Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z8iEk3e4vIpfEO5NwAZOFpv-mEM.roa
File: Z8iEk3e4vIpfEO5NwAZOFpv-mEM.roa (raw, json)
Hash identifier: cS38OF7VVFi32vRJL0D5zsBLySTt+hoWncbUdVPrj0A=
Subject key identifier: 67:C8:84:93:77:B8:BC:8A:5F:10:EE:4D:C0:06:4E:16:9B:FE:98:43
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018571FA2E20273095A511A76602C7E344EF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z8iEk3e4vIpfEO5NwAZOFpv-mEM.roa
Signing time: Mon 02 Jan 2023 10:14:59 +0000
ROA not before: Mon 02 Jan 2023 10:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211439
IP address blocks: 82.153.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:2e:20:27:30:95:a5:11:a7:66:02:c7:e3:44:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 10:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67c8849377b8bc8a5f10ee4dc0064e169bfe9843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f9:66:31:87:02:cb:e2:40:73:08:64:e6:ea:
c4:63:13:41:4d:d9:53:bb:9a:8f:25:6c:6a:f1:67:
c6:e8:e4:09:07:16:c4:7e:f1:5c:43:df:02:f2:51:
2b:2d:4b:9c:fb:54:b7:1f:6c:0f:3d:df:ea:29:91:
cf:c3:4d:e4:1e:57:c7:da:79:d0:81:12:0c:53:16:
35:ba:cf:32:dc:42:f9:c0:0b:e4:e0:0c:c3:de:42:
bb:ae:e4:6e:ff:ab:08:38:b8:27:81:53:77:6a:81:
c5:d7:9d:f1:e6:34:94:3c:2e:8d:14:2b:2c:f7:f4:
7d:53:10:1c:de:e2:6c:02:1f:bd:a3:6f:c7:79:a6:
b6:67:6c:f9:78:4e:3b:d1:ee:d8:ae:c6:b9:0a:67:
73:cd:9a:c3:da:67:ee:8d:46:47:47:39:0e:9a:56:
a9:59:de:f6:56:a4:05:c1:dc:36:2e:89:71:b7:40:
f8:7d:a2:25:4b:82:d1:9b:f3:e7:8a:4f:6f:bb:b2:
95:a6:90:42:05:68:55:ed:fd:41:16:e0:14:86:cd:
a1:2c:02:e9:28:f8:8a:c9:17:e5:af:20:f0:36:cf:
62:a0:0c:92:40:52:f3:c9:24:3a:d8:3a:0c:e7:b3:
2c:43:3b:d3:31:66:16:dd:7b:fa:eb:ed:46:42:0d:
85:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C8:84:93:77:B8:BC:8A:5F:10:EE:4D:C0:06:4E:16:9B:FE:98:43
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Z8iEk3e4vIpfEO5NwAZOFpv-mEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.249.0/24
Signature Algorithm: sha256WithRSAEncryption
29:8a:52:50:34:cc:2f:eb:93:fb:a0:93:4e:b0:f7:b0:ad:24:
e6:62:de:5a:91:84:d1:c5:3b:e1:9f:39:ce:8a:45:8c:5f:c1:
9a:e8:66:ef:d8:62:8e:87:15:a9:1b:4e:0b:94:3a:29:69:cd:
c5:e2:c9:c7:45:6e:a0:e8:49:76:bc:4d:b8:82:46:17:d8:d3:
b3:b0:12:5a:77:43:0e:b9:ea:bd:b8:c5:45:41:28:9a:3b:da:
f5:1c:0b:08:9d:c1:14:ae:e7:30:f0:39:ab:93:0b:7e:15:82:
b1:54:88:2d:1f:f0:80:ae:21:4c:10:4c:46:31:ee:c4:77:2b:
56:77:60:ac:76:a1:de:ad:bf:c1:d4:7a:d1:06:60:77:8c:42:
d9:fc:0c:ae:60:09:37:6d:09:3b:1c:5a:60:85:d1:2c:73:d1:
a6:e5:0c:e2:f9:eb:b7:34:1d:f4:a8:83:d7:2d:77:5a:70:29:
4d:65:19:61:50:a5:8e:20:cd:76:bd:fe:64:d9:c0:c8:6c:08:
cb:7a:59:84:aa:ef:00:72:df:3b:34:13:85:c6:f8:07:bc:3a:
d4:5c:11:57:3a:d0:fb:35:6f:b0:6b:9f:9b:30:79:b0:68:be:
b9:f8:8c:6d:f6:5b:79:2f:08:b8:f9:d1:d8:8e:05:ef:52:c6:
d5:97:6d:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+i4gJzCVpRGnZgLH40TvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2M4ODQ5Mzc3YjhiYzhhNWYxMGVlNGRjMDA2NGUxNjliZmU5ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoflmMYcCy+JAcwhk5urEYxNBTdlT
u5qPJWxq8WfG6OQJBxbEfvFcQ98C8lErLUuc+1S3H2wPPd/qKZHPw03kHlfH2nnQ
gRIMUxY1us8y3EL5wAvk4AzD3kK7ruRu/6sIOLgngVN3aoHF153x5jSUPC6NFCss
9/R9UxAc3uJsAh+9o2/Heaa2Z2z5eE470e7Yrsa5CmdzzZrD2mfujUZHRzkOmlap
Wd72VqQFwdw2Lolxt0D4faIlS4LRm/Pnik9vu7KVppBCBWhV7f1BFuAUhs2hLALp
KPiKyRflryDwNs9ioAySQFLzySQ62DoM57MsQzvTMWYW3Xv66+1GQg2F7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfIhJN3uLyKXxDuTcAGThab/phDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWjhpRWszZTR2SXBmRU81TndBWk9GcHYtbUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn5MA0G
CSqGSIb3DQEBCwUAA4IBAQApilJQNMwv65P7oJNOsPewrSTmYt5akYTRxTvhnznO
ikWMX8Ga6Gbv2GKOhxWpG04LlDopac3F4snHRW6g6El2vE24gkYX2NOzsBJad0MO
ueq9uMVFQSiaO9r1HAsIncEUrucw8Dmrkwt+FYKxVIgtH/CAriFMEExGMe7EdytW
d2CsdqHerb/B1HrRBmB3jELZ/AyuYAk3bQk7HFpghdEsc9Gm5Qzi+eu3NB30qIPX
LXdacClNZRlhUKWOIM12vf5k2cDIbAjLelmEqu8Act87NBOFxvgHvDrUXBFXOtD7
NW+wa5+bMHmwaL65+Ixt9lt5Lwi4+dHYjgXvUsbVl20O
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:28 2025 by rpki-client