Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QIYc2cDiUvqOG4W_TAKJv_zMkVE.roa
File: QIYc2cDiUvqOG4W_TAKJv_zMkVE.roa (raw, json)
Hash identifier: kY2Rx0l2e9ooSP4DGQfZQ8tZ4G7RRde69GrfqN3xs9w=
Subject key identifier: 40:86:1C:D9:C0:E2:52:FA:8E:1B:85:BF:4C:02:89:BF:FC:CC:91:51
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C5F0B037ABD6DC31A272E9BEDCA153A8B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QIYc2cDiUvqOG4W_TAKJv_zMkVE.roa
Signing time: Tue 12 Dec 2023 17:20:06 +0000
ROA not before: Tue 12 Dec 2023 17:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395839
IP address blocks: 82.153.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5f:0b:03:7a:bd:6d:c3:1a:27:2e:9b:ed:ca:15:3a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 12 17:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40861cd9c0e252fa8e1b85bf4c0289bffccc9151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:88:9f:5b:40:01:03:9e:16:aa:11:34:9f:17:
2d:8c:f9:28:d7:43:33:f8:20:4d:df:41:97:87:c1:
bf:a4:78:ad:d2:aa:6f:26:8e:1a:bd:45:89:87:a7:
7e:fa:b5:75:2a:36:ce:c3:5f:ce:e9:ae:ed:10:25:
3a:b2:20:d0:2d:98:2c:27:7f:45:7d:9c:51:f7:8a:
6d:00:25:3e:66:8a:dc:68:f9:40:ef:85:f2:15:9f:
9f:63:3d:0b:eb:c9:1b:ca:9c:7d:7e:c9:42:7c:34:
30:bb:b8:d2:dc:58:c3:45:7b:f0:d2:83:a9:80:24:
05:04:e2:26:4d:4a:a6:13:06:c8:ff:9b:59:f8:8b:
0a:64:47:2b:c7:aa:63:24:95:7c:48:a8:a6:d8:05:
1a:c6:cc:e2:0e:83:4c:cd:a1:69:74:01:3f:f9:29:
2b:de:b5:cf:87:a9:31:81:73:2f:86:ab:21:23:7c:
aa:b1:92:5b:35:1f:5d:d0:a2:6f:00:45:60:fa:78:
13:3e:a8:4b:fe:fd:5a:e7:b4:bf:f3:d2:e3:a8:e5:
12:18:77:88:fa:db:0b:18:a6:d4:d3:57:d1:ce:f0:
62:94:c2:5f:8e:b3:81:f6:20:b9:ac:cd:47:d9:99:
7b:91:a9:c0:ba:5b:3c:97:9e:53:d6:d9:11:79:1a:
84:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:86:1C:D9:C0:E2:52:FA:8E:1B:85:BF:4C:02:89:BF:FC:CC:91:51
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QIYc2cDiUvqOG4W_TAKJv_zMkVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.1.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:26:b5:e8:e5:c3:69:bb:05:de:93:93:13:00:df:72:bf:d9:
cf:04:96:49:f4:67:c9:77:7b:cf:18:57:99:80:50:82:71:ab:
63:15:17:4c:f0:07:bc:da:dc:12:dc:41:ba:bd:25:94:6f:78:
ba:c4:6b:97:ae:20:f1:b4:ae:a0:89:98:61:65:a9:6f:54:11:
16:d0:3f:77:7c:f2:08:c4:cd:56:bc:cd:5c:1e:10:0a:ee:aa:
58:6d:6e:af:a4:1e:28:e3:e3:3d:c7:d4:4f:1c:0f:82:d1:a1:
51:16:47:e6:8a:fb:00:1a:01:e1:9b:d2:e3:6e:00:9b:94:9b:
f4:aa:42:df:11:bd:58:ca:55:75:a7:5f:fc:78:1b:c7:5b:e3:
8e:99:9d:af:37:34:9f:53:c7:70:21:00:28:a0:ec:af:fa:04:
63:4a:59:3b:26:4c:53:11:e3:65:db:53:c9:aa:a3:24:6f:a9:
24:20:4e:1b:6f:69:3c:f8:f8:5f:dd:65:ac:99:2a:9a:cf:c6:
87:f0:a2:91:c2:6a:2b:0c:68:bc:34:12:02:2e:15:98:6c:7d:
1f:a3:8f:aa:84:66:fd:26:d6:fe:15:52:d1:d4:0b:b6:8b:71:
32:b9:e4:a0:07:72:7e:c4:57:73:e9:58:41:d9:d7:d8:80:9d:
d8:c2:bb:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxfCwN6vW3DGicum+3KFTqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjEyMTcyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDg2MWNkOWMwZTI1MmZhOGUxYjg1YmY0YzAyODliZmZjY2M5MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4ifW0ABA54WqhE0nxctjPko10Mz
+CBN30GXh8G/pHit0qpvJo4avUWJh6d++rV1KjbOw1/O6a7tECU6siDQLZgsJ39F
fZxR94ptACU+ZorcaPlA74XyFZ+fYz0L68kbypx9fslCfDQwu7jS3FjDRXvw0oOp
gCQFBOImTUqmEwbI/5tZ+IsKZEcrx6pjJJV8SKim2AUaxsziDoNMzaFpdAE/+Skr
3rXPh6kxgXMvhqshI3yqsZJbNR9d0KJvAEVg+ngTPqhL/v1a57S/89LjqOUSGHeI
+tsLGKbU01fRzvBilMJfjrOB9iC5rM1H2Zl7kanAuls8l55T1tkReRqEUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECGHNnA4lL6jhuFv0wCib/8zJFRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUUlZYzJjRGlVdnFPRzRXX1RBS0p2X3pNa1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkBMA0G
CSqGSIb3DQEBCwUAA4IBAQAsJrXo5cNpuwXek5MTAN9yv9nPBJZJ9GfJd3vPGFeZ
gFCCcatjFRdM8Ae82twS3EG6vSWUb3i6xGuXriDxtK6giZhhZalvVBEW0D93fPII
xM1WvM1cHhAK7qpYbW6vpB4o4+M9x9RPHA+C0aFRFkfmivsAGgHhm9LjbgCblJv0
qkLfEb1YylV1p1/8eBvHW+OOmZ2vNzSfU8dwIQAooOyv+gRjSlk7JkxTEeNl21PJ
qqMkb6kkIE4bb2k8+Phf3WWsmSqaz8aH8KKRwmorDGi8NBICLhWYbH0fo4+qhGb9
Jtb+FVLR1Au2i3EyueSgB3J+xFdz6VhB2dfYgJ3YwrvA
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:03:39 2025 by rpki-client