Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d67kXbg0IuyS-LSLNYZ-nSIynPQ.roa
File: d67kXbg0IuyS-LSLNYZ-nSIynPQ.roa (raw, json)
Hash identifier: TPolZ5WL5k0c7QnAU71tCf4ouvJ1bKsTyPWlPIPd7H0=
Subject key identifier: 77:AE:E4:5D:B8:34:22:EC:92:F8:B4:8B:35:86:7E:9D:22:32:9C:F4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01888A921F71ADE8801958381AED348745BC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d67kXbg0IuyS-LSLNYZ-nSIynPQ.roa
Signing time: Mon 05 Jun 2023 08:00:12 +0000
ROA not before: Mon 05 Jun 2023 08:00:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:92:1f:71:ad:e8:80:19:58:38:1a:ed:34:87:45:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 5 08:00:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77aee45db83422ec92f8b48b35867e9d22329cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:87:eb:65:0f:b8:c1:2c:5a:2a:c9:0a:e2:a4:
22:92:a5:8e:89:d8:d9:4c:7e:c3:99:c5:35:de:df:
ea:38:3a:b9:8a:1b:44:6e:cb:05:fe:ac:ea:41:7a:
cb:16:3f:77:53:cc:6c:80:c1:40:61:80:8b:0b:0e:
9d:81:a4:2a:31:94:4c:32:03:16:8e:03:10:53:0f:
fb:55:13:37:37:c5:cd:ea:2b:dd:11:e0:3c:83:39:
ff:22:3b:3f:80:72:fe:b0:fd:87:06:ab:2b:b2:59:
d7:d3:44:35:78:fc:20:04:b8:69:b3:30:20:3c:a5:
49:24:f3:93:68:53:63:c0:2b:2b:6b:b1:82:41:4d:
26:df:0a:ea:58:91:65:b3:ee:7a:3f:37:a0:86:71:
14:69:e9:0b:99:58:43:f1:12:eb:36:ff:fa:86:d0:
2e:e0:c1:4b:57:fe:38:46:8e:0a:7d:a8:b2:aa:b8:
91:eb:1c:11:76:b7:81:9b:6e:fd:b6:26:3b:c9:18:
66:bb:1d:da:ca:dc:e1:dd:43:a7:d9:fa:ce:03:2f:
d2:c1:cd:91:a5:ce:3a:32:d9:4a:79:47:1a:51:03:
66:8a:03:74:3c:23:ba:76:5e:52:26:51:c5:15:93:
57:2d:d0:1c:a6:21:c4:2d:cb:44:75:90:29:fc:1c:
47:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AE:E4:5D:B8:34:22:EC:92:F8:B4:8B:35:86:7E:9D:22:32:9C:F4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d67kXbg0IuyS-LSLNYZ-nSIynPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.174.0/23
82.153.208.0/22
Signature Algorithm: sha256WithRSAEncryption
61:bb:14:68:9a:93:8a:c5:72:f7:7d:da:a2:46:b1:e7:f0:fd:
d1:07:35:fc:e8:33:2f:08:c5:44:01:7c:d4:d3:42:50:30:0c:
47:eb:6c:a7:cd:41:18:54:16:8e:e0:25:f4:2b:82:78:bd:7f:
79:51:ee:f7:bd:3a:ed:34:6f:16:ca:9b:fa:ca:5d:9b:44:77:
ec:25:f4:99:47:a2:19:d6:98:71:cf:06:8d:40:2e:76:ac:2b:
ee:56:40:f7:88:2e:e7:08:94:c1:bc:4d:dc:7e:23:58:a2:23:
04:4d:a1:50:c1:51:20:f8:05:4b:d7:4f:28:5e:72:03:35:32:
d8:7f:bc:8f:a9:58:76:6a:8e:03:f8:05:d4:14:17:26:c4:a1:
80:2d:4f:2e:f1:54:de:01:a3:9c:65:67:d7:85:1b:86:fd:84:
dd:4a:4d:05:e1:1d:7e:f2:7d:77:2d:83:f8:56:c5:af:a8:02:
19:3f:42:9a:a9:c9:89:aa:26:17:d7:3d:55:05:a8:17:6d:3f:
ea:31:0d:c7:ea:a0:d8:ec:1d:e4:ed:a6:ae:06:33:e4:b9:1b:
6f:2b:62:fe:1b:28:f8:db:de:a0:54:e5:6c:43:7b:d9:fb:77:
53:56:da:ff:80:08:9c:4e:41:85:de:42:2f:77:68:50:ad:8f:
77:e6:5e:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiKkh9xreiAGVg4Gu00h0W8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FlZTQ1ZGI4MzQyMmVjOTJmOGI0OGIzNTg2N2U5ZDIyMzI5Y2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4frZQ+4wSxaKskK4qQikqWOidjZ
TH7DmcU13t/qODq5ihtEbssF/qzqQXrLFj93U8xsgMFAYYCLCw6dgaQqMZRMMgMW
jgMQUw/7VRM3N8XN6ivdEeA8gzn/Ijs/gHL+sP2HBqsrslnX00Q1ePwgBLhpszAg
PKVJJPOTaFNjwCsra7GCQU0m3wrqWJFls+56PzeghnEUaekLmVhD8RLrNv/6htAu
4MFLV/44Ro4KfaiyqriR6xwRdreBm279tiY7yRhmux3aytzh3UOn2frOAy/Swc2R
pc46MtlKeUcaUQNmigN0PCO6dl5SJlHFFZNXLdAcpiHELctEdZAp/BxHrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHeu5F24NCLskvi0izWGfp0iMpz0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZDY3a1hiZzBJdXlTLUxTTE5ZWi1uU0l5blBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpiuAwQC
UpnQMA0GCSqGSIb3DQEBCwUAA4IBAQBhuxRompOKxXL3fdqiRrHn8P3RBzX86DMv
CMVEAXzU00JQMAxH62ynzUEYVBaO4CX0K4J4vX95Ue73vTrtNG8Wypv6yl2bRHfs
JfSZR6IZ1phxzwaNQC52rCvuVkD3iC7nCJTBvE3cfiNYoiMETaFQwVEg+AVL108o
XnIDNTLYf7yPqVh2ao4D+AXUFBcmxKGALU8u8VTeAaOcZWfXhRuG/YTdSk0F4R1+
8n13LYP4VsWvqAIZP0KaqcmJqiYX1z1VBagXbT/qMQ3H6qDY7B3k7aauBjPkuRtv
K2L+Gyj4296gVOVsQ3vZ+3dTVtr/gAicTkGF3kIvd2hQrY935l6u
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:27 2025 by rpki-client