Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_ZOJyXU080_R8lsef_PfiqeKv8E.roa
File: _ZOJyXU080_R8lsef_PfiqeKv8E.roa (raw, json)
Hash identifier: Q/cH29m1gv5bR/45Z7JnLmQX4e3NWL8xyUeP0nzRzMg=
Subject key identifier: FD:93:89:C9:75:34:F3:4F:D1:F2:5B:1E:7F:F3:DF:8A:A7:8A:BF:C1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0187C6AF79935BD4A798B94D26362B0204A3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_ZOJyXU080_R8lsef_PfiqeKv8E.roa
Signing time: Fri 28 Apr 2023 07:06:41 +0000
ROA not before: Fri 28 Apr 2023 07:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.68.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.70.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.153.209.0/24 maxlen: 24
82.153.210.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.4.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:af:79:93:5b:d4:a7:98:b9:4d:26:36:2b:02:04:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 28 07:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd9389c97534f34fd1f25b1e7ff3df8aa78abfc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:91:7b:60:1d:87:90:91:4d:78:fd:9a:fb:32:
59:fd:27:e7:46:61:b5:f5:1d:2e:25:c0:5d:16:b3:
ef:6f:3a:ef:e5:fd:ae:ff:3f:12:b5:ea:24:35:ad:
dc:02:08:e4:d0:a4:f6:8c:8d:9e:e0:ca:3e:76:b7:
e8:f8:b8:c6:66:31:e4:c7:9f:dc:c5:81:e6:01:f1:
3a:03:5d:c3:41:62:b2:71:17:fa:86:0d:cf:be:d3:
86:18:23:40:6c:6b:3c:cd:4b:11:14:e3:b9:ea:4a:
9d:8d:77:93:fa:58:13:8e:91:f0:d5:35:7c:6f:d9:
ce:26:87:b1:57:70:ce:48:3a:4f:cd:f9:e0:7f:81:
18:78:01:70:9e:14:6f:ea:8c:65:f5:56:06:19:08:
c5:28:cf:ee:f3:db:e0:73:bd:37:89:f8:21:63:78:
65:66:36:b8:50:94:2c:da:53:b3:ac:df:ed:5a:62:
5c:cb:08:58:b6:b2:8c:a3:bd:41:cd:d4:a7:b7:f6:
32:79:6d:60:a2:cc:72:07:df:54:13:93:f6:a0:03:
b4:17:6a:35:ae:22:a6:02:cd:40:5d:f7:69:25:ec:
2a:9d:1e:ef:1d:c2:72:d7:30:c6:d0:92:0f:e3:86:
2c:8a:ce:a6:17:11:da:bb:32:c5:27:5c:44:84:cf:
91:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:93:89:C9:75:34:F3:4F:D1:F2:5B:1E:7F:F3:DF:8A:A7:8A:BF:C1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_ZOJyXU080_R8lsef_PfiqeKv8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.35.0/24
81.168.119.0/24
81.168.123.0/24
82.152.174.0/23
82.152.249.0/24
82.152.251.0/24
82.152.254.0/23
82.153.4.0/24
82.153.65.0/24
82.153.68.0/24
82.153.70.0/23
82.153.209.0-82.153.210.255
82.153.222.0/24
82.153.246.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:4a:1f:a4:cf:4a:a9:06:36:98:46:b5:c8:64:23:b0:17:55:
40:8e:14:52:78:74:ad:3d:ef:b5:b2:e8:f6:92:f2:7e:ad:c2:
af:6a:9f:2b:85:d8:93:1f:19:20:d7:5d:b6:0d:a5:4a:d6:ce:
7c:47:7d:8e:24:05:92:0b:03:77:0d:34:ad:c4:d3:53:45:22:
46:94:4c:3b:d6:1e:79:bf:5a:58:b4:98:c7:fd:35:24:a3:c7:
5d:92:c3:61:d1:01:94:73:9b:49:42:6d:44:95:d8:1f:22:8f:
56:f6:7f:99:bc:5b:75:b7:44:30:1b:c1:45:c7:82:32:10:41:
ce:bd:19:7e:97:60:60:5c:6f:e0:59:bb:b1:bf:b6:32:58:96:
d7:ad:4d:69:90:0f:8b:43:f3:cc:34:82:38:1c:39:bb:97:ba:
c2:4b:04:af:a5:f6:b8:fa:11:31:4b:c2:94:dc:88:2e:2d:aa:
a6:45:c2:89:aa:11:38:85:f0:ef:4f:97:c0:54:f9:16:63:da:
60:7d:f3:1f:91:a6:6c:1b:f3:b5:26:0f:46:77:b2:ab:63:a8:
02:34:c0:90:b2:aa:fe:d4:cc:3a:58:05:de:73:ba:9a:3f:08:
01:c3:ad:49:54:47:a7:af:58:1a:fa:b2:17:5a:73:dd:c4:80:
81:91:07:15
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYfGr3mTW9SnmLlNJjYrAgSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDI4MDcwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkzODljOTc1MzRmMzRmZDFmMjViMWU3ZmYzZGY4YWE3OGFiZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJF7YB2HkJFNeP2a+zJZ/SfnRmG1
9R0uJcBdFrPvbzrv5f2u/z8SteokNa3cAgjk0KT2jI2e4Mo+drfo+LjGZjHkx5/c
xYHmAfE6A13DQWKycRf6hg3PvtOGGCNAbGs8zUsRFOO56kqdjXeT+lgTjpHw1TV8
b9nOJoexV3DOSDpPzfngf4EYeAFwnhRv6oxl9VYGGQjFKM/u89vgc703ifghY3hl
Zja4UJQs2lOzrN/tWmJcywhYtrKMo71BzdSnt/YyeW1gosxyB99UE5P2oAO0F2o1
riKmAs1AXfdpJewqnR7vHcJy1zDG0JIP44Ysis6mFxHauzLFJ1xEhM+R5wIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFP2Ticl1NPNP0fJbHn/z34qnir/BMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvX1pPSnlYVTA4MF9SOGxzZWZfUGZpcWVLdjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAUagjAwQA
Uah3AwQAUah7AwQBUpiuAwQAUpj5AwQAUpj7AwQBUpj+AwQAUpkEAwQAUplBAwQA
UplEAwQBUplGMAwDBABSmdEDBABSmdIDBABSmd4DBABSmfYDBAFSmfgwDQYJKoZI
hvcNAQELBQADggEBAH9KH6TPSqkGNphGtchkI7AXVUCOFFJ4dK0977Wy6PaS8n6t
wq9qnyuF2JMfGSDXXbYNpUrWznxHfY4kBZILA3cNNK3E01NFIkaUTDvWHnm/Wli0
mMf9NSSjx12Sw2HRAZRzm0lCbUSV2B8ij1b2f5m8W3W3RDAbwUXHgjIQQc69GX6X
YGBcb+BZu7G/tjJYltetTWmQD4tD88w0gjgcObuXusJLBK+l9rj6ETFLwpTciC4t
qqZFwomqETiF8O9Pl8BU+RZj2mB98x+Rpmwb87UmD0Z3sqtjqAI0wJCyqv7UzDpY
Bd5zupo/CAHDrUlUR6evWBr6shdac93EgIGRBxU=
-----END CERTIFICATE-----
Generated at Fri Mar 28 15:43:22 2025 by rpki-client