Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jHOJDtvGah_zQtXA4VNJzQos4rQ.roa
File: jHOJDtvGah_zQtXA4VNJzQos4rQ.roa (raw, json)
Hash identifier: C9w/W88/Skj0qXYEjRhWQCSMexHASGUlo2PnDVQUEKo=
Subject key identifier: 8C:73:89:0E:DB:C6:6A:1F:F3:42:D5:C0:E1:53:49:CD:0A:2C:E2:B4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0188428186D3389F1F9956A1B8EA3026BAE2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jHOJDtvGah_zQtXA4VNJzQos4rQ.roa
Signing time: Mon 22 May 2023 08:09:24 +0000
ROA not before: Mon 22 May 2023 08:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:81:86:d3:38:9f:1f:99:56:a1:b8:ea:30:26:ba:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 22 08:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c73890edbc66a1ff342d5c0e15349cd0a2ce2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fb:e2:a6:a2:33:d2:9c:f7:1c:b0:10:76:b2:
91:3b:5e:86:08:1b:b7:90:53:27:c5:93:14:8a:78:
3f:f6:a5:8a:9c:d7:a6:ec:fa:01:e6:c2:03:84:c1:
4f:fc:95:16:3f:d7:4b:a7:ee:ab:66:1f:50:f8:d2:
2d:28:54:55:79:1a:25:53:aa:2a:74:21:c5:63:18:
ae:ad:b5:ae:a4:7c:26:be:4c:fd:2f:7c:57:28:5e:
52:ed:df:9d:87:1b:bd:c5:f3:7d:47:d1:a6:78:1c:
90:d7:f2:dd:ce:9c:e3:64:9e:85:ae:5d:a9:63:da:
f2:70:dd:f1:c9:f4:48:b9:68:63:c7:39:da:74:4d:
5f:66:78:79:69:fa:ac:b3:2a:2e:76:f9:94:27:53:
83:fd:3f:b4:41:5a:98:5c:57:50:63:e1:70:b7:cc:
a0:c1:a9:59:9c:74:af:ee:98:b2:c2:9c:85:b6:e6:
fa:6c:6b:e7:d8:06:4c:9a:01:bc:c9:1a:cb:e4:bf:
23:cc:fe:4d:c0:39:0f:90:ac:68:9c:ca:39:f6:65:
b2:ba:0b:9d:88:1d:28:bb:8a:de:96:30:eb:0e:51:
2e:41:84:4f:7c:6d:b2:e5:84:fd:4e:d7:06:06:0d:
f1:a5:42:4d:5f:68:1c:08:33:15:90:66:a1:69:7f:
3d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:73:89:0E:DB:C6:6A:1F:F3:42:D5:C0:E1:53:49:CD:0A:2C:E2:B4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jHOJDtvGah_zQtXA4VNJzQos4rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.153.1.0/24
82.153.72.0/24
82.153.78.0/24
82.153.132.0/24
Signature Algorithm: sha256WithRSAEncryption
32:93:52:45:08:c7:84:61:3d:1b:6e:de:2c:51:18:38:db:8e:
4b:b2:d6:f5:fe:a4:df:db:72:90:47:e1:87:b7:ae:a1:80:94:
50:ef:95:13:1a:f9:ea:30:00:69:72:54:23:dd:48:68:f4:44:
02:fd:42:ad:36:01:38:d1:75:1d:d5:70:56:7a:17:e2:b8:73:
8e:2e:7b:01:2c:74:2f:7a:08:b5:7b:1f:d0:02:6b:01:46:e5:
31:56:7f:59:0d:7e:bd:0c:66:6b:12:59:b2:40:a2:ef:e2:b4:
ae:28:75:8a:5f:34:8e:47:63:64:15:51:20:98:6a:03:18:bd:
58:e5:7e:09:78:d5:72:e1:7c:ae:2c:c2:8a:59:ec:67:eb:60:
16:5b:2e:a3:ba:0b:17:d3:c5:80:13:2b:d5:2f:ab:c0:a6:15:
80:aa:ec:d2:b6:3b:df:f7:88:f7:5e:d5:0c:7f:d6:3b:26:6b:
3a:8a:b6:17:62:d0:6d:6b:b6:df:7b:8a:e1:3e:c6:b9:1c:be:
61:74:92:61:67:92:46:fb:b2:12:1c:8c:13:97:41:7c:2c:da:
b4:ae:8c:91:ee:1f:3b:97:35:60:7f:e9:d1:05:a2:42:8f:84:
2b:13:a1:25:92:7f:55:ba:40:a5:c2:a7:5f:fc:54:be:98:79:
1c:d1:ac:bf
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYhCgYbTOJ8fmVahuOowJrriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTIyMDgwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzczODkwZWRiYzY2YTFmZjM0MmQ1YzBlMTUzNDljZDBhMmNlMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/vipqIz0pz3HLAQdrKRO16GCBu3
kFMnxZMUing/9qWKnNem7PoB5sIDhMFP/JUWP9dLp+6rZh9Q+NItKFRVeRolU6oq
dCHFYxiurbWupHwmvkz9L3xXKF5S7d+dhxu9xfN9R9GmeByQ1/LdzpzjZJ6Frl2p
Y9rycN3xyfRIuWhjxznadE1fZnh5afqssyoudvmUJ1OD/T+0QVqYXFdQY+Fwt8yg
walZnHSv7piywpyFtub6bGvn2AZMmgG8yRrL5L8jzP5NwDkPkKxonMo59mWyugud
iB0ou4reljDrDlEuQYRPfG2y5YT9TtcGBg3xpUJNX2gcCDMVkGahaX89ywIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIxziQ7bxmof80LVwOFTSc0KLOK0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvakhPSkR0dkdhaF96UXRYQTRWTkp6UW9zNHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBABRqHcD
BABRqHgDBABRqHsDBABRqH4DBABSmQEDBABSmUgDBABSmU4DBABSmYQwDQYJKoZI
hvcNAQELBQADggEBADKTUkUIx4RhPRtu3ixRGDjbjkuy1vX+pN/bcpBH4Ye3rqGA
lFDvlRMa+eowAGlyVCPdSGj0RAL9Qq02ATjRdR3VcFZ6F+K4c44uewEsdC96CLV7
H9ACawFG5TFWf1kNfr0MZmsSWbJAou/itK4odYpfNI5HY2QVUSCYagMYvVjlfgl4
1XLhfK4swopZ7GfrYBZbLqO6CxfTxYATK9Uvq8CmFYCq7NK2O9/3iPde1Qx/1jsm
azqKthdi0G1rtt97iuE+xrkcvmF0kmFnkkb7shIcjBOXQXws2rSujJHuHzuXNWB/
6dEFokKPhCsToSWSf1W6QKXCp1/8VL6YeRzRrL8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:56 2025 by rpki-client