Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XedV6zIiZZOn0BvpwzWgmXlozuw.roa
File: XedV6zIiZZOn0BvpwzWgmXlozuw.roa (raw, json)
Hash identifier: rdYYBoCRqITsPFzyStSThcIFGgGq2q9QPKZvLdUT9+c=
Subject key identifier: 5D:E7:55:EB:32:22:65:93:A7:D0:1B:E9:C3:35:A0:99:79:68:CE:EC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01888A95C914393DB3DD7049E4EF51E85946
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XedV6zIiZZOn0BvpwzWgmXlozuw.roa
Signing time: Mon 05 Jun 2023 08:04:12 +0000
ROA not before: Mon 05 Jun 2023 08:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
82.153.249.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:95:c9:14:39:3d:b3:dd:70:49:e4:ef:51:e8:59:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 5 08:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5de755eb32226593a7d01be9c335a0997968ceec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c4:d4:db:44:0f:09:e4:8e:a5:27:71:7a:06:
1e:63:f0:31:06:18:c8:3c:30:b4:dd:26:59:f1:07:
d3:1c:4c:79:9c:3b:82:49:1e:20:df:9c:e6:54:97:
66:03:94:31:06:bc:aa:41:1a:3c:61:62:9f:21:39:
96:fb:88:67:8b:a2:6d:f0:a9:53:4a:46:19:04:47:
6e:2d:f0:6e:0d:f9:9c:83:ef:fd:b2:79:63:d0:72:
9e:4a:be:02:d3:02:31:d6:65:18:90:ce:d7:6a:88:
51:7e:b0:fe:be:e2:c9:4d:6e:8c:7e:8f:46:67:82:
4d:21:b4:2f:8a:f5:2b:67:e0:f4:b5:c2:2c:ba:95:
b9:76:0f:a4:e0:db:79:69:11:d4:32:58:71:ce:ba:
cb:8f:c9:d7:a3:8e:6c:2e:5a:8b:69:6a:c5:d8:d1:
e6:9e:01:6b:d4:40:34:77:c3:a4:da:3a:a8:a1:58:
d3:df:35:17:f4:9a:2b:50:fc:be:05:69:b9:39:ce:
29:05:a4:75:2a:f4:ed:18:58:91:90:7d:1a:7e:2a:
54:af:e4:cb:d5:62:32:12:30:33:88:e8:0f:3e:f6:
b2:dd:07:9a:14:49:07:8d:ee:95:09:fb:70:22:a4:
6f:ec:1b:ee:8a:ba:0a:b1:38:10:73:ed:d9:e9:e1:
55:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E7:55:EB:32:22:65:93:A7:D0:1B:E9:C3:35:A0:99:79:68:CE:EC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XedV6zIiZZOn0BvpwzWgmXlozuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.153.73.0/24
82.153.136.0/22
82.153.222.0/24
82.153.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:e8:77:bf:3c:92:32:f8:76:93:8d:b9:5b:d7:ce:f6:82:c8:
c3:e0:75:b7:6b:b1:bd:c5:bd:30:ef:01:be:1b:02:ad:fc:cc:
c0:5f:c2:23:96:a9:f6:95:2d:5b:e6:51:42:fe:46:29:24:38:
7e:c1:c7:4c:ac:15:39:57:18:bd:7f:2a:1a:cf:30:9f:fe:be:
5a:8d:85:27:7b:7f:70:ed:a1:f2:5a:c6:b9:4e:64:95:77:82:
58:da:bf:e6:80:11:3a:d9:91:82:b7:b3:6a:cf:03:57:9f:b2:
b7:e8:23:87:32:7e:9b:55:dd:f7:40:a9:8a:89:18:c7:28:d8:
3f:3d:9e:c6:6e:11:41:b9:57:b6:fa:4e:1e:29:95:20:24:3a:
15:ce:58:f3:43:e4:2d:d6:41:40:88:13:ab:bc:ec:62:d7:9b:
d6:4c:3a:eb:ff:96:08:50:5a:de:db:b5:f0:b5:fe:9d:34:43:
43:90:be:2b:17:de:54:53:1e:9e:f8:5c:86:22:ba:8d:a2:9c:
02:35:b9:d2:76:bc:35:0a:88:c6:1f:7d:f9:9f:29:dc:9f:80:
dd:7c:c0:83:ce:70:a1:13:b4:73:1c:3a:ec:c7:b7:9a:97:67:
20:9e:90:2b:21:c8:4c:04:fe:35:41:17:2a:7c:d3:b4:25:2e:
b8:81:9f:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYiKlckUOT2z3XBJ5O9R6FlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU3NTVlYjMyMjI2NTkzYTdkMDFiZTljMzM1YTA5OTc5NjhjZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cTU20QPCeSOpSdxegYeY/AxBhjI
PDC03SZZ8QfTHEx5nDuCSR4g35zmVJdmA5QxBryqQRo8YWKfITmW+4hni6Jt8KlT
SkYZBEduLfBuDfmcg+/9snlj0HKeSr4C0wIx1mUYkM7XaohRfrD+vuLJTW6Mfo9G
Z4JNIbQvivUrZ+D0tcIsupW5dg+k4Nt5aRHUMlhxzrrLj8nXo45sLlqLaWrF2NHm
ngFr1EA0d8Ok2jqooVjT3zUX9JorUPy+BWm5Oc4pBaR1KvTtGFiRkH0afipUr+TL
1WIyEjAziOgPPvay3QeaFEkHje6VCftwIqRv7BvuiroKsTgQc+3Z6eFVZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF3nVesyImWTp9Ab6cM1oJl5aM7sMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWGVkVjZ6SWlaWk9uMEJ2cHd6V2dtWGxvenV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUah3AwQA
Uah7AwQAUplJAwQCUpmIAwQAUpneAwQAUpn5MA0GCSqGSIb3DQEBCwUAA4IBAQAv
6He/PJIy+HaTjblb1872gsjD4HW3a7G9xb0w7wG+GwKt/MzAX8Ijlqn2lS1b5lFC
/kYpJDh+wcdMrBU5Vxi9fyoazzCf/r5ajYUne39w7aHyWsa5TmSVd4JY2r/mgBE6
2ZGCt7NqzwNXn7K36COHMn6bVd33QKmKiRjHKNg/PZ7GbhFBuVe2+k4eKZUgJDoV
zljzQ+Qt1kFAiBOrvOxi15vWTDrr/5YIUFre27Xwtf6dNENDkL4rF95UUx6e+FyG
IrqNopwCNbnSdrw1CojGH335nyncn4DdfMCDznChE7RzHDrsx7eal2cgnpArIchM
BP41QRcqfNO0JS64gZ/3
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:03:56 2025 by rpki-client