Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GeTIhGQ40tu4hMFjNG6kzBOJ_tI.roa
File: GeTIhGQ40tu4hMFjNG6kzBOJ_tI.roa (raw, json)
Hash identifier: uNCxyl/C17q3DqUSFPIhtdfHQxN08G8K+oFgaC1Nji4=
Subject key identifier: 19:E4:C8:84:64:38:D2:DB:B8:84:C1:63:34:6E:A4:CC:13:89:FE:D2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189B5AADEFC811DB43BB161EB5AA7FAEC00
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GeTIhGQ40tu4hMFjNG6kzBOJ_tI.roa
Signing time: Wed 02 Aug 2023 09:53:41 +0000
ROA not before: Wed 02 Aug 2023 09:53:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.152.111.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.186.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.187.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.213.0/24 maxlen: 24
109.176.210.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
109.176.241.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:aa:de:fc:81:1d:b4:3b:b1:61:eb:5a:a7:fa:ec:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 2 09:53:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19e4c8846438d2dbb884c163346ea4cc1389fed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f4:2e:09:6d:c1:7d:86:08:73:52:7f:21:6b:
7e:e5:0c:bd:01:42:68:48:85:03:6c:73:64:b5:2b:
2b:2a:f6:92:dd:2e:34:df:a2:9f:6d:89:e6:c7:77:
23:6a:99:d7:cc:dc:71:cf:9a:3d:51:75:56:16:54:
7f:c2:61:c2:1d:a5:d2:56:0c:ba:bd:09:5e:76:ed:
c8:cf:a0:b3:1e:3c:9f:d6:08:fb:06:b3:b2:c3:20:
80:f0:37:96:61:d5:df:51:76:cc:d4:2c:ba:01:69:
6d:98:af:a5:93:7f:01:de:d9:c1:8e:17:ca:f7:c3:
0c:b7:ec:6e:fc:16:4f:e0:9d:35:14:cb:2c:b8:52:
12:67:08:a9:5d:bc:0a:f6:c3:9c:75:84:5a:4c:4d:
04:6e:4a:1f:ff:2f:21:05:f6:b3:3a:39:f8:f3:79:
3b:09:ef:50:1e:ba:9e:83:01:43:0b:14:b7:a5:d2:
a9:6d:a6:66:66:a0:2b:60:06:86:85:c0:22:fa:2f:
69:a5:2d:cc:1a:e2:32:c1:17:d5:9a:15:d0:6a:a1:
64:a2:fe:81:61:8c:98:3d:74:6b:a6:ca:74:59:b5:
c4:56:d2:73:1d:f8:f1:f5:89:85:8a:89:75:2d:3f:
97:eb:b5:87:69:ad:ec:30:15:e8:33:ca:35:c4:40:
40:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E4:C8:84:64:38:D2:DB:B8:84:C1:63:34:6E:A4:CC:13:89:FE:D2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GeTIhGQ40tu4hMFjNG6kzBOJ_tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.65.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.223.0/24
82.153.240.0/24
82.153.249.0/24
89.213.6.0/24
89.213.132.0/24
89.213.136.0/24
89.213.139.0-89.213.140.255
89.213.152.0/24
89.213.168.0/24
89.213.173.0/24
89.213.176.0/24
89.213.180.0/24
89.213.182.0/24
89.213.184.0/22
109.176.210.0/23
