Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tl4o-AYjnY71iWKEQNYaEZHJxvc.roa
File: Tl4o-AYjnY71iWKEQNYaEZHJxvc.roa (raw, json)
Hash identifier: oIKJXUHXmaiIx7LkI5ekPktvg/i9cG40D5x4/ligmkA=
Subject key identifier: 4E:5E:28:F8:06:23:9D:8E:F5:89:62:84:40:D6:1A:11:91:C9:C6:F7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01885877C779BEB222C8A271057A2B4876BC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tl4o-AYjnY71iWKEQNYaEZHJxvc.roa
Signing time: Fri 26 May 2023 14:30:24 +0000
ROA not before: Fri 26 May 2023 14:30:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51559
IP address blocks: 82.153.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:58:77:c7:79:be:b2:22:c8:a2:71:05:7a:2b:48:76:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 26 14:30:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e5e28f806239d8ef589628440d61a1191c9c6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:24:d5:f8:88:77:85:39:af:0b:72:bf:16:4f:
a9:53:8c:ef:98:55:7b:d9:15:f9:ce:36:e3:92:8c:
43:e8:1e:c0:82:11:c3:db:0f:2b:b5:3f:f5:82:23:
e5:a2:b6:24:37:ea:0e:a1:b6:36:49:8f:04:2a:4d:
18:58:6d:04:9c:ac:6e:b0:a5:87:0d:8c:54:53:ea:
53:a2:f3:b8:32:95:74:18:38:88:56:55:44:70:f4:
05:46:55:71:ea:fa:7f:b7:74:f8:62:88:3e:84:d1:
87:58:6b:59:67:13:95:60:24:5f:e7:80:98:4b:79:
d7:33:05:75:72:64:4a:8c:dc:3f:c1:04:af:2d:3a:
d7:09:97:d2:f9:98:c9:75:8b:e5:ae:36:9a:08:d9:
9a:4f:ae:46:8f:13:bb:b0:3a:a7:02:33:6d:71:ba:
ac:3e:d4:55:19:73:51:59:24:ef:a7:97:a7:9b:ed:
3b:51:64:ef:b4:12:e7:2a:47:bc:81:96:a6:58:4b:
fe:68:86:69:98:e0:dd:b3:18:e8:77:18:20:3c:5f:
cb:e4:86:5f:69:2d:50:8c:1b:50:ec:b1:ae:b1:fe:
5a:f0:76:3a:95:fc:c5:94:19:58:67:e0:d5:28:42:
8b:5d:a5:24:98:c9:f6:1f:de:68:96:69:9d:78:e9:
b5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5E:28:F8:06:23:9D:8E:F5:89:62:84:40:D6:1A:11:91:C9:C6:F7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tl4o-AYjnY71iWKEQNYaEZHJxvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.70.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:49:33:fd:bf:b7:0c:af:16:21:ba:36:a4:cb:4a:c0:76:b6:
b5:f7:be:29:c3:07:1d:5f:10:11:72:e2:e8:2d:fb:b2:7e:6b:
28:4b:2a:5c:77:ae:b8:dc:7b:0b:f3:b6:ba:d3:c7:24:dc:e3:
40:58:00:ed:67:b9:66:15:40:31:bb:9b:32:85:04:b4:01:a2:
86:da:a3:94:3d:dc:c6:c7:c4:de:30:fb:cc:f5:c6:56:e5:23:
69:c1:53:71:1d:8c:3a:36:38:f2:9a:cd:55:b0:b1:c8:08:a6:
f5:01:da:9a:89:c6:7f:1c:a3:43:f7:60:6d:23:33:a5:e7:c0:
b2:55:40:92:bf:65:2e:6e:95:f7:b7:74:07:e6:31:8d:bf:bc:
f2:de:9c:f8:35:23:05:51:56:fd:df:97:0f:3e:97:76:bb:29:
ab:c3:09:37:b3:93:8c:15:80:43:ac:55:04:2b:c1:e3:c1:ad:
84:ec:44:92:9a:b6:eb:a3:62:ac:d0:b9:59:55:db:e8:15:dd:
e2:d8:5d:51:cf:a3:bd:4b:15:4b:80:40:39:cb:18:ba:16:02:
86:71:cd:34:95:cd:e3:0a:f3:f7:09:99:8d:a8:e3:a5:48:8c:
93:57:34:60:93:a7:d9:d1:6b:bc:28:0d:ab:a8:50:02:97:e4:
6f:ba:1f:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhYd8d5vrIiyKJxBXorSHa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTI2MTQzMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVlMjhmODA2MjM5ZDhlZjU4OTYyODQ0MGQ2MWExMTkxYzljNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyTV+Ih3hTmvC3K/Fk+pU4zvmFV7
2RX5zjbjkoxD6B7AghHD2w8rtT/1giPlorYkN+oOobY2SY8EKk0YWG0EnKxusKWH
DYxUU+pTovO4MpV0GDiIVlVEcPQFRlVx6vp/t3T4Yog+hNGHWGtZZxOVYCRf54CY
S3nXMwV1cmRKjNw/wQSvLTrXCZfS+ZjJdYvlrjaaCNmaT65GjxO7sDqnAjNtcbqs
PtRVGXNRWSTvp5enm+07UWTvtBLnKke8gZamWEv+aIZpmODdsxjodxggPF/L5IZf
aS1QjBtQ7LGusf5a8HY6lfzFlBlYZ+DVKEKLXaUkmMn2H95olmmdeOm1XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5eKPgGI52O9YlihEDWGhGRycb3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVGw0by1BWWpuWTcxaVdLRVFOWWFFWkhKeHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplGMA0G
CSqGSIb3DQEBCwUAA4IBAQBcSTP9v7cMrxYhujaky0rAdra1974pwwcdXxARcuLo
LfuyfmsoSypcd6643HsL87a608ck3ONAWADtZ7lmFUAxu5syhQS0AaKG2qOUPdzG
x8TeMPvM9cZW5SNpwVNxHYw6Njjyms1VsLHICKb1AdqaicZ/HKND92BtIzOl58Cy
VUCSv2UubpX3t3QH5jGNv7zy3pz4NSMFUVb935cPPpd2uymrwwk3s5OMFYBDrFUE
K8Hjwa2E7ESSmrbro2Ks0LlZVdvoFd3i2F1Rz6O9SxVLgEA5yxi6FgKGcc00lc3j
CvP3CZmNqOOlSIyTVzRgk6fZ0Wu8KA2rqFACl+Rvuh8j
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:04 2025 by rpki-client