Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N1ojT1U0150emt08F1nFnr57HaY.roa
File: N1ojT1U0150emt08F1nFnr57HaY.roa (raw, json)
Hash identifier: SqrKb6LpL0yX54lSvMnc7q8lj4qLYTayTrdDR+oKiAA=
Subject key identifier: 37:5A:23:4F:55:34:D7:9D:1E:9A:DD:3C:17:59:C5:9E:BE:7B:1D:A6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189A607FB9A432CD827CEB05FB8828CDC78
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N1ojT1U0150emt08F1nFnr57HaY.roa
Signing time: Sun 30 Jul 2023 09:01:28 +0000
ROA not before: Sun 30 Jul 2023 09:01:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 82.153.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a6:07:fb:9a:43:2c:d8:27:ce:b0:5f:b8:82:8c:dc:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 30 09:01:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=375a234f5534d79d1e9add3c1759c59ebe7b1da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8c:e9:17:24:9d:cf:a3:9b:26:79:92:3a:5e:
14:b5:1c:f3:76:f3:81:fd:fa:3f:8e:ca:b6:eb:b1:
69:69:69:b2:85:f2:56:9b:85:dc:4e:07:00:31:20:
a2:2c:46:b4:6e:77:aa:47:c8:79:b5:be:59:2d:51:
ca:dd:61:ac:d2:48:fb:6b:f0:f8:2b:b5:77:96:ab:
df:01:42:1f:40:00:ef:9e:83:7d:fa:81:09:3b:bb:
b3:bc:b6:4b:3d:5b:66:64:51:83:23:89:bb:ed:a5:
51:95:a6:4f:c5:58:b5:aa:4b:04:84:ee:d3:c2:c8:
d2:13:75:9f:59:54:f8:a0:df:a0:68:5f:5a:19:96:
20:58:a3:81:7d:c4:0c:86:58:5a:2c:94:8c:a3:b0:
4a:e6:25:6e:07:aa:39:87:86:d8:13:53:e8:97:45:
da:49:dd:c5:bd:da:56:06:16:04:85:97:fe:90:a8:
76:43:9d:b3:af:bf:2e:68:0d:ff:78:e5:83:90:57:
69:0d:40:9f:55:a5:1a:7b:c4:fe:2b:7f:7f:e7:69:
8b:7c:00:4d:06:d6:58:4b:d5:14:ad:e6:4d:8d:a4:
77:ba:e3:4e:8b:02:de:08:df:c5:8b:f3:a7:ec:43:
80:43:98:24:3c:d1:5a:77:be:91:1e:7b:3d:a3:20:
53:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:5A:23:4F:55:34:D7:9D:1E:9A:DD:3C:17:59:C5:9E:BE:7B:1D:A6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/N1ojT1U0150emt08F1nFnr57HaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.220.0/24
Signature Algorithm: sha256WithRSAEncryption
75:f5:c5:2b:e9:d2:25:6f:64:22:a5:30:24:48:44:e7:81:f5:
10:78:7c:9b:14:86:76:cd:3b:e8:ba:34:e5:86:2c:31:1e:ea:
46:d4:b6:9c:37:3c:80:59:6a:ec:77:b9:d9:0e:c8:ef:a8:41:
dc:f1:48:62:96:4d:ec:60:11:f0:35:99:59:95:47:74:e7:57:
86:8b:d5:7f:75:85:14:cc:2b:e5:b5:33:a7:1a:3a:65:54:8b:
6d:39:8b:99:b9:50:88:3d:32:20:ef:0c:da:e2:80:26:7e:22:
e0:4d:38:a3:a1:81:4c:f2:78:b3:5b:90:36:cf:55:1e:fb:d5:
28:26:2d:9d:41:5d:e7:a4:c5:e3:cb:70:cf:88:db:e1:6e:b9:
cb:a4:e4:e8:dc:cc:97:15:d1:bb:54:30:95:84:06:32:9e:6e:
61:dc:a3:59:0f:26:4d:3c:0b:df:54:ca:6b:d1:e6:df:ad:a1:
bc:05:37:d3:46:1c:91:10:32:f3:7d:99:57:02:7d:81:2a:ac:
aa:db:70:ba:62:0e:09:69:c6:63:9d:2c:9c:3d:62:e7:a4:20:
4e:05:e7:b4:b7:ac:d6:2e:8d:08:19:11:75:c5:82:a0:e7:e2:
ac:9e:9f:ea:43:e9:e2:d7:cd:99:43:f3:8b:50:de:33:30:5d:
70:9a:de:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmmB/uaQyzYJ86wX7iCjNx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzMwMDkwMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzVhMjM0ZjU1MzRkNzlkMWU5YWRkM2MxNzU5YzU5ZWJlN2IxZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYzpFySdz6ObJnmSOl4UtRzzdvOB
/fo/jsq267FpaWmyhfJWm4XcTgcAMSCiLEa0bneqR8h5tb5ZLVHK3WGs0kj7a/D4
K7V3lqvfAUIfQADvnoN9+oEJO7uzvLZLPVtmZFGDI4m77aVRlaZPxVi1qksEhO7T
wsjSE3WfWVT4oN+gaF9aGZYgWKOBfcQMhlhaLJSMo7BK5iVuB6o5h4bYE1Pol0Xa
Sd3FvdpWBhYEhZf+kKh2Q52zr78uaA3/eOWDkFdpDUCfVaUae8T+K39/52mLfABN
BtZYS9UUreZNjaR3uuNOiwLeCN/Fi/On7EOAQ5gkPNFad76RHns9oyBTCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdaI09VNNedHprdPBdZxZ6+ex2mMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTjFvalQxVTAxNTBlbXQwOEYxbkZucjU3SGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpncMA0G
CSqGSIb3DQEBCwUAA4IBAQB19cUr6dIlb2QipTAkSETngfUQeHybFIZ2zTvoujTl
hiwxHupG1LacNzyAWWrsd7nZDsjvqEHc8Uhilk3sYBHwNZlZlUd051eGi9V/dYUU
zCvltTOnGjplVIttOYuZuVCIPTIg7wza4oAmfiLgTTijoYFM8nizW5A2z1Ue+9Uo
Ji2dQV3npMXjy3DPiNvhbrnLpOTo3MyXFdG7VDCVhAYynm5h3KNZDyZNPAvfVMpr
0ebfraG8BTfTRhyREDLzfZlXAn2BKqyq23C6Yg4JacZjnSycPWLnpCBOBee0t6zW
Lo0IGRF1xYKg5+Ksnp/qQ+ni182ZQ/OLUN4zMF1wmt7l
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:47 2025 by rpki-client