Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dgu0L0Cr1DyRglNONVcZOt517H0.roa
File: dgu0L0Cr1DyRglNONVcZOt517H0.roa (raw, json)
Hash identifier: b0QT/4tH9bApW3BpY23ar+7v8FVZDxULfWoOTn96u9o=
Subject key identifier: 76:0B:B4:2F:40:AB:D4:3C:91:82:53:4E:35:57:19:3A:DE:75:EC:7D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018842809C44D8DA8980965106410EBCBF1D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dgu0L0Cr1DyRglNONVcZOt517H0.roa
Signing time: Mon 22 May 2023 08:08:24 +0000
ROA not before: Mon 22 May 2023 08:08:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140155
IP address blocks: 82.153.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:80:9c:44:d8:da:89:80:96:51:06:41:0e:bc:bf:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 22 08:08:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=760bb42f40abd43c9182534e3557193ade75ec7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e3:4d:58:c1:85:45:79:4b:c9:d8:6f:ff:a7:
59:39:50:5d:0e:18:9b:e7:ba:79:00:3e:21:45:36:
cb:39:de:3c:a7:66:28:32:cf:d3:36:a9:ac:d1:c3:
50:a5:10:69:b2:f4:a9:36:c1:da:a9:ff:e4:e5:3d:
7f:31:3e:d5:8a:56:dc:4a:5c:a8:34:cc:33:de:2c:
54:f5:2a:97:0f:f9:4b:94:74:24:ae:c2:3a:7c:05:
c6:2b:84:b7:72:ee:70:ef:8d:f8:69:8b:ab:0c:fb:
5d:24:94:73:b3:05:12:70:58:1f:47:bc:31:05:07:
64:25:52:d1:b7:cd:13:38:07:1c:d7:4f:82:f2:d7:
bb:c9:64:38:d8:fd:29:71:d3:ea:79:7b:bd:bd:57:
cd:eb:43:46:bf:8f:1b:ec:32:06:7b:98:88:4e:f9:
12:c7:29:fc:15:5e:3b:82:f6:3a:99:b8:74:3a:00:
94:5f:be:bc:82:5c:6a:40:70:fe:54:ad:ae:dd:d6:
3a:0d:84:e8:27:6c:9f:59:1b:a4:44:62:1f:be:68:
c7:3a:8d:4b:36:93:e2:f0:6e:e6:cf:41:01:6b:a0:
78:e3:ea:7e:f6:ba:0c:4e:7d:f2:e7:6d:cb:83:55:
8d:b0:2b:3f:40:72:34:a6:8a:4e:38:1f:e3:4b:90:
84:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0B:B4:2F:40:AB:D4:3C:91:82:53:4E:35:57:19:3A:DE:75:EC:7D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dgu0L0Cr1DyRglNONVcZOt517H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.227.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:0b:88:d2:50:52:ab:09:a9:2a:77:28:a2:f3:6e:58:58:69:
04:c9:75:26:10:f2:77:c5:33:af:e6:a1:52:e6:80:89:77:17:
bb:13:a1:e9:77:b7:94:41:b4:e2:aa:e5:3d:ff:d3:aa:84:49:
7d:c8:a3:8d:68:f5:1b:40:f5:c0:e4:b8:02:78:ff:67:5f:3c:
98:dc:50:2e:d9:4d:8c:00:3f:d6:49:60:d3:0b:3b:af:89:7c:
bf:d3:3a:60:8d:7d:7d:9f:3c:14:f4:71:18:8e:41:75:4f:b1:
bb:be:f3:42:7d:96:30:0e:29:9e:37:42:7d:ba:cd:a9:63:f4:
5b:d0:25:ec:c6:80:d5:71:c6:a5:59:90:c9:38:a2:98:a2:ca:
65:49:3c:d2:03:5a:95:bd:f5:1e:58:5c:c5:37:80:38:a9:e5:
e7:08:8d:6e:d4:22:f1:38:dd:f0:9b:6e:85:7b:fa:cc:eb:e3:
6e:19:7e:b1:03:a1:77:f4:aa:2c:27:0c:35:cd:63:0a:c1:af:
45:72:7c:f7:5f:d8:ab:55:9d:ae:73:ab:af:e3:f0:fb:6b:4d:
a5:23:6a:11:02:9e:6c:9c:35:d3:dc:ec:1d:c4:19:b9:5a:ea:
12:bf:04:8b:15:f6:85:5f:a8:6d:a9:0f:a2:63:d6:48:81:05:
64:8e:d0:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhCgJxE2NqJgJZRBkEOvL8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTIyMDgwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBiYjQyZjQwYWJkNDNjOTE4MjUzNGUzNTU3MTkzYWRlNzVlYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluNNWMGFRXlLydhv/6dZOVBdDhib
57p5AD4hRTbLOd48p2YoMs/TNqms0cNQpRBpsvSpNsHaqf/k5T1/MT7VilbcSlyo
NMwz3ixU9SqXD/lLlHQkrsI6fAXGK4S3cu5w7434aYurDPtdJJRzswUScFgfR7wx
BQdkJVLRt80TOAcc10+C8te7yWQ42P0pcdPqeXu9vVfN60NGv48b7DIGe5iITvkS
xyn8FV47gvY6mbh0OgCUX768glxqQHD+VK2u3dY6DYToJ2yfWRukRGIfvmjHOo1L
NpPi8G7mz0EBa6B44+p+9roMTn3y523Lg1WNsCs/QHI0popOOB/jS5CEmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYLtC9Aq9Q8kYJTTjVXGTredex9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZGd1MEwwQ3IxRHlSZ2xOT05WY1pPdDUxN0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnjMA0G
CSqGSIb3DQEBCwUAA4IBAQB8C4jSUFKrCakqdyii825YWGkEyXUmEPJ3xTOv5qFS
5oCJdxe7E6Hpd7eUQbTiquU9/9OqhEl9yKONaPUbQPXA5LgCeP9nXzyY3FAu2U2M
AD/WSWDTCzuviXy/0zpgjX19nzwU9HEYjkF1T7G7vvNCfZYwDimeN0J9us2pY/Rb
0CXsxoDVccalWZDJOKKYosplSTzSA1qVvfUeWFzFN4A4qeXnCI1u1CLxON3wm26F
e/rM6+NuGX6xA6F39KosJww1zWMKwa9Fcnz3X9irVZ2uc6uv4/D7a02lI2oRAp5s
nDXT3OwdxBm5WuoSvwSLFfaFX6htqQ+iY9ZIgQVkjtDv
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:52 2025 by rpki-client