Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ws6VusuSl5soYlOqjUG9zeaU1Ag.roa
File: Ws6VusuSl5soYlOqjUG9zeaU1Ag.roa (raw, json)
Hash identifier: SWnNHiGuK9/kNcs6ebSzUbGXOlFzGvUi63GNd37ZME0=
Subject key identifier: 5A:CE:95:BA:CB:92:97:9B:28:62:53:AA:8D:41:BD:CD:E6:94:D4:08
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01847FAE5C03CECA63CAD8DB6834B01D046C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ws6VusuSl5soYlOqjUG9zeaU1Ag.roa
Signing time: Wed 16 Nov 2022 09:04:04 +0000
ROA not before: Wed 16 Nov 2022 09:04:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61135
IP address blocks: 82.153.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:ae:5c:03:ce:ca:63:ca:d8:db:68:34:b0:1d:04:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 16 09:04:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ace95bacb92979b286253aa8d41bdcde694d408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:18:0b:ee:bd:36:87:1f:13:b7:81:0b:2e:86:
51:4e:ce:15:bb:0a:90:a4:89:95:12:7a:f9:7b:a1:
3b:27:c0:e0:4b:78:93:2a:68:85:54:d1:49:68:ef:
2f:fb:27:3d:05:12:22:3a:83:77:86:99:38:ca:6f:
09:2e:ba:64:4b:71:65:22:84:5d:aa:7a:db:ed:72:
23:80:cd:73:02:b1:ad:de:6d:c6:22:bd:c6:17:a8:
c2:38:e7:f2:e2:a5:28:9c:44:d0:21:07:c5:49:88:
98:1b:2f:6e:a2:60:12:a6:50:6d:e2:57:fd:6f:ec:
02:5c:44:98:52:b4:1a:9c:bd:9c:b3:5e:40:20:47:
c9:7f:ef:c1:c9:46:8f:b3:bf:9a:b2:29:7e:15:84:
de:bf:93:f7:a2:20:30:c3:84:4d:77:dd:4f:80:3b:
b7:77:a7:2a:f7:5b:38:c6:76:14:00:da:4b:a7:05:
8c:db:41:1e:2c:d9:72:95:9f:ed:a4:b4:a1:d2:8e:
d1:81:c1:33:fd:d3:ac:56:19:8c:aa:f3:2a:12:05:
8d:cf:d4:72:7c:28:d7:ef:59:f6:0c:1b:da:fb:e4:
37:01:10:27:9e:a6:09:08:ec:b5:04:df:3d:7f:2a:
6f:fd:a3:d7:33:b8:42:2b:eb:bc:b8:13:e3:22:24:
98:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CE:95:BA:CB:92:97:9B:28:62:53:AA:8D:41:BD:CD:E6:94:D4:08
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ws6VusuSl5soYlOqjUG9zeaU1Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.246.0/24
Signature Algorithm: sha256WithRSAEncryption
12:73:7a:0f:9d:b5:02:76:a2:18:1c:56:6d:15:0b:59:06:d4:
4b:2f:c6:86:ac:d1:c8:30:b4:07:f2:8d:cd:d6:da:33:ce:d8:
5b:9e:85:34:65:ef:00:d1:05:1a:d4:0b:ee:25:57:d4:f2:69:
70:e1:d3:3f:96:ef:34:b3:93:02:f7:0f:14:1a:76:2f:df:dd:
d3:9c:8b:25:03:58:ce:9d:92:8e:7a:72:26:77:80:2d:76:df:
2a:95:19:7e:ee:c9:90:b2:d9:48:e5:d5:08:98:2d:b5:5c:4b:
07:89:48:fd:74:59:46:c6:d1:3e:bb:23:40:cb:3c:c8:45:24:
b7:42:3c:a6:2f:83:d0:93:92:f9:0d:e7:fb:21:5e:d5:25:9b:
b8:a5:74:15:63:84:65:49:29:5a:13:52:0a:28:c1:b1:3e:c0:
09:52:f9:1c:ae:3e:40:3f:4d:cc:b9:03:98:26:5f:de:79:69:
88:02:b6:c0:39:a4:d9:a8:fb:23:f4:fd:46:64:c2:ce:88:89:
b4:d8:a3:25:35:09:5e:9b:f8:b5:c9:03:4b:c7:dc:94:2d:61:
d7:ba:91:a2:ed:c6:a7:14:38:4c:86:73:bd:89:19:16:8c:5b:
97:70:c5:b4:48:d7:ec:88:3c:4d:d8:85:8b:0e:77:0a:ec:78:
2a:1d:25:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR/rlwDzspjytjbaDSwHQRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTE2MDkwNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWNlOTViYWNiOTI5NzliMjg2MjUzYWE4ZDQxYmRjZGU2OTRkNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohgL7r02hx8Tt4ELLoZRTs4VuwqQ
pImVEnr5e6E7J8DgS3iTKmiFVNFJaO8v+yc9BRIiOoN3hpk4ym8JLrpkS3FlIoRd
qnrb7XIjgM1zArGt3m3GIr3GF6jCOOfy4qUonETQIQfFSYiYGy9uomASplBt4lf9
b+wCXESYUrQanL2cs15AIEfJf+/ByUaPs7+asil+FYTev5P3oiAww4RNd91PgDu3
d6cq91s4xnYUANpLpwWM20EeLNlylZ/tpLSh0o7RgcEz/dOsVhmMqvMqEgWNz9Ry
fCjX71n2DBva++Q3ARAnnqYJCOy1BN89fypv/aPXM7hCK+u8uBPjIiSYawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrOlbrLkpebKGJTqo1Bvc3mlNQIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV3M2VnVzdVNsNXNvWWxPcWpVRzl6ZWFVMUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn2MA0G
CSqGSIb3DQEBCwUAA4IBAQASc3oPnbUCdqIYHFZtFQtZBtRLL8aGrNHIMLQH8o3N
1tozzthbnoU0Ze8A0QUa1AvuJVfU8mlw4dM/lu80s5MC9w8UGnYv393TnIslA1jO
nZKOenImd4Atdt8qlRl+7smQstlI5dUImC21XEsHiUj9dFlGxtE+uyNAyzzIRSS3
QjymL4PQk5L5Def7IV7VJZu4pXQVY4RlSSlaE1IKKMGxPsAJUvkcrj5AP03MuQOY
Jl/eeWmIArbAOaTZqPsj9P1GZMLOiIm02KMlNQlem/i1yQNLx9yULWHXupGi7can
FDhMhnO9iRkWjFuXcMW0SNfsiDxN2IWLDncK7HgqHSUW
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:06 2025 by rpki-client