Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ctMvD974FOC5B_q4SGPnawkvUng.roa
File: ctMvD974FOC5B_q4SGPnawkvUng.roa (raw, json)
Hash identifier: w91Q3vF1TzE2gg8zab5z2Ve57Y9r+v26XdE93KdOxI8=
Subject key identifier: 72:D3:2F:0F:DE:F8:14:E0:B9:07:FA:B8:48:63:E7:6B:09:2F:52:78
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018926C017EBA9277AB8F93C66B56D34D8FD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ctMvD974FOC5B_q4SGPnawkvUng.roa
Signing time: Wed 05 Jul 2023 15:51:10 +0000
ROA not before: Wed 05 Jul 2023 15:51:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:c0:17:eb:a9:27:7a:b8:f9:3c:66:b5:6d:34:d8:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 5 15:51:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72d32f0fdef814e0b907fab84863e76b092f5278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:90:f5:37:bb:48:3b:df:f8:40:6b:6d:5c:25:
97:09:84:b8:a4:70:ea:b1:17:46:16:3c:88:b6:21:
c5:87:e2:c1:98:81:93:76:94:20:84:18:e7:f6:4a:
aa:0e:32:02:e2:0e:77:19:9c:e0:52:6a:94:88:5b:
d9:ce:57:bf:40:e5:79:3c:d2:d0:72:d9:f9:bf:b3:
05:0d:7d:a3:04:e5:db:cf:3e:d3:34:c1:a2:c6:4e:
30:48:99:04:56:d4:d4:dd:90:ad:09:c0:d0:64:85:
87:9e:ad:8a:50:8b:a7:d0:5e:09:59:11:e4:78:7d:
36:3c:5d:cc:cf:0b:a8:09:8e:00:85:14:7b:17:24:
78:d0:26:45:f7:8f:33:80:17:4a:56:dd:2b:42:cc:
85:bb:07:62:bc:eb:dd:35:d2:57:0b:98:41:5c:08:
41:55:7b:3c:3a:b0:14:fc:bb:9d:15:3a:12:00:c7:
49:af:7d:f9:e3:45:cf:a5:a5:0c:04:6c:eb:b1:62:
76:b2:87:77:78:0f:78:f0:5b:92:51:f7:cd:99:bd:
17:a9:63:17:0f:ee:1f:8d:15:1b:d6:6e:35:70:88:
1b:9f:71:90:3d:33:1d:fb:5e:fd:a7:bc:bd:c1:a4:
33:89:77:18:4d:c3:33:53:e0:5b:3e:6f:df:0d:fa:
93:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D3:2F:0F:DE:F8:14:E0:B9:07:FA:B8:48:63:E7:6B:09:2F:52:78
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ctMvD974FOC5B_q4SGPnawkvUng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/23
82.153.1.0/24
82.153.68.0/23
82.153.71.0-82.153.72.255
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.161.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:9c:a4:5c:95:8d:b8:8a:d4:c8:27:6b:d4:8b:0c:aa:ae:1c:
86:4f:cf:6f:e8:e4:e1:23:f7:8a:3a:83:ee:ea:6b:4a:69:7c:
06:bf:19:c3:3b:4c:1a:db:20:e2:5b:21:5f:9a:9b:4f:09:c8:
70:4a:89:d4:15:d8:1e:80:54:da:7f:09:53:09:2d:1f:ad:0a:
dd:c3:f9:d3:a5:f6:12:48:04:c6:b5:e9:5c:9a:f8:9e:11:86:
bf:57:1e:50:66:c8:34:7d:1e:c6:60:c2:fc:fd:18:9f:5d:f2:
09:e3:76:86:69:eb:4b:7f:9c:b4:0b:32:99:2c:80:35:62:5a:
91:f6:67:5a:3c:c5:16:e2:a7:a4:d8:50:36:b2:67:83:31:e5:
33:21:97:af:cd:db:2a:5e:66:e3:1f:55:c2:8d:f1:6a:f1:56:
a8:32:b0:97:c9:f5:9a:6d:cb:af:b9:74:12:3b:58:3d:56:90:
e0:31:c4:82:27:e5:28:8e:d1:b3:c1:f6:ab:06:3f:17:c4:1c:
1b:f0:8c:85:43:7a:0a:2e:5c:46:95:60:a9:69:00:e8:d0:f1:
27:9c:8e:bd:18:a9:25:57:dc:1e:b4:da:e3:37:9f:ff:42:f5:
a4:06:69:44:8b:79:e0:ba:d3:b9:d4:6c:19:5a:84:78:3d:eb:
ea:dd:b2:5d
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYkmwBfrqSd6uPk8ZrVtNNj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA1MTU1MTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQzMmYwZmRlZjgxNGUwYjkwN2ZhYjg0ODYzZTc2YjA5MmY1Mjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJD1N7tIO9/4QGttXCWXCYS4pHDq
sRdGFjyItiHFh+LBmIGTdpQghBjn9kqqDjIC4g53GZzgUmqUiFvZzle/QOV5PNLQ
ctn5v7MFDX2jBOXbzz7TNMGixk4wSJkEVtTU3ZCtCcDQZIWHnq2KUIun0F4JWRHk
eH02PF3MzwuoCY4AhRR7FyR40CZF948zgBdKVt0rQsyFuwdivOvdNdJXC5hBXAhB
VXs8OrAU/LudFToSAMdJr33540XPpaUMBGzrsWJ2sod3eA948FuSUffNmb0XqWMX
D+4fjRUb1m41cIgbn3GQPTMd+179p7y9waQziXcYTcMzU+BbPm/fDfqTRwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFHLTLw/e+BTguQf6uEhj52sJL1J4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY3RNdkQ5NzRGT0M1Ql9xNFNHUG5hd2t2VW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAFEFvQME
AFGoIzAMAwQAUah3AwQAUah4AwQAUah7AwQAUah+AwQAUpj4AwQAUpj7AwQBUpj+
AwQAUpkBAwQBUplEMAwDBABSmUcDBABSmUgDBABSmU8DBABSmYQDBABSmeADBABZ
1aEDBAC5MXwwDQYJKoZIhvcNAQELBQADggEBAJqcpFyVjbiK1Mgna9SLDKquHIZP
z2/o5OEj94o6g+7qa0ppfAa/GcM7TBrbIOJbIV+am08JyHBKidQV2B6AVNp/CVMJ
LR+tCt3D+dOl9hJIBMa16Vya+J4Rhr9XHlBmyDR9HsZgwvz9GJ9d8gnjdoZp60t/
nLQLMpksgDViWpH2Z1o8xRbip6TYUDayZ4Mx5TMhl6/N2ypeZuMfVcKN8WrxVqgy
sJfJ9Zpty6+5dBI7WD1WkOAxxIIn5SiO0bPB9qsGPxfEHBvwjIVDegouXEaVYKlp
AOjQ8Secjr0YqSVX3B602uM3n/9C9aQGaUSLeeC607nUbBlahHg96+rdsl0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:34 2025 by rpki-client