Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ImPYRemJtoeUA9HkMLLtnhXzDMQ.roa
File: ImPYRemJtoeUA9HkMLLtnhXzDMQ.roa (raw, json)
Hash identifier: pWVH2Np6rGnoXXZlcaet4E5HcnfU6P10lf16aLE0V7Y=
Subject key identifier: 22:63:D8:45:E9:89:B6:87:94:03:D1:E4:30:B2:ED:9E:15:F3:0C:C4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01889083BA96644FB2B4C00DB341794CA5CB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ImPYRemJtoeUA9HkMLLtnhXzDMQ.roa
Signing time: Tue 06 Jun 2023 11:42:12 +0000
ROA not before: Tue 06 Jun 2023 11:42:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204174
IP address blocks: 82.153.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:83:ba:96:64:4f:b2:b4:c0:0d:b3:41:79:4c:a5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 6 11:42:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2263d845e989b6879403d1e430b2ed9e15f30cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:6f:6c:9b:b8:fd:74:fd:00:b7:e2:28:01:e1:
58:93:a9:a0:ad:a6:a4:2b:46:8e:a0:7e:fd:a5:68:
eb:ca:a7:c9:75:bd:51:8f:d5:16:d3:13:02:18:c9:
34:91:25:39:1d:72:f0:66:e1:51:75:c5:e2:dd:ff:
9f:6f:2d:76:d6:4c:84:a5:d8:90:c9:b9:f9:ac:1c:
e3:18:75:da:a2:90:b6:eb:91:92:a4:64:18:38:56:
dd:e4:a3:9a:f1:ff:49:b2:e5:5f:4b:09:89:37:ce:
ae:8a:4c:88:2d:12:20:c7:70:93:5f:17:88:c3:81:
d4:ad:63:c1:6f:90:27:80:26:f3:33:74:fe:d2:af:
be:58:6d:c7:48:f0:5f:e0:24:ae:b8:c9:74:a7:f6:
d7:c8:1d:e9:98:8e:83:76:3e:cd:7f:83:73:c4:19:
69:70:a5:9d:1d:ec:44:ac:88:1d:e6:41:c9:35:88:
82:b1:67:ea:db:3c:a2:17:09:ff:fa:d4:b6:4a:08:
b4:c4:2f:f5:00:83:de:d5:cb:55:5e:dd:64:6a:96:
72:e3:50:75:c1:d5:e0:0d:bd:d9:41:b5:73:8b:dd:
fd:51:fa:64:8d:79:c0:eb:c0:1a:aa:77:a9:7a:ce:
24:4a:dd:b2:23:56:a7:df:d7:5b:05:b6:12:ac:e4:
85:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:63:D8:45:E9:89:B6:87:94:03:D1:E4:30:B2:ED:9E:15:F3:0C:C4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ImPYRemJtoeUA9HkMLLtnhXzDMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.222.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:e1:63:d0:dc:21:92:fd:fe:0f:a8:0d:f2:28:24:99:d7:aa:
a7:7b:09:95:47:d8:66:56:44:67:0d:fb:23:e1:3c:08:be:1d:
ce:f7:09:1f:2b:75:5a:67:93:d9:88:37:1c:9d:60:2f:93:ef:
cb:0f:59:f6:7d:b7:31:c6:13:71:71:d2:56:f5:8e:81:01:08:
61:54:e9:a7:53:fb:bc:12:ac:87:10:aa:ca:50:4b:06:3e:29:
c1:cf:c9:7e:c1:11:15:b9:63:e5:d0:e0:ea:90:e1:9a:ff:4b:
f0:b6:c0:4b:bd:8e:2b:1a:1a:61:10:83:d3:5c:10:5e:40:9d:
c5:93:33:c2:71:d7:ba:be:68:81:93:32:e9:e5:d6:71:09:69:
b4:2a:73:69:b8:4a:b9:25:9c:48:02:fc:61:3b:b8:96:c6:ef:
97:c1:04:f7:c4:5c:4c:93:5c:f1:d2:ca:c4:f8:7a:b1:fe:e3:
7e:54:47:91:d0:60:e4:45:ba:4c:53:8e:34:6a:52:6f:bd:e9:
6a:72:6a:30:7f:cc:7d:78:e6:48:05:00:a8:63:2b:56:67:7d:
89:be:86:22:1a:7c:80:4f:86:2d:72:70:a4:27:1b:45:d9:f6:
0a:30:ac:b3:1e:21:5d:ea:c9:27:75:01:d5:bb:4d:f4:a0:b5:
d1:cf:bb:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiQg7qWZE+ytMANs0F5TKXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA2MTE0MjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjYzZDg0NWU5ODliNjg3OTQwM2QxZTQzMGIyZWQ5ZTE1ZjMwY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8W9sm7j9dP0At+IoAeFYk6mgraak
K0aOoH79pWjryqfJdb1Rj9UW0xMCGMk0kSU5HXLwZuFRdcXi3f+fby121kyEpdiQ
ybn5rBzjGHXaopC265GSpGQYOFbd5KOa8f9JsuVfSwmJN86uikyILRIgx3CTXxeI
w4HUrWPBb5AngCbzM3T+0q++WG3HSPBf4CSuuMl0p/bXyB3pmI6Ddj7Nf4NzxBlp
cKWdHexErIgd5kHJNYiCsWfq2zyiFwn/+tS2Sgi0xC/1AIPe1ctVXt1kapZy41B1
wdXgDb3ZQbVzi939UfpkjXnA68Aaqnepes4kSt2yI1an39dbBbYSrOSFkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJj2EXpibaHlAPR5DCy7Z4V8wzEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSW1QWVJlbUp0b2VVQTlIa01MTHRuaFh6RE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpneMA0G
CSqGSIb3DQEBCwUAA4IBAQCo4WPQ3CGS/f4PqA3yKCSZ16qnewmVR9hmVkRnDfsj
4TwIvh3O9wkfK3VaZ5PZiDccnWAvk+/LD1n2fbcxxhNxcdJW9Y6BAQhhVOmnU/u8
EqyHEKrKUEsGPinBz8l+wREVuWPl0ODqkOGa/0vwtsBLvY4rGhphEIPTXBBeQJ3F
kzPCcde6vmiBkzLp5dZxCWm0KnNpuEq5JZxIAvxhO7iWxu+XwQT3xFxMk1zx0srE
+Hqx/uN+VEeR0GDkRbpMU440alJvvelqcmowf8x9eOZIBQCoYytWZ32JvoYiGnyA
T4YtcnCkJxtF2fYKMKyzHiFd6skndQHVu030oLXRz7u8
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:02 2025 by rpki-client