Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jjG7_Vf86MeOZdM5J5E2L6Ybo78.roa
File: jjG7_Vf86MeOZdM5J5E2L6Ybo78.roa (raw, json)
Hash identifier: K5AGfH128jYY2yO5IcdE6wUKMhx+2raZ08tTMXgakE0=
Subject key identifier: 8E:31:BB:FD:57:FC:E8:C7:8E:65:D3:39:27:91:36:2F:A6:1B:A3:BF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018871C984A869618F0D3B34C6534459144B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jjG7_Vf86MeOZdM5J5E2L6Ybo78.roa
Signing time: Wed 31 May 2023 12:30:12 +0000
ROA not before: Wed 31 May 2023 12:30:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.5.189.0/24 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:c9:84:a8:69:61:8f:0d:3b:34:c6:53:44:59:14:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 31 12:30:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e31bbfd57fce8c78e65d3392791362fa61ba3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e3:c3:c3:3c:af:9c:19:54:4c:4d:e3:05:86:
0f:32:c4:8c:b1:89:96:6f:db:1e:67:fd:3d:41:0e:
b5:73:8f:40:fb:a7:33:9d:e3:b7:ae:6a:a6:09:44:
84:91:e5:14:0d:63:a2:17:5f:14:fb:63:6e:2a:37:
1f:1f:8e:a5:bd:45:bf:a7:07:f7:61:d1:db:cc:73:
b5:6a:87:48:ac:86:66:fb:ff:6d:96:9f:b9:ab:0f:
b7:91:6d:57:32:53:c6:43:cb:d4:10:0a:5a:b2:47:
62:f9:01:c1:a5:c3:1f:8c:4e:e0:69:39:c3:eb:8d:
d6:3c:bf:4e:a8:ae:e8:92:cb:48:0a:ea:86:4c:d4:
c0:e6:dc:8e:f3:65:9c:56:7b:be:bb:4f:cd:a8:d0:
18:a4:49:1c:6c:7d:17:97:7a:95:76:4b:8d:c2:4b:
ed:8d:c4:a1:a5:05:6f:e6:92:c1:4e:54:f3:f9:ab:
e0:2a:2b:73:1a:d9:5f:f2:f6:0b:12:6b:7d:9a:50:
73:2b:07:4b:a8:ba:d9:36:4a:37:c1:27:de:30:8b:
db:76:aa:90:e7:69:92:27:9f:df:22:e1:ee:b7:7b:
79:d6:0b:c2:6d:a4:10:7d:66:29:c2:07:c8:0b:3d:
f2:8e:96:fc:8c:3c:54:c1:52:e4:17:e8:40:9e:7a:
87:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:31:BB:FD:57:FC:E8:C7:8E:65:D3:39:27:91:36:2F:A6:1B:A3:BF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jjG7_Vf86MeOZdM5J5E2L6Ybo78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.174.0/23
82.152.249.0/24
82.152.253.0/24
82.152.255.0/24
82.153.73.0/24
82.153.222.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:3e:b0:23:05:b1:4a:9c:9d:d4:c9:68:59:10:d4:85:fa:71:
3e:fb:ca:19:df:87:9e:6d:2e:bd:e6:80:82:56:ef:7e:bd:6f:
86:3c:a4:35:5e:3f:67:78:d9:0c:88:9a:8f:61:96:f7:34:3b:
af:94:d8:1c:39:ff:28:4d:f9:46:98:61:04:a0:2e:14:9c:80:
f3:4f:54:f6:50:16:7c:a1:75:4d:46:f0:50:f8:02:5c:b6:43:
41:86:da:f5:8c:d5:9d:a8:5a:53:da:6f:b3:4f:00:be:eb:51:
fc:9b:f3:bf:a0:7c:be:65:41:37:bc:9d:05:14:12:0b:9e:38:
a0:8f:3a:5a:df:4f:47:f1:2e:a6:8f:56:f4:a0:7a:ae:7c:ad:
13:c4:4d:09:09:ee:a9:9a:31:1d:83:d3:32:3e:9d:07:c3:ce:
15:24:fe:11:f1:1f:0d:f1:e0:34:16:e9:49:74:6f:be:5c:d1:
bb:5b:fd:50:f7:41:28:fb:9e:9d:34:27:5c:4f:d2:a1:f7:08:
e6:08:25:0f:99:5d:2a:34:2f:72:80:2f:cb:a7:53:85:a5:2d:
0d:00:bf:66:c8:6b:20:3d:03:cf:5d:9e:61:b4:a2:7a:93:d7:
c9:ca:a4:ee:23:c6:f0:91:94:82:8c:f5:06:cd:10:68:52:e4:
00:32:ad:48
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYhxyYSoaWGPDTs0xlNEWRRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTMxMTIzMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTMxYmJmZDU3ZmNlOGM3OGU2NWQzMzkyNzkxMzYyZmE2MWJhM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuPDwzyvnBlUTE3jBYYPMsSMsYmW
b9seZ/09QQ61c49A+6czneO3rmqmCUSEkeUUDWOiF18U+2NuKjcfH46lvUW/pwf3
YdHbzHO1aodIrIZm+/9tlp+5qw+3kW1XMlPGQ8vUEApaskdi+QHBpcMfjE7gaTnD
643WPL9OqK7okstICuqGTNTA5tyO82WcVnu+u0/NqNAYpEkcbH0Xl3qVdkuNwkvt
jcShpQVv5pLBTlTz+avgKitzGtlf8vYLEmt9mlBzKwdLqLrZNko3wSfeMIvbdqqQ
52mSJ5/fIuHut3t51gvCbaQQfWYpwgfICz3yjpb8jDxUwVLkF+hAnnqHMwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFI4xu/1X/OjHjmXTOSeRNi+mG6O/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvampHN19WZjg2TWVPWmRNNUo1RTJMNllibzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUQW9AwQA
Uah0AwQAUah3AwQAUah7AwQBUpiuAwQAUpj5AwQAUpj9AwQAUpj/AwQAUplJAwQA
UpneAwQBUpn4MA0GCSqGSIb3DQEBCwUAA4IBAQCLPrAjBbFKnJ3UyWhZENSF+nE+
+8oZ34eebS695oCCVu9+vW+GPKQ1Xj9neNkMiJqPYZb3NDuvlNgcOf8oTflGmGEE
oC4UnIDzT1T2UBZ8oXVNRvBQ+AJctkNBhtr1jNWdqFpT2m+zTwC+61H8m/O/oHy+
ZUE3vJ0FFBILnjigjzpa309H8S6mj1b0oHqufK0TxE0JCe6pmjEdg9MyPp0Hw84V
JP4R8R8N8eA0FulJdG++XNG7W/1Q90Eo+56dNCdcT9Kh9wjmCCUPmV0qNC9ygC/L
p1OFpS0NAL9myGsgPQPPXZ5htKJ6k9fJyqTuI8bwkZSCjPUGzRBoUuQAMq1I
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:19 2025 by rpki-client