Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KxRm_ftregy-47g4avqYULIVWzw.roa
File: KxRm_ftregy-47g4avqYULIVWzw.roa (raw, json)
Hash identifier: hOk6kvHH/PLpOHw686HuSugtd0gqtKD0s6gO8OjnjvQ=
Subject key identifier: 2B:14:66:FD:FB:6B:7A:0C:BE:E3:B8:38:6A:FA:98:50:B2:15:5B:3C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0187D3D40A3EA253910910DFF7DCED15E4CD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KxRm_ftregy-47g4avqYULIVWzw.roa
Signing time: Sun 30 Apr 2023 20:21:41 +0000
ROA not before: Sun 30 Apr 2023 20:21:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.68.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.70.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.153.209.0/24 maxlen: 24
82.153.210.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.4.0/24 maxlen: 24
82.153.10.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d3:d4:0a:3e:a2:53:91:09:10:df:f7:dc:ed:15:e4:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 30 20:21:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b1466fdfb6b7a0cbee3b8386afa9850b2155b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:06:62:1b:fb:a7:ae:dc:33:a3:57:03:5f:1d:
f1:16:3c:e6:1f:c7:34:4c:51:cd:48:d2:66:6c:3e:
7b:29:84:e1:f0:80:53:97:23:18:de:6b:b5:67:d0:
a7:71:c7:88:46:b7:2c:b5:e8:4e:a0:49:40:9a:ea:
53:19:4d:42:48:53:08:48:90:02:23:7e:97:09:be:
3a:53:5f:e0:23:60:44:92:34:c0:53:de:98:1f:d6:
38:ba:5b:5d:20:d8:d6:0a:58:03:37:89:04:36:43:
e3:8c:84:53:9f:7d:30:f7:a8:6e:7d:74:a3:8a:44:
02:9f:3f:e2:d8:0d:7d:aa:d8:f0:1d:37:53:b5:6a:
5d:67:59:b6:91:1b:f3:85:ce:fb:8b:5a:ef:62:b5:
6d:d5:61:2b:ad:63:4c:62:45:99:eb:0e:c4:13:1c:
0c:24:0a:0b:c5:85:ec:05:de:a4:36:1c:08:a9:61:
fa:61:df:6e:3c:1f:54:ae:0b:2e:b8:ed:32:0a:54:
c3:ec:7f:89:5c:86:19:bf:1a:a6:26:0c:03:b6:b1:
67:90:0f:19:2e:76:95:7b:08:5f:ba:45:ef:46:4d:
6f:8e:6b:27:36:9b:1f:ad:8c:44:8a:af:3f:95:a5:
69:74:fa:25:e6:37:7a:74:f1:62:b7:71:49:cc:6a:
67:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:14:66:FD:FB:6B:7A:0C:BE:E3:B8:38:6A:FA:98:50:B2:15:5B:3C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KxRm_ftregy-47g4avqYULIVWzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.35.0/24
81.168.119.0/24
81.168.123.0/24
82.152.174.0/23
82.152.249.0/24
82.152.251.0/24
82.152.254.0/23
82.153.4.0/24
82.153.10.0/24
82.153.65.0/24
82.153.68.0/24
82.153.70.0/23
82.153.209.0-82.153.210.255
82.153.222.0/24
82.153.246.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:2a:d2:47:ae:8c:6b:5c:fe:94:d9:a5:d5:a2:f3:cf:54:28:
71:7e:d7:af:89:2f:e2:a8:59:fd:a3:c6:ff:21:07:66:e3:83:
e7:5a:63:d3:66:05:e7:ec:ef:57:af:a9:19:81:7b:42:9b:56:
8a:ec:ae:3c:48:e0:ac:dc:9b:3e:7b:df:b9:55:de:ca:35:b6:
4f:90:2c:71:e8:ff:be:3f:f2:80:39:7d:1b:69:23:1f:28:d5:
8e:93:c4:32:4a:b5:20:59:aa:98:d5:a1:8d:1c:70:5e:19:97:
e1:9a:a0:33:80:3b:a4:ab:a7:b9:29:84:9c:32:9a:f2:16:68:
a2:c6:62:f5:c0:75:62:e5:c1:46:96:7d:ac:ad:ad:9d:c4:9f:
62:e6:32:5d:3d:a2:ca:6e:38:41:f0:bf:17:ab:97:dc:52:ab:
b6:78:ae:18:6b:e9:a3:cf:ea:fe:c2:d8:c5:93:6c:5f:9f:1b:
0d:31:cc:21:2e:0d:68:50:2e:d2:66:45:07:fb:aa:b7:f3:7f:
9f:7e:7f:2c:19:12:46:c6:7b:f7:1b:85:5e:00:54:ac:5c:7f:
49:c9:82:38:86:f7:68:35:28:b9:ae:e1:7f:86:73:a0:9a:0a:
2c:f7:de:e3:00:52:da:8a:ec:ee:48:ad:7b:77:66:50:6d:e0:
b5:f0:47:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYfT1Ao+olORCRDf99ztFeTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDMwMjAyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjE0NjZmZGZiNmI3YTBjYmVlM2I4Mzg2YWZhOTg1MGIyMTU1YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wZiG/unrtwzo1cDXx3xFjzmH8c0
TFHNSNJmbD57KYTh8IBTlyMY3mu1Z9CncceIRrcstehOoElAmupTGU1CSFMISJAC
I36XCb46U1/gI2BEkjTAU96YH9Y4ultdINjWClgDN4kENkPjjIRTn30w96hufXSj
ikQCnz/i2A19qtjwHTdTtWpdZ1m2kRvzhc77i1rvYrVt1WErrWNMYkWZ6w7EExwM
JAoLxYXsBd6kNhwIqWH6Yd9uPB9UrgsuuO0yClTD7H+JXIYZvxqmJgwDtrFnkA8Z
LnaVewhfukXvRk1vjmsnNpsfrYxEiq8/laVpdPol5jd6dPFit3FJzGpnEQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFCsUZv37a3oMvuO4OGr6mFCyFVs8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS3hSbV9mdHJlZ3ktNDdnNGF2cVlVTElWV3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFGoIwME
AFGodwMEAFGoewMEAVKYrgMEAFKY+QMEAFKY+wMEAVKY/gMEAFKZBAMEAFKZCgME
AFKZQQMEAFKZRAMEAVKZRjAMAwQAUpnRAwQAUpnSAwQAUpneAwQAUpn2AwQBUpn4
MA0GCSqGSIb3DQEBCwUAA4IBAQA6KtJHroxrXP6U2aXVovPPVChxfteviS/iqFn9
o8b/IQdm44PnWmPTZgXn7O9Xr6kZgXtCm1aK7K48SOCs3Js+e9+5Vd7KNbZPkCxx
6P++P/KAOX0baSMfKNWOk8QySrUgWaqY1aGNHHBeGZfhmqAzgDukq6e5KYScMpry
FmiixmL1wHVi5cFGln2sra2dxJ9i5jJdPaLKbjhB8L8Xq5fcUqu2eK4Ya+mjz+r+
wtjFk2xfnxsNMcwhLg1oUC7SZkUH+6q383+ffn8sGRJGxnv3G4VeAFSsXH9JyYI4
hvdoNSi5ruF/hnOgmgos997jAFLaiuzuSK17d2ZQbeC18EeR
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:03 2025 by rpki-client