Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XIWdK7U3MTZoqKOnE7_acpOkesU.roa
File: XIWdK7U3MTZoqKOnE7_acpOkesU.roa (raw, json)
Hash identifier: HdC9wP98qfUJt+qHKwFFN1vpAVYiHwxubAwXUH20gp0=
Subject key identifier: 5C:85:9D:2B:B5:37:31:36:68:A8:A3:A7:13:BF:DA:72:93:A4:7A:C5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0188AEA50C33D8791036D5E304FACC4CC5A3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XIWdK7U3MTZoqKOnE7_acpOkesU.roa
Signing time: Mon 12 Jun 2023 08:07:12 +0000
ROA not before: Mon 12 Jun 2023 08:07:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 82.153.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:a5:0c:33:d8:79:10:36:d5:e3:04:fa:cc:4c:c5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 12 08:07:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c859d2bb537313668a8a3a713bfda7293a47ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d9:d1:38:b7:04:f3:9c:38:ef:e9:b0:d5:e2:
fa:20:17:34:5e:91:eb:c4:69:ab:fe:26:60:2c:d9:
10:be:c4:a0:43:87:b0:7a:3c:d2:2f:1c:97:a8:b6:
8c:71:15:0f:91:a8:d3:f7:69:eb:ab:bf:39:40:8e:
8b:1f:de:06:32:a0:56:9f:29:8d:ae:d6:2a:fd:4f:
a6:98:bf:fa:57:5d:71:e4:3b:24:00:59:f7:ce:cc:
bc:b4:15:bb:ea:23:f4:d4:a8:cd:8f:f3:12:ed:c6:
95:63:7d:b8:c2:ce:6b:c2:7a:b3:ab:92:53:8a:67:
04:e7:e6:40:c7:8e:bc:df:f6:00:bd:c0:be:ac:85:
fa:4e:f7:0a:a9:58:c1:de:14:6c:87:e3:7c:ae:e5:
04:8f:7e:81:23:16:2b:57:9a:53:35:d7:bd:a4:32:
6f:ff:7b:6f:e0:f1:17:c5:31:e1:53:4c:cc:0a:5b:
9a:a6:14:82:25:34:7f:46:a8:85:aa:8a:77:5e:1a:
1f:cb:47:9d:81:92:66:99:9d:05:c9:71:0b:4d:9f:
9c:d2:95:2e:87:1f:d6:71:96:fc:28:d6:69:26:e7:
bc:c3:da:e6:d7:cc:be:fb:40:e5:b9:a9:36:47:21:
04:ae:83:e5:ca:d8:75:d5:cc:ba:bd:4b:1d:e6:d5:
b2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:85:9D:2B:B5:37:31:36:68:A8:A3:A7:13:BF:DA:72:93:A4:7A:C5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XIWdK7U3MTZoqKOnE7_acpOkesU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.138.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:f9:80:6a:d2:34:9d:c5:47:b5:45:ad:60:98:6c:8a:9c:a5:
8c:a3:c9:5c:76:ac:f0:62:bb:68:64:cb:a3:39:52:5c:d9:ff:
2d:0f:16:88:eb:7e:6b:26:ae:23:2a:4c:ef:3d:a8:46:2b:ef:
84:7f:f9:a9:b3:21:4a:0a:a4:1a:a3:15:99:b8:bb:fe:45:b2:
19:88:83:5a:02:a7:00:a2:c5:41:a4:7e:07:55:54:29:a4:c5:
22:e1:67:a4:40:11:ea:f1:b8:62:cd:d9:8d:b8:84:4e:59:d0:
6d:86:57:a2:50:8c:e3:a2:dc:7d:4c:a6:57:8e:8a:ab:ba:31:
40:bc:7e:8f:ff:c6:36:8d:83:3d:49:48:7d:81:fa:e1:09:0c:
af:8c:43:36:4c:7b:fc:9b:da:5e:1a:f0:cd:38:5a:e6:58:6c:
6f:13:62:54:d6:6d:1d:55:f9:81:06:86:77:25:31:44:7f:eb:
dc:2d:62:c6:ba:d1:8f:7f:3c:fa:90:77:97:43:de:b7:d8:36:
aa:de:e1:c9:1b:0c:29:25:bc:24:40:b8:10:61:c3:12:c2:d6:
39:ad:90:c6:20:76:2c:d7:3c:47:9a:1b:7c:88:cc:b3:31:98:
63:82:0e:44:9d:78:11:d4:84:6e:e1:2c:b7:6c:ad:4a:c0:13:
f3:7f:22:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiupQwz2HkQNtXjBPrMTMWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjEyMDgwNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg1OWQyYmI1MzczMTM2NjhhOGEzYTcxM2JmZGE3MjkzYTQ3YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dnROLcE85w47+mw1eL6IBc0XpHr
xGmr/iZgLNkQvsSgQ4ewejzSLxyXqLaMcRUPkajT92nrq785QI6LH94GMqBWnymN
rtYq/U+mmL/6V11x5DskAFn3zsy8tBW76iP01KjNj/MS7caVY324ws5rwnqzq5JT
imcE5+ZAx4683/YAvcC+rIX6TvcKqVjB3hRsh+N8ruUEj36BIxYrV5pTNde9pDJv
/3tv4PEXxTHhU0zMCluaphSCJTR/RqiFqop3Xhofy0edgZJmmZ0FyXELTZ+c0pUu
hx/WcZb8KNZpJue8w9rm18y++0Dluak2RyEEroPlyth11cy6vUsd5tWyVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyFnSu1NzE2aKijpxO/2nKTpHrFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWElXZEs3VTNNVFpvcUtPbkU3X2FjcE9rZXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpmKMA0G
CSqGSIb3DQEBCwUAA4IBAQBv+YBq0jSdxUe1Ra1gmGyKnKWMo8lcdqzwYrtoZMuj
OVJc2f8tDxaI635rJq4jKkzvPahGK++Ef/mpsyFKCqQaoxWZuLv+RbIZiINaAqcA
osVBpH4HVVQppMUi4WekQBHq8bhizdmNuIROWdBthleiUIzjotx9TKZXjoqrujFA
vH6P/8Y2jYM9SUh9gfrhCQyvjEM2THv8m9peGvDNOFrmWGxvE2JU1m0dVfmBBoZ3
JTFEf+vcLWLGutGPfzz6kHeXQ9632Daq3uHJGwwpJbwkQLgQYcMSwtY5rZDGIHYs
1zxHmht8iMyzMZhjgg5EnXgR1IRu4Sy3bK1KwBPzfyIJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:31 2025 by rpki-client