Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/coDVxjBHeYxJE61-hpw6ubmIeg4.roa
File: coDVxjBHeYxJE61-hpw6ubmIeg4.roa (raw, json)
Hash identifier: iDjnGSkOZESIedebMq0fKrdl6d/M5ezwWY3YPwIKi38=
Subject key identifier: 72:80:D5:C6:30:47:79:8C:49:13:AD:7E:86:9C:3A:B9:B9:88:7A:0E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0188C46C7EACA170005A0E144EE6FB96124C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/coDVxjBHeYxJE61-hpw6ubmIeg4.roa
Signing time: Fri 16 Jun 2023 13:37:04 +0000
ROA not before: Fri 16 Jun 2023 13:37:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 82.153.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c4:6c:7e:ac:a1:70:00:5a:0e:14:4e:e6:fb:96:12:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 16 13:37:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7280d5c63047798c4913ad7e869c3ab9b9887a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f5:3d:61:0d:d5:e2:5a:eb:a5:b7:8a:68:08:
08:82:9b:a7:3b:cf:c0:19:49:57:31:d5:2b:b5:06:
41:69:af:fb:4f:1c:01:ce:dc:57:cf:b4:2d:65:67:
ef:62:ff:2a:cb:86:13:9c:9f:5f:f3:b8:5a:0a:88:
f0:56:5f:1b:0d:97:6d:33:93:26:e1:c7:88:4a:9f:
5b:85:94:09:06:eb:be:4a:15:55:61:5c:d5:ea:e5:
50:5e:c1:db:6d:5f:0a:03:80:72:5d:73:ae:d2:eb:
c4:f3:4a:a2:b4:2d:a0:ad:85:3f:22:e3:cf:a7:53:
29:58:92:1b:bf:54:cb:60:62:ce:62:77:cf:72:49:
2e:cc:f5:54:82:3c:cb:14:40:19:2b:1a:e8:2c:3d:
35:8d:6f:7d:bb:97:ee:57:a9:25:ad:36:fd:2f:89:
c1:8c:97:86:88:d3:b5:f6:3b:eb:62:75:4d:da:cc:
2c:bb:0b:93:7d:3c:b6:76:ea:0c:fa:97:6f:67:8e:
c7:55:d7:bf:42:ef:61:5e:59:26:76:4a:77:a9:31:
04:f0:e1:37:41:5f:ac:5c:d3:d2:ae:23:98:96:60:
b9:7b:6c:68:7f:9c:01:99:40:86:de:e9:64:59:1a:
e8:85:43:de:d6:a5:60:e4:c9:68:c7:ab:04:0e:ce:
38:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:80:D5:C6:30:47:79:8C:49:13:AD:7E:86:9C:3A:B9:B9:88:7A:0E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/coDVxjBHeYxJE61-hpw6ubmIeg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.250.0/24
Signature Algorithm: sha256WithRSAEncryption
83:5d:3c:af:25:73:52:8a:06:f3:0e:39:c6:fa:b7:77:d6:7d:
75:a4:21:1c:53:2a:8a:7d:76:9d:8c:d0:12:23:17:db:90:31:
ed:f9:ce:be:bb:22:54:34:c0:38:df:36:0a:df:69:08:c4:89:
30:2d:99:c4:c1:2f:fb:9c:17:cd:61:0e:14:bb:b7:a8:0c:96:
6c:21:62:f8:ff:47:b7:a2:86:37:b6:61:67:5a:9f:e9:46:c0:
2e:c5:43:8c:fd:bf:10:d4:ad:31:1d:64:b1:c2:5d:a8:31:26:
e1:43:e9:2c:7f:6f:43:53:4d:d9:85:c1:2a:97:8d:48:83:c5:
2c:db:92:49:b2:99:ae:52:7f:f0:75:27:af:11:d0:e3:00:bd:
54:18:dd:da:1a:1a:dc:6f:b4:e1:8b:e2:5d:d2:2c:79:e3:be:
55:63:69:be:65:a5:8a:31:ca:cc:7d:9e:27:6a:02:7b:e7:03:
6e:a6:38:a0:89:54:bc:59:d6:1a:fe:28:24:e2:b0:de:d2:64:
e4:07:69:89:c0:a3:08:99:91:61:51:73:4e:e7:42:f1:40:e4:
27:d4:d8:81:23:56:70:c9:7a:63:2e:fd:35:10:8d:ee:df:53:
e2:bd:9a:d8:a4:09:21:f9:4a:53:fc:d9:e0:b1:19:0a:2d:eb:
a1:92:eb:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjEbH6soXAAWg4UTub7lhJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjE2MTMzNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjgwZDVjNjMwNDc3OThjNDkxM2FkN2U4NjljM2FiOWI5ODg3YTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifU9YQ3V4lrrpbeKaAgIgpunO8/A
GUlXMdUrtQZBaa/7TxwBztxXz7QtZWfvYv8qy4YTnJ9f87haCojwVl8bDZdtM5Mm
4ceISp9bhZQJBuu+ShVVYVzV6uVQXsHbbV8KA4ByXXOu0uvE80qitC2grYU/IuPP
p1MpWJIbv1TLYGLOYnfPckkuzPVUgjzLFEAZKxroLD01jW99u5fuV6klrTb9L4nB
jJeGiNO19jvrYnVN2swsuwuTfTy2duoM+pdvZ47HVde/Qu9hXlkmdkp3qTEE8OE3
QV+sXNPSriOYlmC5e2xof5wBmUCG3ulkWRrohUPe1qVg5Mlox6sEDs44YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKA1cYwR3mMSROtfoacOrm5iHoOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY29EVnhqQkhlWXhKRTYxLWhwdzZ1Ym1JZWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn6MA0G
CSqGSIb3DQEBCwUAA4IBAQCDXTyvJXNSigbzDjnG+rd31n11pCEcUyqKfXadjNAS
IxfbkDHt+c6+uyJUNMA43zYK32kIxIkwLZnEwS/7nBfNYQ4Uu7eoDJZsIWL4/0e3
ooY3tmFnWp/pRsAuxUOM/b8Q1K0xHWSxwl2oMSbhQ+ksf29DU03ZhcEql41Ig8Us
25JJspmuUn/wdSevEdDjAL1UGN3aGhrcb7Thi+Jd0ix5475VY2m+ZaWKMcrMfZ4n
agJ75wNupjigiVS8WdYa/igk4rDe0mTkB2mJwKMImZFhUXNO50LxQOQn1NiBI1Zw
yXpjLv01EI3u31PivZrYpAkh+UpT/NngsRkKLeuhkuuY
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:54 2025 by rpki-client