Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fcdkZVSqrkGvDNyD96Z6s6yZLYM.roa
File: fcdkZVSqrkGvDNyD96Z6s6yZLYM.roa (raw, json)
Hash identifier: ZP9C0LbqZWuhOQDrruycqqgFtP6ijaJZjTmzsGbP/Rc=
Subject key identifier: 7D:C7:64:65:54:AA:AE:41:AF:0C:DC:83:F7:A6:7A:B3:AC:99:2D:83
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01890CDDE1F54692E048B037FBF7B28B3019
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fcdkZVSqrkGvDNyD96Z6s6yZLYM.roa
Signing time: Fri 30 Jun 2023 15:13:35 +0000
ROA not before: Fri 30 Jun 2023 15:13:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 89.213.184.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.187.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:dd:e1:f5:46:92:e0:48:b0:37:fb:f7:b2:8b:30:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 15:13:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dc7646554aaae41af0cdc83f7a67ab3ac992d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b3:3f:6c:2b:9a:39:5d:85:c7:29:8a:66:b8:
ee:07:ad:09:75:2b:ea:0e:93:45:32:a9:fa:c7:f2:
9b:e4:82:9f:26:e0:5c:fc:95:30:52:f1:38:18:27:
2d:88:55:fb:f2:ca:07:5b:c8:b2:17:38:c9:5e:dc:
8c:6e:27:69:cf:01:c7:1b:a3:76:89:fb:2f:aa:95:
dc:fd:98:0d:cd:6b:3d:89:42:64:50:98:ed:35:f9:
ef:e3:c4:4f:3f:c2:60:88:ab:2d:03:5e:c2:23:9f:
4e:aa:b4:a3:04:52:9b:81:a4:fc:f9:d1:a2:02:e1:
19:dd:e7:55:6a:cb:7c:77:d5:15:c4:df:38:f8:64:
2a:45:39:6d:63:67:30:00:6f:9c:24:22:47:d7:16:
b8:b1:48:02:67:dc:c4:2b:ff:3a:16:bb:e6:b4:a3:
ef:03:0f:35:be:16:2d:d2:d4:2c:74:f5:a8:ce:fc:
dd:33:61:07:b2:ba:00:be:43:b0:2f:ba:5c:b7:9e:
2d:a1:2a:3a:15:05:82:16:e1:8e:ce:0e:ee:ac:fd:
3e:52:dd:0e:27:29:51:70:4c:0c:9c:ca:e1:d4:bd:
9d:3e:4e:09:46:77:38:55:55:64:7c:7c:ea:1a:01:
2b:27:15:87:69:01:88:02:e1:e7:4f:23:9d:90:f3:
92:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C7:64:65:54:AA:AE:41:AF:0C:DC:83:F7:A6:7A:B3:AC:99:2D:83
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fcdkZVSqrkGvDNyD96Z6s6yZLYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.137.0/24
82.153.140.0/24
89.213.182.0/24
89.213.184.0/24
89.213.187.0/24
89.213.190.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:1e:38:37:d9:1b:4b:52:05:38:88:64:02:56:df:c2:eb:8c:
5a:35:d5:46:dc:81:64:4d:7c:61:01:01:e9:49:f8:6a:51:16:
7b:f1:2a:b4:ac:0c:ea:78:99:46:b7:fd:15:cd:04:ce:9a:10:
aa:00:cb:c2:0d:c1:6c:75:4c:3f:91:fd:8f:cb:3c:8b:2e:0a:
1e:33:1a:81:ff:d6:d4:a6:81:f9:18:31:70:02:d7:77:cb:18:
30:7e:b5:c0:12:c8:25:d6:d0:50:fb:c1:93:8c:45:29:2c:e9:
e8:03:49:58:c8:0b:3a:02:be:b0:f5:35:5b:07:e1:73:9b:0d:
b8:c0:b7:cf:6d:96:4d:03:01:18:b0:14:99:f1:f8:19:e5:39:
48:ea:ad:45:8b:57:80:ca:84:36:c8:71:64:c4:c4:5d:01:7b:
9f:d7:c7:e5:52:b5:91:bc:67:1f:cd:ec:56:59:44:15:e0:71:
02:b6:16:13:f6:cd:23:f5:4b:da:b2:d5:35:c3:ed:ed:a9:48:
1f:9e:93:70:6d:6d:f6:5d:01:bb:8a:b6:0c:86:ea:b7:cc:4c:
3e:e6:7c:e6:cb:b8:af:60:4b:28:69:c3:87:fb:36:2e:9c:56:
36:5b:ab:1a:7d:93:d4:07:15:86:a7:aa:10:8a:23:55:3b:c4:
a4:75:6e:b7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYkM3eH1RpLgSLA3+/eyizAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjMwMTUxMzM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM3NjQ2NTU0YWFhZTQxYWYwY2RjODNmN2E2N2FiM2FjOTkyZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbM/bCuaOV2FxymKZrjuB60JdSvq
DpNFMqn6x/Kb5IKfJuBc/JUwUvE4GCctiFX78soHW8iyFzjJXtyMbidpzwHHG6N2
ifsvqpXc/ZgNzWs9iUJkUJjtNfnv48RPP8JgiKstA17CI59OqrSjBFKbgaT8+dGi
AuEZ3edVast8d9UVxN84+GQqRTltY2cwAG+cJCJH1xa4sUgCZ9zEK/86FrvmtKPv
Aw81vhYt0tQsdPWozvzdM2EHsroAvkOwL7pct54toSo6FQWCFuGOzg7urP0+Ut0O
JylRcEwMnMrh1L2dPk4JRnc4VVVkfHzqGgErJxWHaQGIAuHnTyOdkPOSJQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH3HZGVUqq5Brwzcg/emerOsmS2DMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZmNka1pWU3Fya0d2RE55RDk2WjZzNnlaTFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpmJAwQA
UpmMAwQAWdW2AwQAWdW4AwQAWdW7AwQBWdW+MA0GCSqGSIb3DQEBCwUAA4IBAQCn
Hjg32RtLUgU4iGQCVt/C64xaNdVG3IFkTXxhAQHpSfhqURZ78Sq0rAzqeJlGt/0V
zQTOmhCqAMvCDcFsdUw/kf2PyzyLLgoeMxqB/9bUpoH5GDFwAtd3yxgwfrXAEsgl
1tBQ+8GTjEUpLOnoA0lYyAs6Ar6w9TVbB+Fzmw24wLfPbZZNAwEYsBSZ8fgZ5TlI
6q1Fi1eAyoQ2yHFkxMRdAXuf18flUrWRvGcfzexWWUQV4HECthYT9s0j9UvastU1
w+3tqUgfnpNwbW32XQG7irYMhuq3zEw+5nzmy7ivYEsoacOH+zYunFY2W6safZPU
BxWGp6oQiiNVO8SkdW63
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:04 2025 by rpki-client