Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SzRnwlmWPhG9_FnCoEse2NQThjo.roa
File: SzRnwlmWPhG9_FnCoEse2NQThjo.roa (raw, json)
Hash identifier: Wy10zjssd1wHYTPd25nJO/CehR0t5mnYOpFG/nVMIOw=
Subject key identifier: 4B:34:67:C2:59:96:3E:11:BD:FC:59:C2:A0:4B:1E:D8:D4:13:86:3A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01898C0CA484BC07EF0BE1926843482DF9EC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SzRnwlmWPhG9_FnCoEse2NQThjo.roa
Signing time: Tue 25 Jul 2023 07:56:26 +0000
ROA not before: Tue 25 Jul 2023 07:56:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:0c:a4:84:bc:07:ef:0b:e1:92:68:43:48:2d:f9:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 25 07:56:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b3467c259963e11bdfc59c2a04b1ed8d413863a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4a:61:22:0c:51:a0:8e:24:a6:03:f4:b4:d0:
05:94:8b:1b:06:ad:d5:1b:95:30:9b:c2:14:08:7b:
d7:07:4e:bf:b1:86:b2:69:f0:53:97:c0:b0:c4:e2:
cf:e8:29:11:9c:65:62:7e:96:fb:b9:22:17:05:84:
68:7f:de:b2:92:8a:b0:a0:38:11:47:70:82:09:90:
10:50:a1:12:fe:71:d6:4f:0d:94:63:3f:99:03:47:
8f:6e:e9:a7:3d:d5:64:d7:11:0a:57:eb:40:17:b9:
11:ad:a5:cb:a2:a5:90:39:db:0d:89:e1:8e:a7:c2:
f1:95:70:00:1a:ca:55:cb:2f:4d:3a:0a:96:65:32:
10:d1:ed:d1:5b:92:01:a0:b4:c8:73:48:3d:38:b9:
5b:12:20:67:36:9b:7e:47:47:fc:e5:18:67:03:79:
15:fa:07:74:3b:6d:b2:8c:6f:32:ae:4e:21:37:c9:
49:6a:3f:19:d3:0e:fe:97:6f:e8:18:bd:1e:15:ad:
41:42:9f:e5:34:b9:fd:ca:5a:40:de:4b:6f:a0:72:
47:52:12:be:92:ab:5e:b5:99:07:76:01:d3:11:48:
a3:dd:e1:1c:14:e0:80:89:0c:46:02:cb:3d:14:34:
26:48:0f:87:d1:6a:00:ad:4b:f6:44:36:0d:87:fa:
af:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:34:67:C2:59:96:3E:11:BD:FC:59:C2:A0:4B:1E:D8:D4:13:86:3A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SzRnwlmWPhG9_FnCoEse2NQThjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.68.0/23
82.153.71.0-82.153.72.255
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.161.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:d8:c3:1e:e4:25:bf:17:b8:03:8e:ef:10:ec:40:bd:e3:30:
63:75:e6:2e:fa:6a:a6:50:f1:7f:8b:cc:b0:f1:6e:7c:80:bc:
35:ca:cc:dc:a4:5c:5b:b2:cf:54:43:3e:16:94:19:7a:17:f6:
2a:f6:6d:79:f2:35:cb:be:8f:80:1c:c4:25:91:58:c0:4d:0e:
a0:ae:ad:e0:bd:6e:a4:89:d5:0c:30:bd:05:a5:8a:a3:13:5c:
c8:9b:45:3d:c3:d0:7a:2d:c4:5c:b0:48:a0:eb:6e:5c:c3:c8:
46:92:bf:65:e1:3e:ff:09:ba:89:f2:64:e8:5a:a8:e1:f3:bd:
d8:84:69:94:b0:5d:3b:3d:e6:40:9a:ad:d6:ac:91:3c:84:b5:
4d:43:99:1d:68:4d:6e:73:64:5e:16:26:09:e7:14:24:ac:c7:
83:6e:e8:87:7b:b7:03:dd:2d:af:a5:91:1d:61:12:2c:89:d0:
f9:cd:b7:e6:0d:9c:da:3d:2e:f4:f6:20:79:ba:f5:d3:58:69:
9d:2a:6f:fb:1c:4d:71:ff:4b:a6:b7:65:ba:0e:18:2d:fe:c5:
7a:80:c9:c9:9c:c3:f4:ab:e0:4b:02:5f:80:88:cf:00:70:19:
b1:3d:69:cf:03:18:c3:6c:2d:9b:d2:b8:1d:59:6e:63:96:1d:
85:e5:a4:19
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYmMDKSEvAfvC+GSaENILfnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzI1MDc1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM0NjdjMjU5OTYzZTExYmRmYzU5YzJhMDRiMWVkOGQ0MTM4NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkphIgxRoI4kpgP0tNAFlIsbBq3V
G5Uwm8IUCHvXB06/sYayafBTl8CwxOLP6CkRnGVifpb7uSIXBYRof96ykoqwoDgR
R3CCCZAQUKES/nHWTw2UYz+ZA0ePbumnPdVk1xEKV+tAF7kRraXLoqWQOdsNieGO
p8LxlXAAGspVyy9NOgqWZTIQ0e3RW5IBoLTIc0g9OLlbEiBnNpt+R0f85RhnA3kV
+gd0O22yjG8yrk4hN8lJaj8Z0w7+l2/oGL0eFa1BQp/lNLn9ylpA3ktvoHJHUhK+
kqtetZkHdgHTEUij3eEcFOCAiQxGAss9FDQmSA+H0WoArUv2RDYNh/qvywIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFEs0Z8JZlj4RvfxZwqBLHtjUE4Y6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU3pSbndsbVdQaEc5X0ZuQ29Fc2UyTlFUaGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAFEFvQME
AFGoIzAMAwQAUah3AwQAUah4AwQAUah7AwQAUah+AwQAUpj4AwQAUpj7AwQAUpj+
AwQBUplEMAwDBABSmUcDBABSmUgDBABSmU8DBABSmYQDBABSmeADBABZ1aEDBAC5
MXwwDQYJKoZIhvcNAQELBQADggEBAKjYwx7kJb8XuAOO7xDsQL3jMGN15i76aqZQ
8X+LzLDxbnyAvDXKzNykXFuyz1RDPhaUGXoX9ir2bXnyNcu+j4AcxCWRWMBNDqCu
reC9bqSJ1QwwvQWliqMTXMibRT3D0HotxFywSKDrblzDyEaSv2XhPv8JuonyZOha
qOHzvdiEaZSwXTs95kCardaskTyEtU1DmR1oTW5zZF4WJgnnFCSsx4Nu6Id7twPd
La+lkR1hEiyJ0PnNt+YNnNo9LvT2IHm69dNYaZ0qb/scTXH/S6a3ZboOGC3+xXqA
ycmcw/Sr4EsCX4CIzwBwGbE9ac8DGMNsLZvSuB1ZbmOWHYXlpBk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:40 2025 by rpki-client