb:2b:4a:a2:0f:46:75:b8:4e:c1:ab:01:d9:09:
fc:4b:27:cd:17:d4:06:21:bf:4e:54:b8:ad:e9:01:31:d8:85:
28:42:b0:7e:1a:a7:fb:2f:3e:f8:05:b8:14:a8:55:1f:6d:59:
25:64:8c:38:c9:18:e4:b7:f8:b2:98:5e:7b:4f:4d:c0:1d:58:
11:c1:6d:25:9e:de:ad:ae:b6:40:31:75:14:b5:40:ae:c3:34:
c4:ca:4e:8f:d1:35:72:33:b1:3b:81:24:90:3a:5c:8b:b8:85:
b8:37:09:b9:10:3e:13:2e:66:63:a0:6c:07:9c:1f:6c:81:84:
0b:30:3f:8e:e5:3e:5b:d5:8b:44:ee:f3:f0:d5:18:cc:21:4f:
1f:15:52:5f:bc:8b:0f:19:e6:3f:02:9d:e7:c8:04:38:ec:96:
ea:ab:d7:1d:1d:c1:0b:0f:61:7a:34:5c:78:75:45:56:f2:7e:
86:e2:ae:d8:54:f8:5a:90:73:09:f6:7e:67:9f:a7:36:b2:fa:
51:a5:20:05:9f:1b:63:86:2d:11:3f:1d:79:5d:d3:ef:ea:cc:
71:32:8a:62:0d:3a:fe:c6:77:e0:7b:2d:e9:82:bf:93:ec:ec:
94:27:c4:d8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYf/nxlaBFBhV0RRUsodN0HRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTA5MDgyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE2ZGRkMWZlN2FjYzkyOGI2ZjVjZjRmNjhjMTJlZmNjODNhYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFzC3p16rWbTY78JSLI/TDYOBvtN
+8uWK/r/XJHMwITCYFkmDD57THUtJaPUMOimkD80SvYkI4sCNHxoK5wjJr+pf7dX
ahQUEv5aNmVQt7gA96hpQir/9ntkrf9MtecbZ+h5ya4X4Vgac3yajIABQshBKDT4
yNTWRqGZmvICxQ2OIUFi10O7nOhZG8T08JFzj0eRyPS0tSABuUvAHrsFpd+jEQgX
K/AVSVX17oj9jlvnXbUIOS9NeSegdT655akFT9Bef8QLtw/js7Owwu9INEPeHajY
LOVU9Qlc55H5oaFrpCDPwPCTaMsII9JNcScVxlrIZBUBHz31EOk29f3q+QIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFBmm3dH+esySi29c9PaMEu/Mg6thMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR2FiZDBmNTZ6SktMYjF6MDlvd1M3OHlEcTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZwMEAFGoIwME
AFGodwMEAFGoewMEAVKYrgMEAFKY+QMEAFKY+zALAwQAUpj9AwMAUpgDBABSmQQD
BABSmQoDBABSmUEDBABSmUQDBAFSmUYDBAJSmdADBABSmd4DBABSmfYDBAFSmfgw
DQYJKoZIhvcNAQELBQADggEBAAjy1xu0dIXy7bmBLVBEOToIB7eSklvrK0qiD0Z1
uE7BqwHZCfxLJ80X1AYhv05UuK3pATHYhShCsH4ap/svPvgFuBSoVR9tWSVkjDjJ
GOS3+LKYXntPTcAdWBHBbSWe3q2utkAxdRS1QK7DNMTKTo/RNXIzsTuBJJA6XIu4
hbg3CbkQPhMuZmOgbAecH2yBhAswP47lPlvVi0Tu8/DVGMwhTx8VUl+8iw8Z5j8C
nefIBDjsluqr1x0dwQsPYXo0XHh1RVbyfobirthU+FqQcwn2fmefpzay+lGlIAWf
G2OGLRE/HXld0+/qzHEyimINOv7Gd+B7LemCv5Ps7JQnxNg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:43 2025 by rpki-client