Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RzIIyDssSfzHNv8bmHl6vIrad2w.roa
File: RzIIyDssSfzHNv8bmHl6vIrad2w.roa (raw, json)
Hash identifier: 2b8kTd3X9QmkMPddZdJ2jFnIj34x3gtKliw1mD7rYwU=
Subject key identifier: 47:32:08:C8:3B:2C:49:FC:C7:36:FF:1B:98:79:7A:BC:8A:DA:77:6C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AA736A291F6A1D138DA3EFFFCFD52E0A6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RzIIyDssSfzHNv8bmHl6vIrad2w.roa
Signing time: Mon 18 Sep 2023 07:34:50 +0000
ROA not before: Mon 18 Sep 2023 07:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 82.153.65.0/24 maxlen: 24
109.176.245.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:36:a2:91:f6:a1:d1:38:da:3e:ff:fc:fd:52:e0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 18 07:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=473208c83b2c49fcc736ff1b98797abc8ada776c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:fa:a8:64:14:e6:23:7e:af:76:91:26:c1:54:
e4:d2:b1:8c:5d:17:f5:2f:6c:7d:27:e3:17:e9:d4:
d1:a3:9d:6f:f7:e7:16:1b:d6:cf:15:13:fa:6c:19:
1b:ff:73:52:be:ae:57:43:cd:40:c5:91:73:b2:f9:
20:02:c5:4f:87:61:f9:55:3f:90:65:ab:ed:6d:8c:
c5:e3:d8:e7:dd:a1:92:5f:03:86:7b:ec:f3:3b:a3:
a5:2f:fb:7a:13:7e:eb:cb:13:61:b5:00:e0:d1:1d:
21:8e:5e:f7:72:9c:7b:29:21:82:e3:5c:99:ad:a0:
7c:c0:ee:ce:5c:ba:37:9d:3f:83:c7:3d:3a:66:70:
43:57:e4:1c:df:25:b5:4f:77:fa:2f:4b:6e:f2:ff:
3c:54:95:77:7f:85:9b:cf:c8:8a:0d:71:c2:9e:54:
e5:1b:ab:03:a0:e0:09:56:e1:fb:1b:b3:07:7f:da:
6e:7a:88:6c:07:66:5f:1f:59:77:2a:f3:4d:e2:d0:
14:03:a7:5d:a8:be:25:9e:80:a1:83:bd:8b:b3:15:
b9:a2:a9:b9:18:90:a2:96:23:72:c8:23:14:10:17:
e3:5a:76:01:5f:77:49:6f:f0:39:68:77:5f:cd:06:
c1:25:e9:58:a6:8d:76:c7:16:b7:f0:68:a7:c2:4e:
a6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:32:08:C8:3B:2C:49:FC:C7:36:FF:1B:98:79:7A:BC:8A:DA:77:6C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RzIIyDssSfzHNv8bmHl6vIrad2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.65.0/24
82.153.220.0/24
109.176.245.0/24
Signature Algorithm: sha256WithRSAEncryption
11:cb:d9:65:54:87:52:5f:b1:7f:9d:5a:0f:4b:84:39:e6:11:
dd:de:31:69:c6:99:ac:35:61:3e:b7:f2:ff:78:49:74:67:59:
76:1d:81:fa:21:f8:a8:ae:4c:43:5d:89:fb:83:9a:a6:78:d0:
8f:fd:3b:92:e2:70:ce:6e:ca:fb:af:de:2a:5b:06:5b:4e:02:
84:4b:17:da:9d:48:e8:7f:ca:ef:29:a3:19:54:b3:b3:3e:4c:
28:77:72:a8:fa:8d:85:ad:68:39:50:2e:a8:62:52:02:f9:a1:
3e:ba:68:27:73:03:32:0b:6a:f3:0e:8e:de:e1:ef:94:88:f9:
6c:0b:78:cb:0f:7b:c3:51:dd:67:79:97:47:4f:6c:7f:fd:23:
ac:e7:56:eb:a6:d2:32:b0:5a:6e:82:95:58:91:fd:57:8d:26:
51:96:6e:4b:d3:54:c6:e9:82:03:39:6e:72:97:c7:f6:32:c9:
73:5c:34:42:bf:e5:19:57:6b:fe:bc:47:5d:ae:63:0a:c3:8f:
51:8f:dc:40:c6:d9:0c:6c:a7:1b:f8:e9:be:4f:a7:8c:6b:11:
f0:be:10:9d:47:dd:6e:0e:1d:6a:57:d6:64:a9:5c:82:64:63:
ba:48:77:3c:3b:de:c7:c9:18:85:be:1d:85:29:4f:c1:a8:98:
a3:e8:2b:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqnNqKR9qHRONo+//z9UuCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTE4MDczNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzMyMDhjODNiMmM0OWZjYzczNmZmMWI5ODc5N2FiYzhhZGE3NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vqoZBTmI36vdpEmwVTk0rGMXRf1
L2x9J+MX6dTRo51v9+cWG9bPFRP6bBkb/3NSvq5XQ81AxZFzsvkgAsVPh2H5VT+Q
ZavtbYzF49jn3aGSXwOGe+zzO6OlL/t6E37ryxNhtQDg0R0hjl73cpx7KSGC41yZ
raB8wO7OXLo3nT+Dxz06ZnBDV+Qc3yW1T3f6L0tu8v88VJV3f4Wbz8iKDXHCnlTl
G6sDoOAJVuH7G7MHf9pueohsB2ZfH1l3KvNN4tAUA6ddqL4lnoChg72LsxW5oqm5
GJCiliNyyCMUEBfjWnYBX3dJb/A5aHdfzQbBJelYpo12xxa38Ginwk6m2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEcyCMg7LEn8xzb/G5h5eryK2ndsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUnpJSXlEc3NTZnpITnY4Ym1IbDZ2SXJhZDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUplBAwQA
UpncAwQAbbD1MA0GCSqGSIb3DQEBCwUAA4IBAQARy9llVIdSX7F/nVoPS4Q55hHd
3jFpxpmsNWE+t/L/eEl0Z1l2HYH6IfiorkxDXYn7g5qmeNCP/TuS4nDObsr7r94q
WwZbTgKESxfanUjof8rvKaMZVLOzPkwod3Ko+o2FrWg5UC6oYlIC+aE+umgncwMy
C2rzDo7e4e+UiPlsC3jLD3vDUd1neZdHT2x//SOs51brptIysFpugpVYkf1XjSZR
lm5L01TG6YIDOW5yl8f2MslzXDRCv+UZV2v+vEddrmMKw49Rj9xAxtkMbKcb+Om+
T6eMaxHwvhCdR91uDh1qV9ZkqVyCZGO6SHc8O97HyRiFvh2FKU/BqJij6Ctk
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:37 2025 by rpki-client