Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ_VA8DoRZUIR0VsT_96mhiDoEQ.roa
File: lJ_VA8DoRZUIR0VsT_96mhiDoEQ.roa (raw, json)
Hash identifier: zXsEW/BUfVscUNMJ4cOblo51IEQipG/nhZNM4yj+Bpw=
Subject key identifier: 94:9F:D5:03:C0:E8:45:95:08:47:45:6C:4F:FF:7A:9A:18:83:A0:44
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BADF331300FAD0D01FAAF32C1C2A1E10D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ_VA8DoRZUIR0VsT_96mhiDoEQ.roa
Signing time: Wed 08 Nov 2023 08:01:18 +0000
ROA not before: Wed 08 Nov 2023 08:01:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397423
IP address blocks: 82.153.245.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:f3:31:30:0f:ad:0d:01:fa:af:32:c1:c2:a1:e1:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 8 08:01:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=949fd503c0e845950847456c4fff7a9a1883a044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:85:85:31:f1:73:80:62:ef:41:31:05:09:14:
e4:b0:ec:81:cc:09:d9:a4:c2:1f:8f:ee:cb:24:56:
07:5a:44:9e:3d:79:05:48:d0:ce:3f:7a:85:38:04:
26:1a:51:d2:9e:ef:80:13:f0:56:1d:82:f2:bd:f3:
90:2f:60:46:9d:05:74:16:65:6d:72:e3:04:8d:b6:
68:b5:68:e0:59:0c:b1:7a:97:bf:7b:41:4b:34:6a:
14:e8:07:e8:15:f2:d4:41:0c:27:ca:8d:9b:f3:a2:
6f:03:4e:2a:df:5c:f5:0b:1a:37:31:0a:83:1c:13:
49:5c:1c:66:1a:eb:e0:d6:3b:e2:20:e8:7c:99:2d:
83:8d:9a:a3:ca:3e:19:7a:81:00:da:9a:c2:3c:d2:
6a:ab:e7:14:ab:2a:bf:67:a9:ba:98:af:3d:86:c2:
0d:93:3f:bf:ce:12:b7:99:8e:b7:3d:de:78:14:65:
2c:2d:18:66:81:a2:38:5b:1b:f3:b8:2d:95:57:43:
a7:8a:da:26:6d:75:ad:e9:5c:75:14:59:fc:6b:20:
5d:1e:6f:d4:60:05:ed:4d:c4:3b:aa:e1:0d:33:4a:
cd:ed:23:a3:25:7e:8f:bc:0d:72:69:50:f0:b4:e9:
74:63:8c:9d:9a:95:d1:92:a3:0c:51:56:f4:9e:c5:
74:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9F:D5:03:C0:E8:45:95:08:47:45:6C:4F:FF:7A:9A:18:83:A0:44
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lJ_VA8DoRZUIR0VsT_96mhiDoEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.245.0/24
89.213.132.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:24:3e:50:14:a3:94:83:e7:d1:9f:72:da:c5:a4:3f:93:d6:
f8:67:6a:18:e3:77:e7:44:51:a0:3a:5d:cb:1d:48:c9:f9:c0:
3f:41:c1:1f:b5:fd:ba:45:02:73:58:3f:e0:57:fe:cf:bb:cf:
21:7b:dd:df:46:72:af:81:73:b7:6f:0d:8b:d6:5d:19:f5:84:
c5:c2:b9:71:15:be:3f:67:63:8e:00:e8:f1:9e:72:72:f2:a5:
72:5f:f9:e5:39:2b:cb:1a:7e:a0:92:df:3e:f7:7a:4a:78:76:
9c:f7:17:56:a8:34:a5:9e:dd:d6:bc:2b:28:e6:7e:f5:6c:52:
7b:c0:99:e8:0e:18:e7:65:1f:8b:96:1f:18:5f:57:ac:ea:41:
38:9e:3e:48:bc:7c:d9:7e:0f:99:66:02:cd:ee:f2:b6:2a:90:
37:da:ae:5e:ba:90:95:c7:82:32:32:2d:dd:06:cc:43:6d:39:
0b:c5:04:2e:c3:4d:5b:e8:d0:28:9a:03:dc:79:59:33:2a:9c:
98:8a:c2:a2:6a:3d:9e:55:28:4a:aa:38:81:ef:82:b1:35:ad:
59:7f:35:8d:af:69:f7:d7:75:e1:60:66:94:13:24:d8:29:a8:
0e:83:87:98:e0:c5:ea:34:b0:80:0e:c0:2c:55:e6:9d:d0:9d:
85:f8:2a:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYut8zEwD60NAfqvMsHCoeENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA4MDgwMTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDlmZDUwM2MwZTg0NTk1MDg0NzQ1NmM0ZmZmN2E5YTE4ODNhMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4WFMfFzgGLvQTEFCRTksOyBzAnZ
pMIfj+7LJFYHWkSePXkFSNDOP3qFOAQmGlHSnu+AE/BWHYLyvfOQL2BGnQV0FmVt
cuMEjbZotWjgWQyxepe/e0FLNGoU6AfoFfLUQQwnyo2b86JvA04q31z1Cxo3MQqD
HBNJXBxmGuvg1jviIOh8mS2DjZqjyj4ZeoEA2prCPNJqq+cUqyq/Z6m6mK89hsIN
kz+/zhK3mY63Pd54FGUsLRhmgaI4WxvzuC2VV0OnitombXWt6Vx1FFn8ayBdHm/U
YAXtTcQ7quENM0rN7SOjJX6PvA1yaVDwtOl0Y4ydmpXRkqMMUVb0nsV0ZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJSf1QPA6EWVCEdFbE//epoYg6BEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbEpfVkE4RG9SWlVJUjBWc1RfOTZtaGlEb0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpn1AwQA
WdWEMA0GCSqGSIb3DQEBCwUAA4IBAQBuJD5QFKOUg+fRn3LaxaQ/k9b4Z2oY43fn
RFGgOl3LHUjJ+cA/QcEftf26RQJzWD/gV/7Pu88he93fRnKvgXO3bw2L1l0Z9YTF
wrlxFb4/Z2OOAOjxnnJy8qVyX/nlOSvLGn6gkt8+93pKeHac9xdWqDSlnt3WvCso
5n71bFJ7wJnoDhjnZR+Llh8YX1es6kE4nj5IvHzZfg+ZZgLN7vK2KpA32q5eupCV
x4IyMi3dBsxDbTkLxQQuw01b6NAomgPceVkzKpyYisKiaj2eVShKqjiB74KxNa1Z
fzWNr2n313XhYGaUEyTYKagOg4eY4MXqNLCADsAsVead0J2F+Co5
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:58 2025 by rpki-client