Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KvmBTd951mROEJPyraya6FUMzrY.roa
File: KvmBTd951mROEJPyraya6FUMzrY.roa (raw, json)
Hash identifier: lAXUIW+rOKEVuXXWFfuB8zo/T+0679CThXqpVzERcF0=
Subject key identifier: 2A:F9:81:4D:DF:79:D6:64:4E:10:93:F2:AD:AC:9A:E8:55:0C:CE:B6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189061047E028C99CA447BDA29AC2D760A7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KvmBTd951mROEJPyraya6FUMzrY.roa
Signing time: Thu 29 Jun 2023 07:31:17 +0000
ROA not before: Thu 29 Jun 2023 07:31:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:10:47:e0:28:c9:9c:a4:47:bd:a2:9a:c2:d7:60:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 29 07:31:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2af9814ddf79d6644e1093f2adac9ae8550cceb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9f:18:70:c1:e0:04:f3:b2:49:f1:3e:5e:cf:
f4:19:a4:00:39:76:66:da:da:dc:e4:62:0a:41:9e:
b1:43:87:84:be:c5:76:39:87:d4:0f:83:52:93:85:
b1:59:f8:d2:04:ad:cf:67:af:59:2d:b6:20:dd:29:
04:05:72:c4:f2:a6:55:33:68:4e:16:c9:ee:78:cc:
75:9b:33:21:cf:da:32:42:c7:e5:dd:79:ba:04:99:
fe:38:02:63:44:38:e7:bd:0f:4d:65:5a:8e:95:07:
7f:d9:5d:ea:65:43:f3:48:ed:8f:39:e1:f9:7f:c5:
f1:41:e7:aa:02:ba:e0:2f:35:35:4e:f2:5f:04:f5:
dd:55:f7:25:f8:13:a3:a6:51:d7:f8:81:4a:ed:53:
58:1c:05:ca:7c:69:d1:9f:70:01:1d:c0:06:10:9b:
02:8e:7a:3a:25:88:57:c7:63:e8:9e:25:5f:aa:d2:
de:8b:89:70:a3:4d:0d:d0:d5:d1:c2:42:0e:a2:4d:
b6:44:c3:09:ea:09:e5:10:8e:bc:90:f3:b8:15:93:
53:46:f2:e5:4b:14:d6:68:47:25:c8:28:38:32:4d:
1b:de:81:bc:b4:d4:3b:d3:21:f7:e6:df:04:e3:d3:
51:7e:3a:de:8a:ca:6e:76:69:66:a6:0a:eb:17:92:
81:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F9:81:4D:DF:79:D6:64:4E:10:93:F2:AD:AC:9A:E8:55:0C:CE:B6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KvmBTd951mROEJPyraya6FUMzrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.253.0-82.152.255.255
82.153.1.0/24
82.153.68.0/23
82.153.71.0-82.153.72.255
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
Signature Algorithm: sha256WithRSAEncryption
02:9b:aa:dd:d3:23:12:8e:33:59:06:94:3b:1e:8c:1a:65:fc:
d3:ff:3b:be:41:15:d6:30:6c:42:13:af:c3:e1:95:1f:15:85:
6a:9b:ee:2a:74:a0:8d:7f:84:d9:f8:fa:7a:d5:ae:01:8f:b2:
19:42:4f:75:7d:8e:58:3c:ea:8b:31:8a:62:ad:ef:da:44:e0:
1e:cc:9b:fd:c4:31:b7:31:ff:e0:95:5c:9b:39:4f:44:10:26:
3a:bf:ca:5a:13:52:47:36:65:06:d0:f9:ac:e6:86:b0:7c:e1:
86:e8:6a:50:dd:07:c6:92:15:0a:88:d7:62:cc:2a:44:5a:80:
90:48:97:0c:67:40:ec:ad:f1:a7:1f:a8:95:ab:45:6a:b1:44:
54:d1:f7:76:62:bd:e1:e8:ba:70:cf:c1:ed:bd:c9:88:2c:a1:
98:ea:44:2f:f4:41:89:a7:4c:4a:82:ad:1b:51:a4:b0:02:cb:
6a:45:c5:1c:4e:77:e8:e1:a7:e4:61:b1:79:ef:99:88:c1:ce:
2e:ed:bb:4a:44:ce:69:39:bd:32:66:f8:23:d2:22:e2:d6:0b:
61:04:50:1f:ec:60:dd:42:10:86:83:14:2f:1b:8d:6e:85:6c:
4d:da:65:1e:1c:1e:2a:fd:f1:17:fe:cd:98:b3:f6:f7:88:77:
8b:e8:cd:49
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYkGEEfgKMmcpEe9oprC12CnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjI5MDczMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY5ODE0ZGRmNzlkNjY0NGUxMDkzZjJhZGFjOWFlODU1MGNjZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp8YcMHgBPOySfE+Xs/0GaQAOXZm
2trc5GIKQZ6xQ4eEvsV2OYfUD4NSk4WxWfjSBK3PZ69ZLbYg3SkEBXLE8qZVM2hO
FsnueMx1mzMhz9oyQsfl3Xm6BJn+OAJjRDjnvQ9NZVqOlQd/2V3qZUPzSO2POeH5
f8XxQeeqArrgLzU1TvJfBPXdVfcl+BOjplHX+IFK7VNYHAXKfGnRn3ABHcAGEJsC
jno6JYhXx2PoniVfqtLei4lwo00N0NXRwkIOok22RMMJ6gnlEI68kPO4FZNTRvLl
SxTWaEclyCg4Mk0b3oG8tNQ70yH35t8E49NRfjreispudmlmpgrrF5KBXwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFCr5gU3fedZkThCT8q2smuhVDM62MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS3ZtQlRkOTUxbVJPRUpQeXJheWE2RlVNenJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwcQQCAAEwawMEAFEFvQME
AFGoIzAMAwQAUah3AwQAUah4AwQAUah7AwQAUah+AwQAUpj4AwQAUpj7MAsDBABS
mP0DAwBSmAMEAFKZAQMEAVKZRDAMAwQAUplHAwQAUplIAwQAUplPAwQAUpmEAwQA
UpngMA0GCSqGSIb3DQEBCwUAA4IBAQACm6rd0yMSjjNZBpQ7HowaZfzT/zu+QRXW
MGxCE6/D4ZUfFYVqm+4qdKCNf4TZ+Pp61a4Bj7IZQk91fY5YPOqLMYpire/aROAe
zJv9xDG3Mf/glVybOU9EECY6v8paE1JHNmUG0Pms5oawfOGG6GpQ3QfGkhUKiNdi
zCpEWoCQSJcMZ0DsrfGnH6iVq0VqsURU0fd2Yr3h6Lpwz8HtvcmILKGY6kQv9EGJ
p0xKgq0bUaSwAstqRcUcTnfo4afkYbF575mIwc4u7btKRM5pOb0yZvgj0iLi1gth
BFAf7GDdQhCGgxQvG41uhWxN2mUeHB4q/fEX/s2Ys/b3iHeL6M1J
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:56 2025 by rpki-client