Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fKDRwYpu3ukobz2lLP_nagAuV60.roa
File: fKDRwYpu3ukobz2lLP_nagAuV60.roa (raw, json)
Hash identifier: GXbex33nn/ccwh7NZlBmVjDhXqcaLHLgXxmPkQTxGJk=
Subject key identifier: 7C:A0:D1:C1:8A:6E:DE:E9:28:6F:3D:A5:2C:FF:E7:6A:00:2E:57:AD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0188F78744460DDAED7FE720E1993C25CB55
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fKDRwYpu3ukobz2lLP_nagAuV60.roa
Signing time: Mon 26 Jun 2023 11:46:57 +0000
ROA not before: Mon 26 Jun 2023 11:46:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
82.153.249.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.152.108.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:87:44:46:0d:da:ed:7f:e7:20:e1:99:3c:25:cb:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 26 11:46:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ca0d1c18a6edee9286f3da52cffe76a002e57ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0a:43:31:73:94:cc:d5:95:38:51:9f:14:c4:
a4:0a:d6:71:cc:b6:8b:c9:2d:bb:55:d3:49:01:d0:
5b:1c:7e:1d:05:b5:c4:43:f6:a9:77:73:c7:a7:c6:
67:5d:c3:b4:5c:13:b3:4f:08:a7:64:78:8b:ec:30:
f8:26:82:cb:12:2d:cd:fb:b5:1e:1a:6f:99:84:6c:
94:18:9b:2d:09:88:bf:6c:32:66:1f:35:54:46:2c:
90:3a:c2:a4:53:0f:f4:47:62:a0:0b:3a:2d:7b:cf:
41:e6:fd:56:26:9e:49:b0:d0:e8:70:0a:a9:80:bc:
6b:56:77:07:10:83:d9:4c:02:9a:d8:6a:30:e8:48:
fa:51:43:1b:03:a6:82:77:3f:28:96:28:00:a9:05:
e5:fe:b7:27:ff:e6:4d:05:98:92:6a:ef:43:02:e3:
52:31:a7:55:7c:e2:6f:b0:4f:c5:4d:a4:ab:54:5e:
d1:a0:af:e9:5b:a1:8f:97:bf:23:97:30:8c:f9:2d:
07:12:0f:8b:32:e2:a2:00:52:48:6f:a9:5d:90:da:
98:54:1a:a9:0b:f1:22:7d:c9:e0:3a:8a:5d:6d:53:
08:c8:c8:88:f9:db:b2:69:27:61:48:f8:c6:a6:f5:
5a:96:c4:80:e1:8d:bb:b4:a1:e1:7e:58:a5:96:6d:
0d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A0:D1:C1:8A:6E:DE:E9:28:6F:3D:A5:2C:FF:E7:6A:00:2E:57:AD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fKDRwYpu3ukobz2lLP_nagAuV60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.152.108.0/24
82.153.65.0/24
82.153.73.0/24
82.153.136.0/22
82.153.249.0/24
Signature Algorithm: sha256WithRSAEncryption
47:2c:51:d1:2e:ed:a4:df:c6:08:e6:29:fc:a7:b9:c9:c4:12:
ae:bc:35:bc:d0:e5:31:9f:cc:31:e8:51:e2:b7:dc:38:ff:db:
03:c4:5c:97:29:cd:70:b1:cc:3b:8c:82:0f:0c:73:3c:22:af:
2f:76:2a:b9:1a:50:da:b1:50:89:fd:58:2b:9f:d9:17:74:77:
2f:00:d6:43:d7:a7:c5:33:f3:8e:fd:b0:b1:ba:90:98:51:62:
24:79:f2:0f:97:6c:f4:2c:cc:d5:ae:63:c8:43:e9:dd:09:c8:
12:c5:9d:8b:3c:da:6e:24:5b:54:e7:b2:44:20:fc:9f:56:fa:
89:d3:ad:fb:de:39:c0:d7:7f:28:c0:f2:bc:b5:2e:2f:82:0d:
0f:af:70:10:d1:8b:37:9b:9c:7c:1d:af:2e:4e:ce:64:e7:96:
67:3f:77:da:3f:15:b7:d8:bb:06:bc:32:2f:f0:75:ee:40:b5:
0c:59:c2:8c:5f:16:0c:e0:3d:a1:76:45:88:c6:4c:f4:ae:d0:
00:b5:6f:91:26:ef:bc:e1:41:88:9f:ce:cc:4e:53:df:9a:4f:
03:85:0e:fb:c2:9c:13:e8:35:21:2b:2e:d8:eb:7e:69:fb:64:
d4:ec:f2:ff:43:2c:ab:c8:a3:56:23:d0:8b:b0:7d:1e:0e:6b:
f5:09:20:56
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYj3h0RGDdrtf+cg4Zk8JctVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjI2MTE0NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2EwZDFjMThhNmVkZWU5Mjg2ZjNkYTUyY2ZmZTc2YTAwMmU1N2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwpDMXOUzNWVOFGfFMSkCtZxzLaL
yS27VdNJAdBbHH4dBbXEQ/apd3PHp8ZnXcO0XBOzTwinZHiL7DD4JoLLEi3N+7Ue
Gm+ZhGyUGJstCYi/bDJmHzVURiyQOsKkUw/0R2KgCzote89B5v1WJp5JsNDocAqp
gLxrVncHEIPZTAKa2Gow6Ej6UUMbA6aCdz8oligAqQXl/rcn/+ZNBZiSau9DAuNS
MadVfOJvsE/FTaSrVF7RoK/pW6GPl78jlzCM+S0HEg+LMuKiAFJIb6ldkNqYVBqp
C/EifcngOopdbVMIyMiI+duyaSdhSPjGpvValsSA4Y27tKHhflillm0NIwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHyg0cGKbt7pKG89pSz/52oALletMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZktEUndZcHUzdWtvYnoybExQX25hZ0F1VjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUah3AwQA
Uah7AwQAUphsAwQAUplBAwQAUplJAwQCUpmIAwQAUpn5MA0GCSqGSIb3DQEBCwUA
A4IBAQBHLFHRLu2k38YI5in8p7nJxBKuvDW80OUxn8wx6FHit9w4/9sDxFyXKc1w
scw7jIIPDHM8Iq8vdiq5GlDasVCJ/Vgrn9kXdHcvANZD16fFM/OO/bCxupCYUWIk
efIPl2z0LMzVrmPIQ+ndCcgSxZ2LPNpuJFtU57JEIPyfVvqJ06373jnA138owPK8
tS4vgg0Pr3AQ0Ys3m5x8Ha8uTs5k55ZnP3faPxW32LsGvDIv8HXuQLUMWcKMXxYM
4D2hdkWIxkz0rtAAtW+RJu+84UGIn87MTlPfmk8DhQ77wpwT6DUhKy7Y635p+2TU
7PL/QyyryKNWI9CLsH0eDmv1CSBW
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:35:27 2025 by rpki-client