Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpXAGOaYqo-LSHKgoYeDnfPwWHo.roa
File: RpXAGOaYqo-LSHKgoYeDnfPwWHo.roa (raw, json)
Hash identifier: M6VliQGUN7jTDVly4aWCINJsO7iX+5FWS5GOwrfwyYI=
Subject key identifier: 46:95:C0:18:E6:98:AA:8F:8B:48:72:A0:A1:87:83:9D:F3:F0:58:7A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018533FA6735B24F270DEFA1EE78AF7F7637
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpXAGOaYqo-LSHKgoYeDnfPwWHo.roa
Signing time: Wed 21 Dec 2022 09:18:46 +0000
ROA not before: Wed 21 Dec 2022 09:18:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 82.153.240.0/24 maxlen: 24
82.152.176.0/24 maxlen: 24
82.152.179.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:fa:67:35:b2:4f:27:0d:ef:a1:ee:78:af:7f:76:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 21 09:18:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4695c018e698aa8f8b4872a0a187839df3f0587a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d1:e6:74:64:71:dc:74:82:d7:fa:72:e4:a2:
4f:e0:b4:ee:77:78:1f:48:79:f9:0c:fd:5b:ef:69:
cd:f9:54:1d:4c:65:5c:53:b8:a6:5a:44:11:0c:ef:
92:45:16:b0:64:49:4b:97:92:05:e9:f9:5c:d8:d0:
7f:f5:48:65:61:e4:a2:a3:e9:ce:55:2e:61:e8:5d:
ed:c2:92:56:36:28:04:9d:7c:53:a7:ff:4f:b7:bf:
36:d2:e8:20:1f:f5:b0:d3:09:c2:e2:e5:6c:9c:10:
8b:33:9f:83:ac:56:33:9e:d9:d1:eb:e5:d2:18:af:
6b:65:cf:bb:eb:26:f6:18:ed:95:0a:aa:ae:b7:7a:
c9:b3:48:3d:b9:fe:75:33:e6:6f:40:b5:91:7e:d7:
42:fe:0d:d3:2a:92:f8:73:3d:c9:39:d4:49:c4:52:
bb:ef:76:4f:c8:e1:a9:03:e9:3e:6e:23:d8:a5:52:
a3:6d:0b:13:25:48:76:20:49:3a:78:85:98:6c:4d:
7a:6a:07:46:78:d4:12:0b:4a:3f:fe:dc:83:c5:8e:
f4:7f:eb:c5:77:8a:01:a0:83:60:31:42:d6:9f:22:
05:a0:96:f4:c6:7a:88:6a:f3:ce:9e:ad:ab:58:f8:
3b:dd:ba:8e:c3:f5:5b:6d:38:dc:2b:8c:c6:c2:ea:
a4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:95:C0:18:E6:98:AA:8F:8B:48:72:A0:A1:87:83:9D:F3:F0:58:7A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpXAGOaYqo-LSHKgoYeDnfPwWHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/24
82.152.179.0/24
82.153.68.0/24
82.153.240.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f0:de:8c:c1:90:ae:ed:c0:e8:77:18:c7:ab:9a:6e:24:65:
0e:f3:36:53:fc:8c:46:f5:98:f9:b0:4b:ce:c2:8d:07:1f:75:
8c:30:d4:df:18:af:20:59:e1:9c:18:52:0c:c2:7a:0d:95:26:
f6:41:c3:b8:2d:83:73:f0:eb:9e:04:e0:a4:60:b8:4b:a9:ea:
92:0d:71:23:7d:9e:66:cf:26:0a:b8:50:04:ae:3a:f6:28:81:
b6:65:ae:95:28:82:21:6c:3a:75:a5:5a:19:21:79:c5:5e:88:
3b:b8:5b:32:72:c5:64:e5:7c:eb:e3:f0:90:14:6e:44:da:54:
3d:9e:e8:54:f5:78:56:33:69:53:92:e5:a9:94:c4:79:79:e1:
38:6a:f8:af:d6:9d:81:b7:ea:29:46:68:2a:9a:a8:eb:64:82:
0b:5c:2b:2f:f1:e0:94:b9:c7:c6:79:6d:ec:a2:3f:35:4e:3a:
a1:d8:b2:7e:08:ba:d7:f8:61:50:1a:80:c3:ff:5b:82:07:86:
d5:86:35:f2:b5:3c:e8:4d:d1:d8:d2:1b:46:55:05:aa:11:24:
fe:5d:10:d5:76:de:09:85:21:87:ee:e1:7f:cb:c6:82:1b:30:
9d:92:17:00:f9:63:3f:1a:9f:ee:8b:8c:4b:d4:bc:12:3e:de:
8c:71:a2:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUz+mc1sk8nDe+h7nivf3Y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMjIxMDkxODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njk1YzAxOGU2OThhYThmOGI0ODcyYTBhMTg3ODM5ZGYzZjA1ODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59HmdGRx3HSC1/py5KJP4LTud3gf
SHn5DP1b72nN+VQdTGVcU7imWkQRDO+SRRawZElLl5IF6flc2NB/9UhlYeSio+nO
VS5h6F3twpJWNigEnXxTp/9Pt7820uggH/Ww0wnC4uVsnBCLM5+DrFYzntnR6+XS
GK9rZc+76yb2GO2VCqqut3rJs0g9uf51M+ZvQLWRftdC/g3TKpL4cz3JOdRJxFK7
73ZPyOGpA+k+biPYpVKjbQsTJUh2IEk6eIWYbE16agdGeNQSC0o//tyDxY70f+vF
d4oBoINgMULWnyIFoJb0xnqIavPOnq2rWPg73bqOw/VbbTjcK4zGwuqkKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEaVwBjmmKqPi0hyoKGHg53z8Fh6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUnBYQUdPYVlxby1MU0hLZ29ZZURuZlB3V0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpiwAwQA
UpizAwQAUplEAwQAUpnwAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQB/8N6MwZCu
7cDodxjHq5puJGUO8zZT/IxG9Zj5sEvOwo0HH3WMMNTfGK8gWeGcGFIMwnoNlSb2
QcO4LYNz8OueBOCkYLhLqeqSDXEjfZ5mzyYKuFAErjr2KIG2Za6VKIIhbDp1pVoZ
IXnFXog7uFsycsVk5Xzr4/CQFG5E2lQ9nuhU9XhWM2lTkuWplMR5eeE4aviv1p2B
t+opRmgqmqjrZIILXCsv8eCUucfGeW3soj81Tjqh2LJ+CLrX+GFQGoDD/1uCB4bV
hjXytTzoTdHY0htGVQWqEST+XRDVdt4JhSGH7uF/y8aCGzCdkhcA+WM/Gp/ui4xL
1LwSPt6McaL/
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:56 2025 by rpki-client