Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iCtTEM-EtBonntaKWOEi0sOMkiw.roa
File: iCtTEM-EtBonntaKWOEi0sOMkiw.roa (raw, json)
Hash identifier: N35qnK0GZtDrkEDgsSRvlwL9GpGQZFOfM5bIJ/3N5Zs=
Subject key identifier: 88:2B:53:10:CF:84:B4:1A:27:9E:D6:8A:58:E1:22:D2:C3:8C:92:2C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0185DE06AAA904C686CB9A07DA08AA16AB6C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iCtTEM-EtBonntaKWOEi0sOMkiw.roa
Signing time: Mon 23 Jan 2023 09:47:36 +0000
ROA not before: Mon 23 Jan 2023 09:47:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:06:aa:a9:04:c6:86:cb:9a:07:da:08:aa:16:ab:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 23 09:47:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=882b5310cf84b41a279ed68a58e122d2c38c922c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:94:a9:46:7a:dc:46:2e:a6:14:cf:a0:01:ed:
46:b5:27:42:45:8e:bf:a3:ce:e2:de:72:cc:28:b6:
a4:71:67:b5:81:d9:c5:3d:e2:cc:db:37:9a:a5:4f:
71:2f:57:6e:87:3e:70:62:52:fc:27:f2:d4:49:48:
b6:c2:21:52:d8:00:b1:f3:1c:88:5e:4d:e1:20:d7:
58:59:33:7e:33:7d:96:43:eb:ca:35:10:d9:48:03:
68:b3:07:ea:41:2d:fa:44:08:68:00:89:fa:9a:d8:
b8:f2:f8:e0:df:79:c3:6a:cd:27:0e:89:8a:a4:c2:
0f:a1:ce:04:a7:eb:ce:ad:34:e9:aa:7f:4f:58:3a:
0b:41:b2:8b:ba:ea:63:7c:41:36:54:52:c7:e6:f1:
1c:64:6c:29:b0:76:c7:42:c6:43:8b:b3:ec:91:93:
a1:86:85:32:98:d5:10:f6:02:17:c2:29:a2:8b:70:
1a:46:33:d0:72:69:4e:14:10:14:a7:16:89:1e:c2:
ad:e9:13:9e:0d:f3:33:8a:ac:66:96:d0:3a:7d:c7:
e8:f0:41:5b:c6:3d:84:c0:f1:67:91:98:9c:89:03:
95:4a:9e:2a:82:a3:81:dd:c8:2a:83:dd:ad:81:16:
73:3c:68:85:f7:a4:65:7c:09:b2:45:f0:45:3b:f6:
ae:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2B:53:10:CF:84:B4:1A:27:9E:D6:8A:58:E1:22:D2:C3:8C:92:2C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iCtTEM-EtBonntaKWOEi0sOMkiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.224.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:4f:b9:8e:cc:8d:6d:7d:08:df:ab:8d:25:fd:89:f2:f6:d8:
d9:16:18:08:07:6d:43:27:bd:64:de:34:09:f0:4f:3c:59:dc:
5d:88:f9:3a:65:07:0e:4d:09:fe:bb:66:eb:87:96:68:f9:d7:
c8:56:aa:f7:e1:59:fe:74:ca:4e:e8:75:5a:bd:d5:66:f2:3f:
16:5e:25:f2:b8:22:a2:0a:f8:4a:ef:d8:60:0a:2e:e6:1c:db:
13:9e:36:f9:01:ff:08:8a:c3:9f:0b:42:ff:48:1c:4f:82:88:
3a:f2:79:81:4d:22:95:df:99:0d:b8:55:69:79:0b:13:3c:33:
89:bd:68:60:8e:47:2e:55:40:60:60:69:a3:62:8a:be:7b:37:
2a:f9:bf:7b:c6:88:55:86:e8:0e:12:e7:0b:36:09:16:e8:d0:
2d:a3:c7:0e:aa:99:ca:af:71:17:46:34:2a:76:00:74:3c:41:
79:5b:dd:68:06:3b:9d:7b:e7:80:df:50:e4:a5:b7:ce:1d:aa:
87:97:b3:52:a3:c4:da:46:e4:f2:28:84:a2:44:19:47:d0:0b:
9c:08:95:82:bd:6d:23:43:d3:47:6e:24:63:df:c9:ca:9e:2e:
ec:74:b0:3c:d1:fa:e0:9e:4f:05:06:0f:e6:70:b6:d4:39:95:
c6:cd:64:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXeBqqpBMaGy5oH2giqFqtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTIzMDk0NzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJiNTMxMGNmODRiNDFhMjc5ZWQ2OGE1OGUxMjJkMmMzOGM5MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ZSpRnrcRi6mFM+gAe1GtSdCRY6/
o87i3nLMKLakcWe1gdnFPeLM2zeapU9xL1duhz5wYlL8J/LUSUi2wiFS2ACx8xyI
Xk3hINdYWTN+M32WQ+vKNRDZSANoswfqQS36RAhoAIn6mti48vjg33nDas0nDomK
pMIPoc4Ep+vOrTTpqn9PWDoLQbKLuupjfEE2VFLH5vEcZGwpsHbHQsZDi7PskZOh
hoUymNUQ9gIXwimii3AaRjPQcmlOFBAUpxaJHsKt6ROeDfMziqxmltA6fcfo8EFb
xj2EwPFnkZiciQOVSp4qgqOB3cgqg92tgRZzPGiF96RlfAmyRfBFO/augwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgrUxDPhLQaJ57WiljhItLDjJIsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaUN0VEVNLUV0Qm9ubnRhS1dPRWkwc09Na2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpngMA0G
CSqGSIb3DQEBCwUAA4IBAQCdT7mOzI1tfQjfq40l/Yny9tjZFhgIB21DJ71k3jQJ
8E88WdxdiPk6ZQcOTQn+u2brh5Zo+dfIVqr34Vn+dMpO6HVavdVm8j8WXiXyuCKi
CvhK79hgCi7mHNsTnjb5Af8IisOfC0L/SBxPgog68nmBTSKV35kNuFVpeQsTPDOJ
vWhgjkcuVUBgYGmjYoq+ezcq+b97xohVhugOEucLNgkW6NAto8cOqpnKr3EXRjQq
dgB0PEF5W91oBjude+eA31DkpbfOHaqHl7NSo8TaRuTyKISiRBlH0AucCJWCvW0j
Q9NHbiRj38nKni7sdLA80frgnk8FBg/mcLbUOZXGzWQg
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:58 2025 by rpki-client