Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HGlUdfuLkxbKIjedv467sqrmTKI.roa
File: HGlUdfuLkxbKIjedv467sqrmTKI.roa (raw, json)
Hash identifier: qskfnXpPjQIo1+05JedmdGLAvTIbn0/+zGzfzt8w1iw=
Subject key identifier: 1C:69:54:75:FB:8B:93:16:CA:22:37:9D:BF:8E:BB:B2:AA:E6:4C:A2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01879F265351525C71EBF61537FE7644903C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HGlUdfuLkxbKIjedv467sqrmTKI.roa
Signing time: Thu 20 Apr 2023 14:51:41 +0000
ROA not before: Thu 20 Apr 2023 14:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 82.153.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9f:26:53:51:52:5c:71:eb:f6:15:37:fe:76:44:90:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 20 14:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c695475fb8b9316ca22379dbf8ebbb2aae64ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:e2:71:35:21:2a:f9:d4:f2:48:14:3e:b3:
1d:ad:b6:d8:df:20:a3:a7:21:7f:b3:fa:d1:2b:ab:
9f:a3:91:16:a0:75:9c:1a:48:34:9d:0e:42:23:49:
d8:80:bb:61:ec:58:e1:6d:67:9e:ec:10:d2:fd:c9:
48:f8:26:75:44:94:e7:fb:3f:b5:23:84:1e:25:ad:
4d:db:6b:cc:18:68:b0:b1:bc:07:6d:d2:ad:6d:aa:
0b:28:ca:f8:50:41:6c:39:ac:70:3d:27:15:5a:bf:
5f:86:a8:af:41:f5:67:a0:d7:33:da:d7:39:84:3c:
bf:cf:84:b6:7a:89:15:86:90:c4:fd:7c:a7:e8:8d:
c7:dd:3a:b0:91:d9:28:8e:ef:ab:64:90:6f:0e:29:
93:1f:9f:28:09:f1:a2:9f:55:9a:e0:9e:87:a8:88:
0f:51:61:cc:86:65:08:89:5c:9d:91:a0:5c:ee:38:
3b:69:58:28:d4:1e:1d:72:95:62:b2:2c:9f:fe:f7:
18:dd:67:d9:18:c4:69:bf:8e:e3:2c:4a:97:e7:89:
8a:83:74:d7:6f:a1:64:fa:e3:71:6a:d4:ae:b7:03:
b9:00:bc:df:be:d9:38:b0:dc:8f:0c:32:84:76:6c:
01:da:90:61:04:ac:ce:f9:73:df:71:aa:9a:f7:30:
9f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:69:54:75:FB:8B:93:16:CA:22:37:9D:BF:8E:BB:B2:AA:E6:4C:A2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HGlUdfuLkxbKIjedv467sqrmTKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.64.0/24
Signature Algorithm: sha256WithRSAEncryption
13:02:77:a3:ac:72:d6:e8:18:22:04:55:e8:e9:d3:fa:77:d3:
ba:0b:77:31:cd:16:22:c0:2e:26:ab:07:aa:2c:2b:7f:7b:09:
d1:9e:d9:fb:e7:a5:a6:68:7d:65:c6:c4:3b:3a:95:20:5f:ea:
a9:1f:9c:ab:6d:63:e4:d7:37:f9:59:ee:4e:db:e3:21:2b:78:
ce:9a:0a:65:67:b8:1e:14:1e:d7:c9:21:02:0c:24:cc:7e:d6:
ca:5f:c0:d5:5d:17:56:47:3b:46:0c:94:d0:5c:d9:33:83:b6:
08:85:ad:7a:64:c5:0d:06:5d:11:17:ca:ad:af:d9:a0:a2:be:
5e:43:43:c1:46:aa:d0:3f:ff:8c:54:35:24:81:bb:3c:80:ac:
80:07:2c:a1:d6:11:4a:26:47:0b:68:31:99:bc:8f:e6:4d:9d:
53:28:09:00:b0:6d:02:61:1f:de:59:cd:14:d8:94:4c:5c:6f:
e3:7c:8b:c9:69:fe:b3:e8:25:6e:07:44:b1:3a:ed:a5:d9:06:
9c:d2:31:f8:b0:13:0c:83:23:27:fa:d8:ad:97:63:70:c2:b6:
f4:36:95:0a:82:13:54:89:52:25:8d:91:50:f4:71:37:3f:03:
3d:f3:56:43:7c:bc:4b:59:72:b7:49:d4:ba:ef:1f:aa:c5:f7:
09:87:b3:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYefJlNRUlxx6/YVN/52RJA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDIwMTQ1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY5NTQ3NWZiOGI5MzE2Y2EyMjM3OWRiZjhlYmJiMmFhZTY0Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/LicTUhKvnU8kgUPrMdrbbY3yCj
pyF/s/rRK6ufo5EWoHWcGkg0nQ5CI0nYgLth7FjhbWee7BDS/clI+CZ1RJTn+z+1
I4QeJa1N22vMGGiwsbwHbdKtbaoLKMr4UEFsOaxwPScVWr9fhqivQfVnoNcz2tc5
hDy/z4S2eokVhpDE/Xyn6I3H3Tqwkdkoju+rZJBvDimTH58oCfGin1Wa4J6HqIgP
UWHMhmUIiVydkaBc7jg7aVgo1B4dcpVisiyf/vcY3WfZGMRpv47jLEqX54mKg3TX
b6Fk+uNxatSutwO5ALzfvtk4sNyPDDKEdmwB2pBhBKzO+XPfcaqa9zCfjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxpVHX7i5MWyiI3nb+Ou7Kq5kyiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSEdsVWRmdUxreGJLSWplZHY0NjdzcXJtVEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplAMA0G
CSqGSIb3DQEBCwUAA4IBAQATAnejrHLW6BgiBFXo6dP6d9O6C3cxzRYiwC4mqweq
LCt/ewnRntn756WmaH1lxsQ7OpUgX+qpH5yrbWPk1zf5We5O2+MhK3jOmgplZ7ge
FB7XySECDCTMftbKX8DVXRdWRztGDJTQXNkzg7YIha16ZMUNBl0RF8qtr9mgor5e
Q0PBRqrQP/+MVDUkgbs8gKyAByyh1hFKJkcLaDGZvI/mTZ1TKAkAsG0CYR/eWc0U
2JRMXG/jfIvJaf6z6CVuB0SxOu2l2Qac0jH4sBMMgyMn+titl2Nwwrb0NpUKghNU
iVIljZFQ9HE3PwM981ZDfLxLWXK3SdS67x+qxfcJh7O5
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:27:20 2025 by rpki-client