Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fukeOb5BUtEZD6DTOesqd0pUCeo.roa
File: fukeOb5BUtEZD6DTOesqd0pUCeo.roa (raw, json)
Hash identifier: nZ8QgUAt2cyWWu+92Ndufzqo9sSuoDd0mYpPq9KA4eY=
Subject key identifier: 7E:E9:1E:39:BE:41:52:D1:19:0F:A0:D3:39:EB:2A:77:4A:54:09:EA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01898C0CA421C52EEE76A29E8EDE82BC6A2A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fukeOb5BUtEZD6DTOesqd0pUCeo.roa
Signing time: Tue 25 Jul 2023 07:56:25 +0000
ROA not before: Tue 25 Jul 2023 07:56:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
82.152.111.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
89.213.131.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:0c:a4:21:c5:2e:ee:76:a2:9e:8e:de:82:bc:6a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 25 07:56:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ee91e39be4152d1190fa0d339eb2a774a5409ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:05:75:e6:bf:69:8e:5c:28:69:a9:7a:7e:0f:
4f:1b:d5:20:d1:3f:be:3a:f8:21:ef:ff:cc:fb:4f:
68:02:9a:ff:74:f5:7b:18:44:99:bb:f3:be:32:c0:
3a:eb:89:31:3a:93:c7:44:27:64:1a:85:bd:c0:0b:
fa:17:0c:bc:ba:8f:18:06:97:4d:62:c7:50:0d:ab:
15:13:1b:3b:e7:88:9c:af:58:1f:88:88:1c:98:48:
9c:22:c1:4e:87:e6:ba:78:3e:8d:84:d9:c8:61:98:
65:5e:3e:ca:0e:3c:92:cd:e6:58:08:2c:a5:d7:98:
56:d1:01:b2:f7:e7:8f:28:61:2a:6b:a1:fd:08:03:
5f:28:0b:96:f3:d7:cf:86:98:8a:94:22:0d:3e:34:
74:0d:ce:75:a1:ca:b8:1b:8f:38:dc:38:04:cb:69:
aa:c9:ef:c8:03:8e:1e:51:82:99:9c:ed:52:07:c0:
fd:16:2d:3d:df:2a:02:96:4f:9f:ee:94:67:2d:90:
8a:a3:ce:94:5e:02:95:21:30:fa:b4:af:7f:33:66:
d6:59:a9:44:ae:e4:92:68:a9:17:79:a3:a9:ec:89:
ee:bf:fd:7f:08:eb:5b:b1:1c:a5:6a:38:cb:9e:d4:
71:ef:0f:90:ed:7d:6b:8e:b5:e9:97:64:1d:d1:28:
19:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E9:1E:39:BE:41:52:D1:19:0F:A0:D3:39:EB:2A:77:4A:54:09:EA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fukeOb5BUtEZD6DTOesqd0pUCeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0/22
82.153.223.0/24
82.153.249.0/24
89.213.131.0/24
89.213.191.0/24
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
56:50:ca:83:08:b5:74:2f:32:83:5d:9a:e9:83:b4:52:10:eb:
0b:d9:91:bc:8c:da:cd:3c:97:e6:fe:d5:f7:21:5c:d0:26:5b:
0b:02:0e:f4:96:94:20:2e:a4:45:72:b0:38:32:9d:3f:7c:3b:
64:67:6f:69:29:ed:73:bf:42:51:d8:4f:29:50:e4:61:f2:ed:
16:0f:5e:60:3b:e8:2c:5f:f7:bb:9c:13:c8:e1:e7:55:a8:08:
0a:a5:43:75:68:26:8b:25:39:3f:8f:cf:1e:1c:49:0a:75:b6:
17:e4:a6:df:54:29:ba:68:cb:95:9b:4d:c4:ef:84:a5:17:d7:
e2:b2:d2:b4:c6:50:07:c4:19:0c:a7:2d:4c:db:3d:a2:76:be:
3e:33:7c:dc:c3:32:d7:71:09:08:92:a4:f5:a3:8d:8d:ed:aa:
46:76:d3:bb:be:3f:73:eb:c8:8f:15:10:8e:a1:f6:30:a0:50:
8c:da:20:a4:d7:8c:b3:76:cb:85:1a:43:d2:89:5b:d5:f2:32:
dd:c8:75:2e:a9:9c:3f:b4:f1:c6:a8:4a:70:cf:49:99:0a:a1:
05:85:01:06:f9:a9:10:6d:b9:69:79:62:bb:8f:e0:76:00:55:
be:31:d6:de:69:39:90:21:3c:67:01:ef:20:7c:9c:af:d3:27:
ea:da:75:a7
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYmMDKQhxS7udqKejt6CvGoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzI1MDc1NjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWU5MWUzOWJlNDE1MmQxMTkwZmEwZDMzOWViMmE3NzRhNTQwOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQV15r9pjlwoaal6fg9PG9Ug0T++
Ovgh7//M+09oApr/dPV7GESZu/O+MsA664kxOpPHRCdkGoW9wAv6Fwy8uo8YBpdN
YsdQDasVExs754icr1gfiIgcmEicIsFOh+a6eD6NhNnIYZhlXj7KDjySzeZYCCyl
15hW0QGy9+ePKGEqa6H9CANfKAuW89fPhpiKlCINPjR0Dc51ocq4G4843DgEy2mq
ye/IA44eUYKZnO1SB8D9Fi093yoClk+f7pRnLZCKo86UXgKVITD6tK9/M2bWWalE
ruSSaKkXeaOp7Inuv/1/COtbsRylajjLntRx7w+Q7X1rjrXpl2Qd0SgZswIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFH7pHjm+QVLRGQ+g0znrKndKVAnqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZnVrZU9iNUJVdEVaRDZEVE9lc3FkMHBVQ2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAUQWcAwQA
Uah3AwQAUah7AwQAUphvAwQBUpj8AwQAUpj/AwQAUpkBAwQAUplJAwQAUplOAwQC
UpmIAwQAUpnfAwQAUpn5AwQAWdWDAwQAWdW/AwQA1ZgqMA0GCSqGSIb3DQEBCwUA
A4IBAQBWUMqDCLV0LzKDXZrpg7RSEOsL2ZG8jNrNPJfm/tX3IVzQJlsLAg70lpQg
LqRFcrA4Mp0/fDtkZ29pKe1zv0JR2E8pUORh8u0WD15gO+gsX/e7nBPI4edVqAgK
pUN1aCaLJTk/j88eHEkKdbYX5KbfVCm6aMuVm03E74SlF9fistK0xlAHxBkMpy1M
2z2idr4+M3zcwzLXcQkIkqT1o42N7apGdtO7vj9z68iPFRCOofYwoFCM2iCk14yz
dsuFGkPSiVvV8jLdyHUuqZw/tPHGqEpwz0mZCqEFhQEG+akQbblpeWK7j+B2AFW+
MdbeaTmQITxnAe8gfJyv0yfq2nWn
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:08 2025 by rpki-client