Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R9H0XokgtE8iDGFYWkPEu16P8GY.roa
File: R9H0XokgtE8iDGFYWkPEu16P8GY.roa (raw, json)
Hash identifier: Wx7ZAWlpx0xyt3tDOSYvJyDrTLnJIs2JhbhEdlCrWaQ=
Subject key identifier: 47:D1:F4:5E:89:20:B4:4F:22:0C:61:58:5A:43:C4:BB:5E:8F:F0:66
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AACF065C7E838DA292CBF99C6974C44C1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R9H0XokgtE8iDGFYWkPEu16P8GY.roa
Signing time: Tue 19 Sep 2023 10:15:50 +0000
ROA not before: Tue 19 Sep 2023 10:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 89.213.190.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:f0:65:c7:e8:38:da:29:2c:bf:99:c6:97:4c:44:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 19 10:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47d1f45e8920b44f220c61585a43c4bb5e8ff066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2e:a5:0a:e9:04:91:f7:d7:16:d3:ba:60:ad:
a9:8c:0f:bd:70:49:8f:54:dc:27:0b:d0:be:0c:ea:
68:c0:99:61:49:db:dd:27:2a:23:de:5e:1b:f4:b6:
ac:cc:37:e7:4a:21:68:42:14:60:16:b7:bd:97:6c:
dc:72:05:d0:f8:cf:56:0c:2e:a9:a5:40:84:f8:c2:
81:e5:55:d7:98:e1:19:1b:d9:c7:f9:30:6c:28:b3:
03:90:cd:a6:b1:03:02:4e:69:b4:89:8b:e4:2e:fe:
c7:e7:5b:83:05:cb:f9:d3:8d:2f:d7:ac:e7:c1:42:
7c:04:83:7c:4b:f4:a5:ae:18:0e:11:5a:c2:0b:5c:
67:08:df:c1:4c:1f:1c:b1:d7:76:56:6b:a6:5e:03:
dd:56:91:53:fd:2c:7a:e3:3c:34:b8:19:bb:fd:3c:
16:52:cc:85:ff:1d:bd:ba:07:c7:18:78:cc:e9:dc:
07:9f:3c:9e:d3:f0:f7:4a:d1:1c:a9:90:1c:8a:42:
33:d4:b5:67:2b:e8:32:b9:89:45:76:ad:f2:94:35:
ef:b2:fc:32:8b:3f:9f:d1:20:9c:ef:e3:5b:1f:1a:
8e:94:41:9a:2e:00:ab:86:66:53:af:e8:fa:be:47:
de:f9:7d:b5:46:06:4d:0d:d1:bb:b2:ab:7a:21:53:
a0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D1:F4:5E:89:20:B4:4F:22:0C:61:58:5A:43:C4:BB:5E:8F:F0:66
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R9H0XokgtE8iDGFYWkPEu16P8GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
81.168.116.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.1.0/24
82.153.68.0/23
82.153.71.0-82.153.72.255
82.153.79.0/24
82.153.132.0/24
82.153.224.0/23
89.213.6.0/23
89.213.130.0/24
89.213.161.0/24
89.213.190.0/24
109.176.208.0/24
109.176.240.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
51:2e:bf:82:b6:8d:6e:e5:46:3e:96:02:c2:da:86:11:98:06:
22:f2:a0:81:37:a4:73:41:f5:09:f5:69:1b:27:26:6d:2c:0b:
0d:15:0f:a8:25:f3:65:40:ab:f7:f0:bc:46:13:f8:3f:b9:79:
8d:4d:15:04:3a:7e:58:5b:8c:c5:e5:66:72:12:07:72:69:bc:
2d:f4:35:58:74:01:75:b6:8c:a0:c9:69:91:0c:a1:4d:16:03:
34:d1:71:50:36:fd:dd:7d:28:74:3c:2c:49:83:f6:7d:aa:ac:
3b:91:4d:84:f8:85:88:13:13:9d:89:91:a9:0d:84:dc:5a:8f:
c4:7a:cd:0d:9f:d4:cb:93:b4:1f:95:7f:9f:92:07:e9:25:ea:
7d:c9:3f:58:b0:2c:64:3d:f9:39:de:94:53:76:fe:21:31:58:
17:8c:ee:93:39:89:88:8e:7e:49:a3:5c:91:3b:90:f3:2e:34:
20:18:50:26:4b:97:f2:c7:d7:c3:3c:aa:bd:63:50:02:f7:53:
e5:2f:9b:ec:e9:b5:0e:c5:0c:e4:50:7e:c6:00:89:1d:a0:cf:
ba:8c:29:fc:9b:78:9b:8c:2b:86:20:52:d1:42:7e:05:2d:78:
cf:ae:48:65:a8:1b:77:1d:d4:f8:98:a4:80:f8:a2:1d:70:5f:
0f:83:ca:d3
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYqs8GXH6DjaKSy/mcaXTETBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTE5MTAxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2QxZjQ1ZTg5MjBiNDRmMjIwYzYxNTg1YTQzYzRiYjVlOGZmMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS6lCukEkffXFtO6YK2pjA+9cEmP
VNwnC9C+DOpowJlhSdvdJyoj3l4b9LaszDfnSiFoQhRgFre9l2zccgXQ+M9WDC6p
pUCE+MKB5VXXmOEZG9nH+TBsKLMDkM2msQMCTmm0iYvkLv7H51uDBcv5040v16zn
wUJ8BIN8S/SlrhgOEVrCC1xnCN/BTB8csdd2VmumXgPdVpFT/Sx64zw0uBm7/TwW
UsyF/x29ugfHGHjM6dwHnzye0/D3StEcqZAcikIz1LVnK+gyuYlFdq3ylDXvsvwy
iz+f0SCc7+NbHxqOlEGaLgCrhmZTr+j6vkfe+X21RgZNDdG7sqt6IVOgWQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFEfR9F6JILRPIgxhWFpDxLtej/BmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUjlIMFhva2d0RThpREdGWVdrUEV1MTZQOEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBABR
Bb0DBABRqCMDBABRqHQwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AME
AFKY+wMEAFKY/gMEAFKZAQMEAVKZRDAMAwQAUplHAwQAUplIAwQAUplPAwQAUpmE
AwQBUpngAwQBWdUGAwQAWdWCAwQAWdWhAwQAWdW+AwQAbbDQAwQAbbDwAwQAbbD3
AwQAbbD7AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQBRLr+Cto1u5UY+lgLC2oYR
mAYi8qCBN6RzQfUJ9WkbJyZtLAsNFQ+oJfNlQKv38LxGE/g/uXmNTRUEOn5YW4zF
5WZyEgdyabwt9DVYdAF1toygyWmRDKFNFgM00XFQNv3dfSh0PCxJg/Z9qqw7kU2E
+IWIExOdiZGpDYTcWo/Ees0Nn9TLk7QflX+fkgfpJep9yT9YsCxkPfk53pRTdv4h
MVgXjO6TOYmIjn5Jo1yRO5DzLjQgGFAmS5fyx9fDPKq9Y1AC91PlL5vs6bUOxQzk
UH7GAIkdoM+6jCn8m3ibjCuGIFLRQn4FLXjPrkhlqBt3HdT4mKSA+KIdcF8Pg8rT
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:30 2025 by rpki-client