109.176.213.0/24
109.176.240.0-109.176.242.255
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
63:09:2b:3b:55:fa:3e:84:4a:4b:60:e0:46:20:6c:f7:f7:e3:
87:ca:88:0c:8e:04:98:6f:54:c4:3d:28:f0:ab:58:3e:16:49:
4a:07:89:f1:51:fe:58:d1:99:c9:29:75:29:33:12:65:9c:2e:
fa:6e:31:de:35:21:59:ff:06:c9:ce:60:52:90:0e:94:ca:8c:
be:30:05:7b:df:cf:4c:12:fe:c2:d6:11:9c:16:e9:19:75:7b:
ff:b7:4e:77:e0:82:53:11:2a:31:ec:fe:4c:b3:d7:47:2d:95:
53:28:84:32:94:02:97:b8:69:03:cd:6d:d0:8d:6a:aa:b8:d3:
a2:47:66:1d:bd:02:ed:fe:56:7b:55:52:7c:f3:b8:cf:db:40:
3e:22:ca:14:40:ad:bb:83:9b:03:fc:27:33:77:7e:c3:a7:e1:
72:12:8b:b8:42:5e:ab:4e:6d:c1:23:d7:f4:9f:fb:a6:d0:92:
0b:64:d5:a8:4d:7f:7a:04:66:4d:bf:1b:37:5e:a9:61:6b:50:
2e:6d:d4:f0:82:ed:00:a5:2e:36:b3:55:cc:86:6e:53:9c:e2:
67:8d:e8:8f:d4:3d:de:76:f2:65:96:72:a0:e5:8f:71:d0:3a:
05:2e:2b:dc:64:cc:44:2a:54:6e:2b:60:b1:13:64:1b:9c:9a:
14:9b:df:7e
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYm1qt78gR20O7Fh61qn+uwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAyMDk1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWU0Yzg4NDY0MzhkMmRiYjg4NGMxNjMzNDZlYTRjYzEzODlmZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvQuCW3BfYYIc1J/IWt+5Qy9AUJo
SIUDbHNktSsrKvaS3S4036KfbYnmx3cjapnXzNxxz5o9UXVWFlR/wmHCHaXSVgy6
vQledu3Iz6CzHjyf1gj7BrOywyCA8DeWYdXfUXbM1Cy6AWltmK+lk38B3tnBjhfK
98MMt+xu/BZP4J01FMssuFISZwipXbwK9sOcdYRaTE0Ebkof/y8hBfazOjn483k7
Ce9QHrqegwFDCxS3pdKpbaZmZqArYAaGhcAi+i9ppS3MGuIywRfVmhXQaqFkov6B
YYyYPXRrpsp0WbXEVtJzHfjx9YmFiol1LT+X67WHaa3sMBXoM8o1xEBA7wIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFBnkyIRkONLbuITBYzRupMwTif7SMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR2VUSWhHUTQwdHU0aE1Gak5HNmt6Qk9KX3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBABR
BZwDBABRqCkDBABRqHQDBABRqHcDBABRqHsDBABSmG8DBAFSmPwDBABSmP8DBABS
mQEDBABSmUEDBABSmUkDBABSmU4wDAMEA1KZiAMEAFKZjAMEAFKZ3wMEAFKZ8AME
AFKZ+QMEAFnVBgMEAFnVhAMEAFnViDAMAwQAWdWLAwQAWdWMAwQAWdWYAwQAWdWo
AwQAWdWtAwQAWdWwAwQAWdW0AwQAWdW2AwQCWdW4AwQBbbDSAwQAbbDVMAwDBARt
sPADBABtsPIDBADVmCowDQYJKoZIhvcNAQELBQADggEBAGMJKztV+j6ESktg4EYg
bPf344fKiAyOBJhvVMQ9KPCrWD4WSUoHifFR/ljRmckpdSkzEmWcLvpuMd41IVn/
BsnOYFKQDpTKjL4wBXvfz0wS/sLWEZwW6Rl1e/+3TnfgglMRKjHs/kyz10ctlVMo
hDKUApe4aQPNbdCNaqq406JHZh29Au3+VntVUnzzuM/bQD4iyhRArbuDmwP8JzN3
fsOn4XISi7hCXqtObcEj1/Sf+6bQkgtk1ahNf3oEZk2/GzdeqWFrUC5t1PCC7QCl
LjazVcyGblOc4meN6I/UPd528mWWcqDlj3HQOgUuK9xkzEQqVG4rYLETZBucmhSb
334=
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:11:17 2025 by rpki-client