Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ecey8XqPa5rcKuOx5vgiuc14IqA.roa
File: ecey8XqPa5rcKuOx5vgiuc14IqA.roa (raw, json)
Hash identifier: TRxi7Hr4udgKqR0UotODHQiO3mbkHLp9rLO68x1wDDg=
Subject key identifier: 79:C7:B2:F1:7A:8F:6B:9A:DC:2A:E3:B1:E6:F8:22:B9:CD:78:22:A0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0187272B379DEAF1C7489B15E312810456FD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ecey8XqPa5rcKuOx5vgiuc14IqA.roa
Signing time: Tue 28 Mar 2023 07:42:36 +0000
ROA not before: Tue 28 Mar 2023 07:42:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 82.153.243.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.208.0/24 maxlen: 24
82.153.209.0/24 maxlen: 24
82.153.211.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:2b:37:9d:ea:f1:c7:48:9b:15:e3:12:81:04:56:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 28 07:42:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79c7b2f17a8f6b9adc2ae3b1e6f822b9cd7822a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:67:84:fa:67:11:6f:dd:d7:3e:73:64:52:72:
77:82:fc:3c:03:a3:51:5d:39:b2:6a:5a:a9:72:ce:
f8:92:24:98:91:87:73:4f:fc:34:0c:92:bb:30:d5:
0d:4f:3a:90:00:a4:7f:71:ca:6a:18:ee:98:be:8b:
2d:3e:ea:e1:59:c3:fe:6b:6a:0c:b8:a3:16:5f:cc:
0a:a6:10:fa:08:ff:8d:a9:32:42:03:10:c1:74:9f:
6e:00:a4:85:22:58:79:e7:4e:d0:04:4c:da:08:b8:
9b:58:57:33:d1:63:20:ef:10:f2:8f:3d:f6:2c:5c:
3b:9c:81:4d:c3:ac:1d:5a:22:0d:23:56:52:63:19:
bf:55:ab:f4:88:d6:2e:23:77:eb:22:22:ae:11:6b:
38:3a:d9:0d:9e:77:23:5c:ed:35:82:10:af:60:b4:
b5:0d:8b:88:b5:9c:f1:39:03:3d:91:5c:0c:c6:9d:
e9:be:b3:19:18:a2:81:34:ab:a5:6b:cc:f5:d1:8c:
a8:f6:b2:d5:e3:78:b3:47:6f:9e:50:de:0d:f0:fa:
d0:8b:ab:04:de:48:7c:4e:fd:8b:99:26:38:94:1c:
1b:8f:70:d8:a7:9a:15:c2:ac:ff:98:62:25:b1:1c:
1f:d0:87:1b:05:8e:21:b4:5c:74:49:80:5e:89:5d:
6f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C7:B2:F1:7A:8F:6B:9A:DC:2A:E3:B1:E6:F8:22:B9:CD:78:22:A0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ecey8XqPa5rcKuOx5vgiuc14IqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.249.0/24
82.152.252.0/24
82.152.254.0/24
82.153.68.0/24
82.153.208.0/23
82.153.211.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
51:52:91:77:06:9d:74:2d:da:d1:20:86:05:4c:12:bc:fa:33:
20:1a:cb:0f:34:6d:13:f5:59:1c:f4:2a:49:bf:c1:06:db:2a:
72:0f:89:e1:67:60:cd:91:53:bd:03:1b:ab:7d:cd:6b:30:ff:
67:1b:3b:18:4f:f0:de:6a:04:ee:a9:77:e1:b0:92:77:c2:92:
c3:40:6b:7b:63:6f:52:d9:a1:d8:41:fa:24:2d:52:75:24:df:
24:2a:18:6a:cc:b0:f7:ec:d0:f4:66:58:ee:da:36:fa:71:d7:
1f:a0:70:ee:45:30:82:db:49:c4:cc:be:23:0c:52:d1:b4:52:
e0:51:be:ed:0b:a2:89:4b:53:f0:04:7d:a5:c8:1a:fc:ca:47:
99:7f:02:e2:dc:51:a3:cf:d7:dc:75:b9:3b:7a:f2:e7:ae:10:
8a:87:33:48:de:e5:0e:fa:44:5a:c8:44:b6:81:f5:ba:c7:8a:
3a:7e:3f:e0:ef:b2:b0:9c:b9:4e:45:10:f2:68:17:2a:dd:9b:
de:fa:4d:89:a5:16:ba:f0:66:fb:b7:7d:1a:78:81:84:1f:34:
cb:87:da:81:f5:47:5a:18:b5:22:5f:db:bb:7a:ad:12:3a:c9:
ed:92:1c:30:f6:58:33:69:ae:be:a7:57:ad:7a:1d:1b:7b:2c:
d5:9d:91:98
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYcnKzed6vHHSJsV4xKBBFb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMzI4MDc0MjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWM3YjJmMTdhOGY2YjlhZGMyYWUzYjFlNmY4MjJiOWNkNzgyMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWeE+mcRb93XPnNkUnJ3gvw8A6NR
XTmyalqpcs74kiSYkYdzT/w0DJK7MNUNTzqQAKR/ccpqGO6YvostPurhWcP+a2oM
uKMWX8wKphD6CP+NqTJCAxDBdJ9uAKSFIlh5507QBEzaCLibWFcz0WMg7xDyjz32
LFw7nIFNw6wdWiINI1ZSYxm/Vav0iNYuI3frIiKuEWs4OtkNnncjXO01ghCvYLS1
DYuItZzxOQM9kVwMxp3pvrMZGKKBNKula8z10Yyo9rLV43izR2+eUN4N8PrQi6sE
3kh8Tv2LmSY4lBwbj3DYp5oVwqz/mGIlsRwf0IcbBY4htFx0SYBeiV1vpwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHnHsvF6j2ua3Crjseb4IrnNeCKgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZWNleThYcVBhNXJjS3VPeDV2Z2l1YzE0SXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpj5AwQA
Upj8AwQAUpj+AwQAUplEAwQBUpnQAwQAUpnTAwQAUpnzMA0GCSqGSIb3DQEBCwUA
A4IBAQBRUpF3Bp10LdrRIIYFTBK8+jMgGssPNG0T9Vkc9CpJv8EG2ypyD4nhZ2DN
kVO9Axurfc1rMP9nGzsYT/DeagTuqXfhsJJ3wpLDQGt7Y29S2aHYQfokLVJ1JN8k
KhhqzLD37ND0Zlju2jb6cdcfoHDuRTCC20nEzL4jDFLRtFLgUb7tC6KJS1PwBH2l
yBr8ykeZfwLi3FGjz9fcdbk7evLnrhCKhzNI3uUO+kRayES2gfW6x4o6fj/g77Kw
nLlORRDyaBcq3Zve+k2JpRa68Gb7t30aeIGEHzTLh9qB9UdaGLUiX9u7eq0SOsnt
khww9lgzaa6+p1eteh0beyzVnZGY
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:27:30 2025 by rpki-client