Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JZqteuw_iQq_EYAIYYBeNOD3Lo4.roa
File: JZqteuw_iQq_EYAIYYBeNOD3Lo4.roa (raw, json)
Hash identifier: mqIw70FVTRkovjazc+Zeno/DI4PZ2/7GDlz6G3z37PU=
Subject key identifier: 25:9A:AD:7A:EC:3F:89:0A:BF:11:80:08:61:80:5E:34:E0:F7:2E:8E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189166A1459A668D9DE17295FAC8082EEFD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JZqteuw_iQq_EYAIYYBeNOD3Lo4.roa
Signing time: Sun 02 Jul 2023 11:43:18 +0000
ROA not before: Sun 02 Jul 2023 11:43:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.5.189.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.152.108.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
89.213.142.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:16:6a:14:59:a6:68:d9:de:17:29:5f:ac:80:82:ee:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 2 11:43:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=259aad7aec3f890abf11800861805e34e0f72e8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ca:5d:0f:18:1b:d3:81:6b:da:e3:71:94:d4:
ee:cb:35:c3:cd:82:2f:8b:70:6c:b4:bf:08:15:16:
7e:3e:06:e0:ee:ce:53:5e:aa:fa:56:e2:64:03:f3:
58:9f:29:45:ab:9b:5a:e6:72:0e:83:a8:2d:33:d7:
a6:0e:a4:c4:70:93:ee:2e:c9:77:ec:b6:0f:25:ba:
fa:2d:17:57:97:f2:99:db:c5:86:aa:31:ab:c9:f8:
ed:c0:b4:0c:99:f1:13:da:05:42:65:85:40:17:3f:
1c:70:94:4d:09:fd:b5:9c:e0:94:5c:9f:25:45:24:
24:39:51:9c:d8:44:54:78:a2:91:c7:dd:a5:f2:49:
44:fc:ae:f2:19:4b:ae:d0:73:59:c3:74:00:94:07:
b5:df:e3:70:8e:d7:18:a9:a0:fc:a4:f2:e7:65:a3:
1c:d2:b0:12:fa:d3:f3:f4:6c:7a:72:8d:a3:bb:96:
c9:ba:95:9d:e6:c6:25:e8:07:4d:ae:61:39:93:06:
b2:06:aa:f4:00:70:62:35:fe:39:96:0b:4f:14:ce:
f9:64:a3:25:1d:f9:44:72:37:8f:1f:a7:18:58:6c:
3f:4b:01:42:97:f6:37:b1:c0:5b:f5:d3:64:eb:c3:
07:40:7b:c3:62:53:fc:8b:cb:6b:9a:d8:3b:bf:c4:
25:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:9A:AD:7A:EC:3F:89:0A:BF:11:80:08:61:80:5E:34:E0:F7:2E:8E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JZqteuw_iQq_EYAIYYBeNOD3Lo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.119.0/24
81.168.123.0/24
82.152.108.0/24
82.152.111.0/24
82.152.253.0/24
82.153.73.0/24
82.153.136.0/22
82.153.246.0/24
82.153.248.0/23
89.213.142.0/24
Signature Algorithm: sha256WithRSAEncryption
60:47:c6:d5:2a:49:8e:83:ca:ce:0a:f4:50:21:28:f7:b3:cb:
7e:ee:98:38:0e:ee:37:56:b6:2d:16:c7:86:e0:ff:d9:3c:d4:
b7:78:dc:a2:1f:65:8f:55:29:c9:f7:d5:ed:0f:63:a9:89:2a:
56:8b:c8:bd:b0:4d:ee:ab:04:b9:a1:71:59:93:d8:16:a0:8b:
0c:c8:ef:48:df:48:79:f3:27:c7:46:b5:88:c3:90:3a:3d:01:
46:09:9e:58:1f:16:c5:89:b2:57:fa:28:0d:a6:30:61:64:70:
f7:79:b9:87:53:64:1f:c9:32:b9:37:9c:e0:ca:fc:f1:76:7e:
bb:65:ec:90:21:ea:fe:81:a5:18:e4:68:60:14:a0:ac:0e:df:
e9:e1:9b:3c:e4:ef:80:29:ec:9d:48:3e:e6:4c:cf:80:01:57:
c0:6c:cf:36:6a:84:6d:19:65:b2:e8:1c:f5:21:9e:11:4c:9e:
d1:ee:25:0a:b0:eb:60:26:a7:8d:68:a6:81:c5:bb:12:8a:89:
27:7a:29:67:61:88:ad:e7:7d:50:7f:49:ea:42:14:b8:f9:74:
3b:c6:99:7d:27:3f:9a:54:ae:c3:5c:1b:9e:44:f0:dc:89:b9:
34:53:57:6b:8a:c3:f4:77:bb:2f:39:fd:ee:63:8b:c5:71:ea:
cd:7c:de:7c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYkWahRZpmjZ3hcpX6yAgu79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzAyMTE0MzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTlhYWQ3YWVjM2Y4OTBhYmYxMTgwMDg2MTgwNWUzNGUwZjcyZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8pdDxgb04Fr2uNxlNTuyzXDzYIv
i3BstL8IFRZ+Pgbg7s5TXqr6VuJkA/NYnylFq5ta5nIOg6gtM9emDqTEcJPuLsl3
7LYPJbr6LRdXl/KZ28WGqjGryfjtwLQMmfET2gVCZYVAFz8ccJRNCf21nOCUXJ8l
RSQkOVGc2ERUeKKRx92l8klE/K7yGUuu0HNZw3QAlAe13+NwjtcYqaD8pPLnZaMc
0rAS+tPz9Gx6co2ju5bJupWd5sYl6AdNrmE5kwayBqr0AHBiNf45lgtPFM75ZKMl
HflEcjePH6cYWGw/SwFCl/Y3scBb9dNk68MHQHvDYlP8i8trmtg7v8QlKwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCWarXrsP4kKvxGACGGAXjTg9y6OMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSlpxdGV1d19pUXFfRVlBSVlZQmVOT0QzTG80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUQW9AwQA
Uah3AwQAUah7AwQAUphsAwQAUphvAwQAUpj9AwQAUplJAwQCUpmIAwQAUpn2AwQB
Upn4AwQAWdWOMA0GCSqGSIb3DQEBCwUAA4IBAQBgR8bVKkmOg8rOCvRQISj3s8t+
7pg4Du43VrYtFseG4P/ZPNS3eNyiH2WPVSnJ99XtD2OpiSpWi8i9sE3uqwS5oXFZ
k9gWoIsMyO9I30h58yfHRrWIw5A6PQFGCZ5YHxbFibJX+igNpjBhZHD3ebmHU2Qf
yTK5N5zgyvzxdn67ZeyQIer+gaUY5GhgFKCsDt/p4Zs85O+AKeydSD7mTM+AAVfA
bM82aoRtGWWy6Bz1IZ4RTJ7R7iUKsOtgJqeNaKaBxbsSiokneilnYYit531Qf0nq
QhS4+XQ7xpl9Jz+aVK7DXBueRPDcibk0U1drisP0d7svOf3uY4vFcerNfN58
-----END CERTIFICATE-----
Generated at Thu Mar 27 20:41:50 2025 by rpki-client