Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mA8bpy4IEqvzEN4aG4GuGdk6wGk.roa
File: mA8bpy4IEqvzEN4aG4GuGdk6wGk.roa (raw, json)
Hash identifier: XPYacHPbOrh8OwUss6Dpw0amNpG6QR1FRQFw+e0GASg=
Subject key identifier: 98:0F:1B:A7:2E:08:12:AB:F3:10:DE:1A:1B:81:AE:19:D9:3A:C0:69
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189BAB25A383BDC932B1AF4CDCC477E178C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mA8bpy4IEqvzEN4aG4GuGdk6wGk.roa
Signing time: Thu 03 Aug 2023 09:19:57 +0000
ROA not before: Thu 03 Aug 2023 09:19:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:b2:5a:38:3b:dc:93:2b:1a:f4:cd:cc:47:7e:17:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 3 09:19:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=980f1ba72e0812abf310de1a1b81ae19d93ac069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1e:06:aa:b6:2e:28:6e:bb:f4:58:04:3b:3f:
ca:9c:a4:30:ae:0f:e6:74:d7:8b:47:f7:f7:cb:18:
07:41:c1:5c:ef:f8:0e:5b:61:2b:50:4a:de:61:16:
5c:cb:7c:eb:89:7c:6b:3c:b1:22:d3:2d:0d:73:84:
81:f4:40:fe:24:1d:4e:ba:08:29:2a:78:ff:0a:82:
7e:4f:99:9e:81:c6:11:20:76:2a:a4:08:ed:18:3e:
ea:8e:c9:85:4e:ac:58:c9:d2:fb:28:bd:f2:e4:7e:
96:4a:3a:1e:be:b4:f2:f4:51:ea:55:a2:7c:33:3b:
06:08:f4:52:3f:2e:3b:6e:ee:d4:b4:4d:e0:20:c6:
1c:0e:1d:77:0a:8e:6a:70:54:77:c8:fc:cf:bb:da:
c0:ab:b9:58:e8:1f:72:57:c3:3e:64:34:14:89:12:
20:b4:f5:85:fd:b0:72:03:94:8d:4a:a3:bb:80:77:
f9:02:5e:ff:2d:90:40:62:03:39:3b:f3:4d:eb:54:
23:14:3b:98:3a:22:e2:37:2c:80:bc:25:3f:7b:3b:
16:4c:2f:7b:90:ae:e9:b8:b4:ae:98:bb:d5:32:7e:
2f:2b:93:cb:4b:fa:3a:5a:0b:0e:07:51:38:8a:dc:
4a:64:00:2a:54:58:5c:97:6a:ff:4e:c2:14:79:17:
79:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0F:1B:A7:2E:08:12:AB:F3:10:DE:1A:1B:81:AE:19:D9:3A:C0:69
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mA8bpy4IEqvzEN4aG4GuGdk6wGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.68.0/23
82.153.71.0-82.153.72.255
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.6.0/24
89.213.130.0/24
89.213.161.0/24
89.213.190.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
84:56:b5:00:44:08:f3:ff:c5:ea:e6:30:5a:cb:5c:28:a0:c5:
d2:81:15:b2:38:80:3c:ed:f9:81:5d:83:5c:ab:76:ab:5e:8b:
78:8f:3e:12:28:39:91:33:b7:aa:1d:91:37:34:dc:1d:e6:ba:
2a:44:3a:77:a2:7a:ce:81:f8:c0:07:73:f0:d9:a7:35:73:57:
4b:bd:fd:dc:d7:b0:8f:98:0e:78:05:9e:e4:fc:13:e3:a8:11:
b3:71:09:d7:33:6f:c3:0f:b5:38:8b:8c:e7:35:95:4d:9d:eb:
eb:f9:81:6d:0b:4a:95:30:47:9b:8c:21:6c:9e:86:2f:1c:a8:
bc:bd:49:52:68:a2:b9:02:10:03:7b:cf:4c:9a:fe:20:43:fd:
fd:8f:4d:22:a6:49:4c:9a:f7:6c:f8:6d:60:ce:0b:d1:af:b5:
d3:84:98:c0:65:c3:ed:28:b8:c1:d9:ca:6f:e9:fd:61:f0:46:
ff:24:26:ea:dc:14:62:d7:61:81:d1:0b:46:78:22:8c:cf:64:
31:29:35:75:a9:4c:3f:89:40:75:30:7e:30:b3:dd:b8:9f:8b:
70:74:57:c1:aa:5a:47:4b:08:8d:b2:a9:f6:5d:91:f4:2b:9b:
bb:7c:5d:a6:9c:65:dd:95:dc:cb:0a:62:68:2a:8d:3c:3b:40:
52:9f:52:ca
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYm6slo4O9yTKxr0zcxHfheMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAzMDkxOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBmMWJhNzJlMDgxMmFiZjMxMGRlMWExYjgxYWUxOWQ5M2FjMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB4GqrYuKG679FgEOz/KnKQwrg/m
dNeLR/f3yxgHQcFc7/gOW2ErUEreYRZcy3zriXxrPLEi0y0Nc4SB9ED+JB1Ouggp
Knj/CoJ+T5megcYRIHYqpAjtGD7qjsmFTqxYydL7KL3y5H6WSjoevrTy9FHqVaJ8
MzsGCPRSPy47bu7UtE3gIMYcDh13Co5qcFR3yPzPu9rAq7lY6B9yV8M+ZDQUiRIg
tPWF/bByA5SNSqO7gHf5Al7/LZBAYgM5O/NN61QjFDuYOiLiNyyAvCU/ezsWTC97
kK7puLSumLvVMn4vK5PLS/o6WgsOB1E4itxKZAAqVFhcl2r/TsIUeRd5RwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFJgPG6cuCBKr8xDeGhuBrhnZOsBpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbUE4YnB5NElFcXZ6RU40YUc0R3VHZGs2d0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAFEF
vQMEAFGoIzAMAwQAUah3AwQAUah4AwQAUah7AwQAUah+AwQAUpj4AwQAUpj7AwQA
Upj+AwQBUplEMAwDBABSmUcDBABSmUgDBABSmU8DBABSmYQDBABSmeADBABZ1QYD
BABZ1YIDBABZ1aEDBABZ1b4DBAC5MXwwDQYJKoZIhvcNAQELBQADggEBAIRWtQBE
CPP/xermMFrLXCigxdKBFbI4gDzt+YFdg1yrdqtei3iPPhIoOZEzt6odkTc03B3m
uipEOneies6B+MAHc/DZpzVzV0u9/dzXsI+YDngFnuT8E+OoEbNxCdczb8MPtTiL
jOc1lU2d6+v5gW0LSpUwR5uMIWyehi8cqLy9SVJoorkCEAN7z0ya/iBD/f2PTSKm
SUya92z4bWDOC9GvtdOEmMBlw+0ouMHZym/p/WHwRv8kJurcFGLXYYHRC0Z4IozP
ZDEpNXWpTD+JQHUwfjCz3bifi3B0V8GqWkdLCI2yqfZdkfQrm7t8XaacZd2V3MsK
YmgqjTw7QFKfUso=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:30:03 2025 by rpki-client