Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RB0tMZ8zhLeKo11fSdTqwx1PUcM.roa
File: RB0tMZ8zhLeKo11fSdTqwx1PUcM.roa (raw, json)
Hash identifier: fyeBYisRbeMj1ORmIXs7HL0yUTX7BDvLoUNRKP+Nt+o=
Subject key identifier: 44:1D:2D:31:9F:33:84:B7:8A:A3:5D:5F:49:D4:EA:C3:1D:4F:51:C3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0183F48DDBAD0C67608EE7E195E8BE2A84F1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RB0tMZ8zhLeKo11fSdTqwx1PUcM.roa
Signing time: Thu 20 Oct 2022 08:41:20 +0000
ROA not before: Thu 20 Oct 2022 08:41:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 82.152.178.0/24 maxlen: 24
82.152.179.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f4:8d:db:ad:0c:67:60:8e:e7:e1:95:e8:be:2a:84:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 20 08:41:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=441d2d319f3384b78aa35d5f49d4eac31d4f51c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:63:34:16:31:a0:a8:ce:1f:1e:d0:42:d1:86:
7f:e9:6e:69:8a:99:08:9a:45:a5:e9:fa:d6:86:b2:
1c:0f:71:2a:5b:4d:09:f9:07:fc:06:a7:85:98:1b:
a3:fc:50:df:c6:89:ac:b6:ea:61:40:35:d8:38:b2:
64:ed:54:2b:17:1c:6a:58:60:23:38:0e:8f:44:91:
22:b0:f5:b6:9d:8f:52:5c:d5:22:1d:6a:ab:ad:a1:
cb:89:c3:da:d7:1c:e9:33:02:1b:56:0f:28:30:2f:
cb:54:09:0a:8e:e7:a4:3f:2b:c2:02:a2:0d:6b:06:
00:71:57:92:d6:e3:d4:5a:29:02:02:f5:5e:fe:3f:
71:b0:35:33:ca:15:ad:cf:33:ec:89:ab:05:0a:07:
92:38:c6:24:b4:cd:dc:26:64:a0:ad:ee:00:85:9c:
40:cd:cf:00:94:bf:46:13:b1:ec:71:63:cf:75:87:
d7:47:b9:39:aa:85:cd:63:f8:e4:e1:2d:c0:3d:19:
0b:99:b5:b3:2a:0e:ae:bc:d5:1d:7b:08:f8:ba:76:
89:a5:f4:86:14:28:9e:a3:44:11:99:9b:2a:a4:bb:
36:82:18:21:cf:79:a1:ef:21:0e:3a:93:c7:c7:c4:
80:19:40:11:3d:dc:2e:95:fc:f3:e8:21:3a:c1:8d:
00:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:1D:2D:31:9F:33:84:B7:8A:A3:5D:5F:49:D4:EA:C3:1D:4F:51:C3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RB0tMZ8zhLeKo11fSdTqwx1PUcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.178.0/23
82.153.69.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
89:06:fd:6a:4c:95:7e:23:be:6a:f5:fb:a9:e4:51:22:a5:1b:
2b:ef:cd:41:57:47:0a:ee:7c:9e:15:54:a2:e5:31:02:04:aa:
40:98:62:3b:7a:37:28:04:77:31:5d:04:b0:bc:46:c7:11:10:
dc:34:32:11:0a:72:ab:33:6b:00:67:fe:7c:9e:c1:3c:82:0b:
98:47:3d:f3:87:8f:2c:45:6b:c1:e6:f1:27:68:87:f8:fe:b5:
83:3a:0f:ed:8b:f8:50:7e:99:d0:d9:9c:f7:d0:83:bd:50:17:
bd:a2:fa:86:e9:73:45:e9:11:cc:e1:05:8b:a8:49:66:fc:8b:
9b:45:6c:4f:83:e2:86:6f:bd:92:41:ef:da:b8:5f:6b:1f:20:
c9:0b:fd:ac:ad:3c:e7:79:e9:41:30:f4:88:a2:1a:86:0e:6b:
3a:4a:7b:42:90:79:89:9b:75:54:80:f7:a3:c4:7f:c5:5d:d7:
13:b8:1c:3e:d7:8d:64:a1:d5:d1:81:56:eb:68:38:da:b9:82:
ae:fd:93:f8:a4:c8:cc:db:29:5e:4b:b4:20:cd:4f:82:56:82:
19:98:7c:b3:29:be:b7:24:e0:0c:41:01:d2:5b:8e:43:87:58:
ae:94:9c:eb:a6:5c:fa:4b:a7:31:f6:a0:e6:b3:0a:a3:54:e3:
1d:bd:77:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYP0jdutDGdgjufhlei+KoTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMDIwMDg0MTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDFkMmQzMTlmMzM4NGI3OGFhMzVkNWY0OWQ0ZWFjMzFkNGY1MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2M0FjGgqM4fHtBC0YZ/6W5pipkI
mkWl6frWhrIcD3EqW00J+Qf8BqeFmBuj/FDfxomstuphQDXYOLJk7VQrFxxqWGAj
OA6PRJEisPW2nY9SXNUiHWqrraHLicPa1xzpMwIbVg8oMC/LVAkKjuekPyvCAqIN
awYAcVeS1uPUWikCAvVe/j9xsDUzyhWtzzPsiasFCgeSOMYktM3cJmSgre4AhZxA
zc8AlL9GE7HscWPPdYfXR7k5qoXNY/jk4S3APRkLmbWzKg6uvNUdewj4unaJpfSG
FCieo0QRmZsqpLs2ghghz3mh7yEOOpPHx8SAGUARPdwulfzz6CE6wY0AuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEQdLTGfM4S3iqNdX0nU6sMdT1HDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUkIwdE1aOHpoTGVLbzExZlNkVHF3eDFQVWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUpiyAwQA
UplFAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQCJBv1qTJV+I75q9fup5FEipRsr
781BV0cK7nyeFVSi5TECBKpAmGI7ejcoBHcxXQSwvEbHERDcNDIRCnKrM2sAZ/58
nsE8gguYRz3zh48sRWvB5vEnaIf4/rWDOg/ti/hQfpnQ2Zz30IO9UBe9ovqG6XNF
6RHM4QWLqElm/IubRWxPg+KGb72SQe/auF9rHyDJC/2srTzneelBMPSIohqGDms6
SntCkHmJm3VUgPejxH/FXdcTuBw+141kodXRgVbraDjauYKu/ZP4pMjM2yleS7Qg
zU+CVoIZmHyzKb63JOAMQQHSW45Dh1iulJzrplz6S6cx9qDmswqjVOMdvXcb
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:20 2025 by rpki-client