Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I_h__mWrZ5cQIK9fhtmOVRV02TQ.roa
File: I_h__mWrZ5cQIK9fhtmOVRV02TQ.roa (raw, json)
Hash identifier: DCLiXt2zIEp+et3A6zeE7RWTTVwpFOCtoMCgW91zRek=
Subject key identifier: 23:F8:7F:FE:65:AB:67:97:10:20:AF:5F:86:D9:8E:55:15:74:D9:34
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018571FA271F6DDD12E23A1E59BE1D2C6EAB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I_h__mWrZ5cQIK9fhtmOVRV02TQ.roa
Signing time: Mon 02 Jan 2023 10:14:57 +0000
ROA not before: Mon 02 Jan 2023 10:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 82.153.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:27:1f:6d:dd:12:e2:3a:1e:59:be:1d:2c:6e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 10:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23f87ffe65ab67971020af5f86d98e551574d934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7a:58:af:fd:71:26:6f:8d:82:fa:1a:a7:b9:
77:68:62:67:74:0e:bf:19:18:7b:77:d5:bb:c0:89:
70:40:87:7b:88:15:61:cc:57:02:fe:8f:f8:01:ed:
de:ef:6b:81:1e:99:22:c5:c4:31:d0:f8:b9:f8:a0:
94:a2:3b:34:58:dd:6c:04:d8:b3:e7:cb:a1:05:c8:
63:91:2a:f0:cb:04:c9:9c:a1:8d:00:c1:1b:10:3c:
1b:72:9a:93:07:73:24:a6:e1:ee:f5:c4:08:63:87:
95:e3:67:bd:ed:17:97:23:25:d2:f9:72:dc:29:04:
2f:f4:4b:44:90:5a:a9:2d:71:08:6c:fe:10:34:03:
4d:bf:c6:66:55:b8:83:89:5c:d7:f1:98:8a:63:77:
1d:84:98:bd:a6:1a:87:98:5c:96:2d:d8:b8:d5:e2:
2f:b8:05:73:f9:02:b5:bf:34:07:b4:18:68:5a:f8:
53:17:7c:67:75:05:a8:9f:25:af:44:f4:9e:12:20:
e1:82:50:7c:9b:57:3e:da:22:6e:68:00:6c:da:74:
d0:dd:3d:59:1d:7b:af:89:bf:63:04:1b:3c:b4:1a:
d0:49:a5:d9:0d:9c:e6:e5:d5:ce:b2:e0:27:08:e8:
a6:d2:6e:a4:a0:e8:b8:60:ae:01:c8:0d:ef:d2:bc:
95:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F8:7F:FE:65:AB:67:97:10:20:AF:5F:86:D9:8E:55:15:74:D9:34
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/I_h__mWrZ5cQIK9fhtmOVRV02TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.246.0/24
Signature Algorithm: sha256WithRSAEncryption
26:65:0b:f1:5f:c5:4a:32:12:52:de:07:4e:c0:5c:bd:23:2a:
3c:1e:3a:c9:e1:ea:4e:4e:f0:7a:b6:fd:21:49:15:1a:14:ad:
d0:ec:5d:43:ab:83:f0:49:26:3d:8c:12:76:6f:05:73:d4:82:
67:59:df:8a:ad:bf:01:56:36:f5:75:5b:7b:75:06:55:bb:f8:
0a:f4:75:8d:36:c3:ef:a2:66:ef:98:2d:19:1a:d0:e5:6b:3f:
20:b5:5d:6e:30:6d:b9:e7:1b:e9:12:a7:ef:b1:ef:d2:5a:47:
05:c2:c9:fd:8f:87:67:83:17:7c:b8:47:99:4d:b9:94:53:cf:
a8:f7:7c:de:93:82:67:bd:1c:24:81:7d:f5:26:69:06:26:32:
65:13:fe:b1:dd:1a:03:1a:bb:22:7b:09:2c:7b:ea:0a:fa:d5:
cb:17:33:df:58:4d:77:e1:9c:e9:f7:d7:91:03:4a:24:a4:da:
bf:a1:b1:40:60:00:87:68:07:6d:50:c8:0f:fd:ed:ed:b8:1a:
ce:18:93:9a:48:51:b0:a4:80:00:da:86:a8:4c:0e:51:1e:f1:
0b:b5:8d:5a:4c:4b:d0:24:83:51:8b:0b:62:fc:b5:89:2c:35:
03:fc:90:e5:f4:2b:f9:9b:b7:f2:29:4a:ce:47:9c:79:0f:3f:
21:85:8e:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+icfbd0S4joeWb4dLG6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y4N2ZmZTY1YWI2Nzk3MTAyMGFmNWY4NmQ5OGU1NTE1NzRkOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3pYr/1xJm+Ngvoap7l3aGJndA6/
GRh7d9W7wIlwQId7iBVhzFcC/o/4Ae3e72uBHpkixcQx0Pi5+KCUojs0WN1sBNiz
58uhBchjkSrwywTJnKGNAMEbEDwbcpqTB3MkpuHu9cQIY4eV42e97ReXIyXS+XLc
KQQv9EtEkFqpLXEIbP4QNANNv8ZmVbiDiVzX8ZiKY3cdhJi9phqHmFyWLdi41eIv
uAVz+QK1vzQHtBhoWvhTF3xndQWonyWvRPSeEiDhglB8m1c+2iJuaABs2nTQ3T1Z
HXuvib9jBBs8tBrQSaXZDZzm5dXOsuAnCOim0m6koOi4YK4ByA3v0ryV+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCP4f/5lq2eXECCvX4bZjlUVdNk0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSV9oX19tV3JaNWNRSUs5Zmh0bU9WUlYwMlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn2MA0G
CSqGSIb3DQEBCwUAA4IBAQAmZQvxX8VKMhJS3gdOwFy9Iyo8HjrJ4epOTvB6tv0h
SRUaFK3Q7F1Dq4PwSSY9jBJ2bwVz1IJnWd+Krb8BVjb1dVt7dQZVu/gK9HWNNsPv
ombvmC0ZGtDlaz8gtV1uMG255xvpEqfvse/SWkcFwsn9j4dngxd8uEeZTbmUU8+o
93zek4JnvRwkgX31JmkGJjJlE/6x3RoDGrsiewkse+oK+tXLFzPfWE134Zzp99eR
A0okpNq/obFAYACHaAdtUMgP/e3tuBrOGJOaSFGwpIAA2oaoTA5RHvELtY1aTEvQ
JINRiwti/LWJLDUD/JDl9Cv5m7fyKUrOR5x5Dz8hhY6J
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:35 2025 by rpki-client