Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WHdpnPhUs23rarK2y1UkKpd-hmc.roa
File: WHdpnPhUs23rarK2y1UkKpd-hmc.roa (raw, json)
Hash identifier: YD6ZwrNFZn0PuXXofuSHjSan0eYvJkqJHxHwP9s0Lhg=
Subject key identifier: 58:77:69:9C:F8:54:B3:6D:EB:6A:B2:B6:CB:55:24:2A:97:7E:86:67
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C9C52742AAE97D95B83641B91B6E221C8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WHdpnPhUs23rarK2y1UkKpd-hmc.roa
Signing time: Sun 24 Dec 2023 14:54:58 +0000
ROA not before: Sun 24 Dec 2023 14:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215813
IP address blocks: 81.168.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:52:74:2a:ae:97:d9:5b:83:64:1b:91:b6:e2:21:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 24 14:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5877699cf854b36deb6ab2b6cb55242a977e8667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:70:a5:21:8d:9b:a6:90:21:63:bf:5c:26:6b:
f2:82:ba:a6:e0:3d:eb:c5:8b:b6:78:2c:a1:4c:ce:
ad:23:08:ba:83:e3:7b:16:dd:27:40:e5:7f:e3:c6:
02:6a:66:23:1b:3f:40:97:e4:37:b9:ce:99:c9:c7:
a9:cf:6f:06:40:e4:92:50:d3:c6:26:34:55:ba:df:
7a:e7:7b:5e:bc:51:c7:12:2e:1d:13:02:8c:2e:45:
c8:79:4c:64:27:e9:08:72:8e:00:5b:92:77:51:ab:
2f:76:34:cd:4e:b3:d9:16:de:a0:cb:62:96:d7:01:
7c:1b:75:e3:e4:4c:c1:4f:1e:f9:6d:9d:8a:3b:f7:
f4:bd:04:c7:f6:53:47:08:25:02:95:6e:27:06:5c:
f3:3e:ce:52:e2:a5:b6:78:8d:5f:e9:95:82:44:e2:
25:74:6a:56:a8:62:7a:b3:77:0e:c6:bd:5a:1c:f1:
ac:d1:34:d4:5d:1f:67:23:be:ba:39:5b:f6:e1:34:
0e:9b:a1:c1:7e:84:d8:3a:91:ef:f8:2d:7b:41:d5:
38:08:db:e8:47:61:16:aa:d6:ac:b6:10:b4:3b:3f:
af:5c:d6:f9:22:ce:bb:6c:3b:df:f5:1a:f2:eb:ca:
13:5f:8f:c9:94:18:0d:fb:85:56:09:74:cd:31:a7:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:77:69:9C:F8:54:B3:6D:EB:6A:B2:B6:CB:55:24:2A:97:7E:86:67
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/WHdpnPhUs23rarK2y1UkKpd-hmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
Signature Algorithm: sha256WithRSAEncryption
51:79:d7:b2:a6:53:81:fd:e8:92:f0:41:d1:44:13:e7:e2:53:
e5:21:a8:77:49:7f:59:b6:8a:d5:8e:6c:50:b5:77:52:52:0d:
f0:d5:bf:68:a1:94:04:1c:9c:9d:67:f1:e6:7b:87:05:86:a6:
47:be:74:3b:95:c2:db:89:22:64:29:ab:7a:f2:c0:26:54:06:
d6:81:92:0b:c1:4f:d0:51:21:25:41:1a:fd:d5:81:02:ba:aa:
94:94:0f:a0:1c:6c:df:a9:6b:0b:43:9b:0d:aa:28:d1:0b:4e:
bd:fe:78:e3:37:6b:76:e1:34:8d:75:9e:41:ec:c3:a4:58:88:
3b:b0:e6:8a:e1:0e:df:bd:25:12:20:bc:e2:20:d1:c8:31:84:
1f:28:a8:bc:77:d9:81:f6:2e:fc:e3:ff:d1:c2:0f:57:1e:78:
42:c8:e3:9f:85:f8:8f:1b:e0:f0:3e:d3:79:9a:02:f8:fe:d8:
d5:f5:50:f7:2a:04:c1:e6:0a:34:2c:f3:92:aa:56:2c:0e:79:
9d:eb:09:36:b4:ed:3c:0a:cb:08:8e:54:3b:2b:3c:40:6e:a0:
11:20:e4:e8:40:82:10:36:32:05:3a:47:50:7e:b8:a1:d5:d9:
73:b1:1e:46:b1:2f:ee:ec:6e:ec:cd:cc:ea:47:4c:5e:46:82:
1d:69:68:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYycUnQqrpfZW4NkG5G24iHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI0MTQ1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc3Njk5Y2Y4NTRiMzZkZWI2YWIyYjZjYjU1MjQyYTk3N2U4NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3ClIY2bppAhY79cJmvygrqm4D3r
xYu2eCyhTM6tIwi6g+N7Ft0nQOV/48YCamYjGz9Al+Q3uc6Zycepz28GQOSSUNPG
JjRVut9653tevFHHEi4dEwKMLkXIeUxkJ+kIco4AW5J3UasvdjTNTrPZFt6gy2KW
1wF8G3Xj5EzBTx75bZ2KO/f0vQTH9lNHCCUClW4nBlzzPs5S4qW2eI1f6ZWCROIl
dGpWqGJ6s3cOxr1aHPGs0TTUXR9nI766OVv24TQOm6HBfoTYOpHv+C17QdU4CNvo
R2EWqtasthC0Oz+vXNb5Is67bDvf9Rry68oTX4/JlBgN+4VWCXTNMadb4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFh3aZz4VLNt62qytstVJCqXfoZnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV0hkcG5QaFVzMjNyYXJLMnkxVWtLcGQtaG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah+MA0G
CSqGSIb3DQEBCwUAA4IBAQBRedeyplOB/eiS8EHRRBPn4lPlIah3SX9ZtorVjmxQ
tXdSUg3w1b9ooZQEHJydZ/Hme4cFhqZHvnQ7lcLbiSJkKat68sAmVAbWgZILwU/Q
USElQRr91YECuqqUlA+gHGzfqWsLQ5sNqijRC069/njjN2t24TSNdZ5B7MOkWIg7
sOaK4Q7fvSUSILziINHIMYQfKKi8d9mB9i784//Rwg9XHnhCyOOfhfiPG+DwPtN5
mgL4/tjV9VD3KgTB5go0LPOSqlYsDnmd6wk2tO08CssIjlQ7KzxAbqARIOToQIIQ
NjIFOkdQfrih1dlzsR5GsS/u7G7szczqR0xeRoIdaWj7
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:30:16 2025 by rpki-client