Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/blSivS_xVnhwiAihQ_HPdyUJ75k.roa
File: blSivS_xVnhwiAihQ_HPdyUJ75k.roa (raw, json)
Hash identifier: ogSOe42oFr+Mr4JcSHZcpxaNmQNWjioOLZ5j252RI7Q=
Subject key identifier: 6E:54:A2:BD:2F:F1:56:78:70:88:08:A1:43:F1:CF:77:25:09:EF:99
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CAB1794E649EF3D891992F54F1B1049C8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/blSivS_xVnhwiAihQ_HPdyUJ75k.roa
Signing time: Wed 27 Dec 2023 11:44:58 +0000
ROA not before: Wed 27 Dec 2023 11:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61112
IP address blocks: 82.153.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:17:94:e6:49:ef:3d:89:19:92:f5:4f:1b:10:49:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 27 11:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e54a2bd2ff15678708808a143f1cf772509ef99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:29:e9:03:0b:1e:06:e0:81:a4:e5:43:a3:fb:
67:ca:23:8d:e1:1d:6b:64:c8:f2:e2:14:bd:30:c9:
24:7f:58:52:a4:40:f7:15:41:df:2d:90:11:2e:17:
89:64:71:a9:0f:93:6d:ee:9c:8c:64:48:d2:97:27:
8a:fb:ac:0d:66:4e:77:c9:3e:db:a7:08:13:a3:1c:
dd:4d:ad:14:72:3b:cf:9a:83:c7:60:f1:7d:c9:aa:
40:8d:cf:ef:17:eb:f8:b7:85:93:5e:6e:28:38:59:
c2:02:8b:41:3c:7c:84:d7:54:ab:e6:2e:fb:c2:ea:
ec:f7:79:dc:bd:a9:5c:a6:25:f7:81:b8:2b:38:d6:
db:6b:e0:db:bf:91:62:7c:9a:2c:68:94:4f:48:e8:
69:eb:a8:10:bf:36:9b:1d:75:7c:19:c8:e2:49:be:
f6:9c:01:64:ca:17:59:9f:53:36:1c:7b:75:8d:dd:
e9:ea:b3:fc:b5:fa:96:72:e0:8d:d6:e3:76:2a:19:
c2:b4:d3:04:97:81:e3:8b:3d:28:cc:30:52:3f:2e:
07:ca:0d:70:13:ff:6b:69:4e:79:b9:53:9f:d1:e2:
54:83:76:7c:6e:c6:98:0c:af:88:50:41:83:e4:e0:
d7:d9:fa:87:54:d6:e8:42:83:8e:c9:a9:33:64:bb:
0c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:54:A2:BD:2F:F1:56:78:70:88:08:A1:43:F1:CF:77:25:09:EF:99
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/blSivS_xVnhwiAihQ_HPdyUJ75k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.1.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:3e:48:b4:37:6c:b7:27:19:c9:6e:b7:08:d8:63:f9:43:31:
18:9d:bf:27:09:2a:8c:b2:a0:14:c4:22:87:4f:0b:8f:6f:c8:
ae:fb:95:ea:31:f9:96:5c:e9:82:40:bb:ea:eb:37:65:8b:ce:
88:f5:e6:43:73:e7:34:15:c1:15:ae:6e:90:1f:27:0a:3b:0b:
a7:e1:f2:6c:a1:05:be:60:50:9d:4c:ea:0a:1a:17:4a:44:45:
01:b1:6b:f6:aa:2e:d5:ed:ac:9c:08:62:2a:8d:45:f9:97:96:
4c:e8:61:cd:e0:f8:bb:0f:89:76:21:ab:64:10:76:3f:2c:46:
bf:92:4b:80:5d:f1:d2:d3:6d:0f:f0:dd:b5:28:a1:25:a8:2e:
8c:7f:f5:68:0d:32:c4:75:ac:b1:10:b9:7a:c8:bd:4a:f7:ac:
fa:af:18:28:3f:a0:88:f7:52:11:c3:4a:e7:90:22:d5:27:17:
0a:aa:7c:2d:84:ba:92:e6:18:3e:3d:c9:9c:52:95:72:db:4d:
0d:52:20:a7:89:93:57:bc:c3:59:a6:bd:1b:47:97:bd:7c:87:
85:be:c9:a9:b0:4d:1d:de:6b:f6:1f:57:c8:a8:a3:4e:fa:14:
9c:33:63:be:e6:d9:fe:73:96:7c:d4:92:ca:59:6b:60:51:92:
fa:3d:e4:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyrF5TmSe89iRmS9U8bEEnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI3MTE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTU0YTJiZDJmZjE1Njc4NzA4ODA4YTE0M2YxY2Y3NzI1MDllZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSnpAwseBuCBpOVDo/tnyiON4R1r
ZMjy4hS9MMkkf1hSpED3FUHfLZARLheJZHGpD5Nt7pyMZEjSlyeK+6wNZk53yT7b
pwgToxzdTa0UcjvPmoPHYPF9yapAjc/vF+v4t4WTXm4oOFnCAotBPHyE11Sr5i77
wurs93ncvalcpiX3gbgrONbba+Dbv5FifJosaJRPSOhp66gQvzabHXV8GcjiSb72
nAFkyhdZn1M2HHt1jd3p6rP8tfqWcuCN1uN2KhnCtNMEl4Hjiz0ozDBSPy4Hyg1w
E/9raU55uVOf0eJUg3Z8bsaYDK+IUEGD5ODX2fqHVNboQoOOyakzZLsMJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5Uor0v8VZ4cIgIoUPxz3clCe+ZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYmxTaXZTX3hWbmh3aUFpaFFfSFBkeVVKNzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkBMA0G
CSqGSIb3DQEBCwUAA4IBAQAbPki0N2y3JxnJbrcI2GP5QzEYnb8nCSqMsqAUxCKH
TwuPb8iu+5XqMfmWXOmCQLvq6zdli86I9eZDc+c0FcEVrm6QHycKOwun4fJsoQW+
YFCdTOoKGhdKREUBsWv2qi7V7aycCGIqjUX5l5ZM6GHN4Pi7D4l2IatkEHY/LEa/
kkuAXfHS020P8N21KKElqC6Mf/VoDTLEdayxELl6yL1K96z6rxgoP6CI91IRw0rn
kCLVJxcKqnwthLqS5hg+PcmcUpVy200NUiCniZNXvMNZpr0bR5e9fIeFvsmpsE0d
3mv2H1fIqKNO+hScM2O+5tn+c5Z81JLKWWtgUZL6PeT+
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:22 2025 by rpki-client