Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YD9o7cUbFJA-G0jbNwomspI-tXw.roa
File: YD9o7cUbFJA-G0jbNwomspI-tXw.roa (raw, json)
Hash identifier: VuZQSrcpPEvbkY541P7A04bCQgOao+74SDOXdN/ctcY=
Subject key identifier: 60:3F:68:ED:C5:1B:14:90:3E:1B:48:DB:37:0A:26:B2:92:3E:B5:7C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0186CC538E77FB1DF94732CE041DCC9B084B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YD9o7cUbFJA-G0jbNwomspI-tXw.roa
Signing time: Fri 10 Mar 2023 16:21:13 +0000
ROA not before: Fri 10 Mar 2023 16:21:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207326
IP address blocks: 82.152.174.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cc:53:8e:77:fb:1d:f9:47:32:ce:04:1d:cc:9b:08:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 10 16:21:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=603f68edc51b14903e1b48db370a26b2923eb57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b7:24:14:be:90:f1:1d:81:b3:e2:f4:41:6b:
c0:66:12:1d:ee:87:25:26:9e:04:e2:c7:35:f8:89:
ef:d0:d6:70:50:52:96:ea:06:91:7a:b5:7b:ba:74:
84:d4:7b:e5:df:2a:2d:b4:b5:cb:ea:00:07:c4:41:
0c:f6:a5:c1:de:94:46:d6:11:6c:78:b5:bd:6d:b9:
bc:28:5b:42:33:0b:83:c6:71:d9:28:5b:e6:76:1a:
39:b5:eb:37:83:ce:96:e1:2f:89:97:6d:60:63:0c:
7e:5e:7c:7c:b9:1d:91:31:49:fd:5f:5e:f7:b6:61:
77:32:09:bb:a5:52:44:3f:30:18:1e:a2:71:5f:74:
e2:c2:36:bb:ed:b9:0b:fb:2f:26:39:e2:f6:d7:ae:
fe:f0:de:b5:86:6f:65:48:f4:c5:e1:77:c7:76:33:
c6:2f:0a:f4:a8:7e:b8:07:70:74:6e:cb:87:aa:11:
fa:58:aa:93:c1:07:8c:0f:b9:20:28:d6:8e:c4:4f:
ad:95:58:aa:56:ea:a0:50:26:a6:80:92:7a:93:9c:
1e:64:96:b7:5b:e6:d7:42:35:77:04:6a:ce:1a:8c:
ec:8b:11:7b:d4:b4:a3:72:af:0a:8c:e9:ae:b2:28:
89:c1:a8:71:88:4b:d9:b1:f3:f8:7a:10:df:60:5f:
d2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3F:68:ED:C5:1B:14:90:3E:1B:48:DB:37:0A:26:B2:92:3E:B5:7C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YD9o7cUbFJA-G0jbNwomspI-tXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.174.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:ed:c6:8e:48:96:4c:63:a6:9a:b7:44:f8:3b:c0:57:02:61:
01:71:db:b9:ce:99:0d:b1:09:d3:af:12:74:11:42:13:38:01:
9a:7f:66:36:78:94:28:a1:93:52:52:8b:bd:e6:01:4d:55:38:
62:a9:55:64:63:55:ca:57:aa:01:4e:50:e1:25:79:e5:20:85:
20:34:44:55:59:29:84:26:d0:b0:d9:b7:64:b0:16:34:de:e0:
ab:cf:83:d1:89:a9:5a:20:cc:96:48:1a:87:2e:1b:c4:c1:52:
48:7e:cf:b9:0c:3d:13:69:36:ac:cb:d0:0b:c1:8d:c4:38:17:
ea:2b:2e:4f:3d:9c:c6:ee:9d:2e:d3:6b:12:ba:f0:57:5b:bb:
28:a1:d3:ba:35:f5:21:36:8d:08:1c:37:21:5a:c2:58:25:82:
28:4b:47:99:19:4c:fd:29:4f:c7:5f:c4:98:38:bc:8b:1c:7f:
6a:41:94:5f:a9:a6:fe:4f:ef:db:76:00:b5:de:e0:1c:fe:e7:
d6:c0:7d:df:08:54:5a:b1:00:ca:59:fd:76:7a:04:c3:3f:f6:
eb:1c:1d:0f:bb:45:76:0f:40:e9:3f:b9:db:57:0d:e8:7c:10:
e4:5f:1d:01:4c:8f:0c:0d:e3:02:c0:02:45:4c:18:0b:9f:12:
67:88:34:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbMU453+x35RzLOBB3MmwhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzEwMTYyMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDNmNjhlZGM1MWIxNDkwM2UxYjQ4ZGIzNzBhMjZiMjkyM2ViNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bckFL6Q8R2Bs+L0QWvAZhId7ocl
Jp4E4sc1+Inv0NZwUFKW6gaRerV7unSE1Hvl3yottLXL6gAHxEEM9qXB3pRG1hFs
eLW9bbm8KFtCMwuDxnHZKFvmdho5tes3g86W4S+Jl21gYwx+Xnx8uR2RMUn9X173
tmF3Mgm7pVJEPzAYHqJxX3Tiwja77bkL+y8mOeL2167+8N61hm9lSPTF4XfHdjPG
Lwr0qH64B3B0bsuHqhH6WKqTwQeMD7kgKNaOxE+tlViqVuqgUCamgJJ6k5weZJa3
W+bXQjV3BGrOGozsixF71LSjcq8KjOmusiiJwahxiEvZsfP4ehDfYF/SfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGA/aO3FGxSQPhtI2zcKJrKSPrV8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWUQ5bzdjVWJGSkEtRzBqYk53b21zcEktdFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUpiuMA0G
CSqGSIb3DQEBCwUAA4IBAQCj7caOSJZMY6aat0T4O8BXAmEBcdu5zpkNsQnTrxJ0
EUITOAGaf2Y2eJQooZNSUou95gFNVThiqVVkY1XKV6oBTlDhJXnlIIUgNERVWSmE
JtCw2bdksBY03uCrz4PRialaIMyWSBqHLhvEwVJIfs+5DD0TaTasy9ALwY3EOBfq
Ky5PPZzG7p0u02sSuvBXW7soodO6NfUhNo0IHDchWsJYJYIoS0eZGUz9KU/HX8SY
OLyLHH9qQZRfqab+T+/bdgC13uAc/ufWwH3fCFRasQDKWf12egTDP/brHB0Pu0V2
D0DpP7nbVw3ofBDkXx0BTI8MDeMCwAJFTBgLnxJniDR0
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:20 2025 by rpki-client