Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/o7HpkRe0_LI1a9hzjOB36sgafbA.roa
File: o7HpkRe0_LI1a9hzjOB36sgafbA.roa (raw, json)
Hash identifier: QTUSop48RiTsqE2gyRvX7jYY0vc7a2LFRq/oKAeN7Z0=
Subject key identifier: A3:B1:E9:91:17:B4:FC:B2:35:6B:D8:73:8C:E0:77:EA:C8:1A:7D:B0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189B70188BBED3C2503A50FE4AFF961DF08
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/o7HpkRe0_LI1a9hzjOB36sgafbA.roa
Signing time: Wed 02 Aug 2023 16:07:58 +0000
ROA not before: Wed 02 Aug 2023 16:07:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 82.153.65.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b7:01:88:bb:ed:3c:25:03:a5:0f:e4:af:f9:61:df:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 2 16:07:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3b1e99117b4fcb2356bd8738ce077eac81a7db0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:24:35:e1:ff:41:0c:aa:f3:0b:23:a3:e2:2e:
13:04:53:bc:a6:fd:95:d5:98:77:34:55:48:f5:10:
4b:0e:c9:b8:0a:b9:dc:2a:84:a5:11:78:82:83:5a:
c5:0c:22:ea:43:93:71:c6:e0:1f:15:c4:c3:97:31:
2c:ab:92:4b:f8:5b:b9:c8:3b:ea:ad:90:5e:80:23:
61:f3:ef:23:1f:3c:72:95:9f:e6:59:87:11:41:61:
4a:a6:7f:ac:e7:d9:db:28:4c:5a:fb:54:cd:0d:3e:
e8:55:df:29:4c:98:18:ae:ce:c9:b0:dd:36:a3:4f:
c0:51:76:f2:ca:d5:be:64:9c:6f:c0:97:7b:0c:61:
e0:b2:f0:df:ba:b3:22:fb:4b:f8:4f:cb:b0:aa:93:
6f:bd:cf:86:0b:c3:b6:d6:dc:8f:e2:f8:d4:11:d2:
0e:df:db:0f:c8:30:ed:1f:13:2c:00:16:08:38:57:
80:3e:03:a9:18:6b:97:72:41:9a:75:63:81:16:9b:
ae:03:41:27:62:fd:f5:1f:43:7d:d8:d9:86:59:e9:
99:d3:60:67:bd:34:ea:68:a3:cf:b4:b0:ae:5d:d0:
90:59:bd:bf:f5:30:13:1d:af:33:b4:d9:05:6e:30:
c1:0c:ef:18:63:56:6b:a1:ae:07:dd:21:8d:09:75:
57:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B1:E9:91:17:B4:FC:B2:35:6B:D8:73:8C:E0:77:EA:C8:1A:7D:B0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/o7HpkRe0_LI1a9hzjOB36sgafbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.65.0/24
82.153.220.0/24
Signature Algorithm: sha256WithRSAEncryption
16:42:11:79:5f:54:81:25:2f:e7:05:34:d4:ff:87:91:33:b2:
b8:d2:05:de:31:a2:65:db:c9:d3:5e:ad:88:80:dc:da:c3:fc:
a6:35:47:02:0a:90:d2:98:55:2a:28:1f:b7:82:a1:a9:2e:34:
89:f6:aa:91:25:16:a2:48:e7:dd:d8:3e:47:5d:de:cd:c0:b7:
61:45:c2:34:83:8d:c7:fc:be:9f:f3:9e:fb:2b:43:35:80:16:
ba:35:07:ed:87:c7:3c:ba:3f:c8:d7:91:f1:df:f8:be:ed:87:
bd:5f:89:f8:dd:c7:b6:88:04:cf:fb:21:a5:97:a2:f3:70:0a:
9f:5f:f0:de:63:0b:cc:b1:a2:85:00:d7:73:a2:e2:46:c6:01:
11:95:1e:ed:b3:fd:41:95:10:67:55:10:b3:1f:e3:f5:a1:9b:
a8:53:a5:88:9b:b8:6d:f2:a5:d3:93:18:17:92:96:fd:e0:b3:
36:8a:6d:38:4f:e3:fb:97:bb:62:06:c0:f9:4d:ca:6d:61:63:
89:4d:a0:84:65:ec:2b:81:34:ba:7f:e7:f5:63:c5:85:37:75:
a8:c2:93:f3:58:cc:f2:4a:f3:48:23:0b:e0:d9:17:43:c6:36:
aa:26:23:c9:98:4a:a8:86:23:a8:1a:88:bb:cf:6e:fd:fc:fd:
fb:d5:b4:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm3AYi77TwlA6UP5K/5Yd8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAyMTYwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2IxZTk5MTE3YjRmY2IyMzU2YmQ4NzM4Y2UwNzdlYWM4MWE3ZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSQ14f9BDKrzCyOj4i4TBFO8pv2V
1Zh3NFVI9RBLDsm4CrncKoSlEXiCg1rFDCLqQ5NxxuAfFcTDlzEsq5JL+Fu5yDvq
rZBegCNh8+8jHzxylZ/mWYcRQWFKpn+s59nbKExa+1TNDT7oVd8pTJgYrs7JsN02
o0/AUXbyytW+ZJxvwJd7DGHgsvDfurMi+0v4T8uwqpNvvc+GC8O21tyP4vjUEdIO
39sPyDDtHxMsABYIOFeAPgOpGGuXckGadWOBFpuuA0EnYv31H0N92NmGWemZ02Bn
vTTqaKPPtLCuXdCQWb2/9TATHa8ztNkFbjDBDO8YY1Zroa4H3SGNCXVXtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKOx6ZEXtPyyNWvYc4zgd+rIGn2wMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbzdIcGtSZTBfTEkxYTloempPQjM2c2dhZmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplBAwQA
UpncMA0GCSqGSIb3DQEBCwUAA4IBAQAWQhF5X1SBJS/nBTTU/4eRM7K40gXeMaJl
28nTXq2IgNzaw/ymNUcCCpDSmFUqKB+3gqGpLjSJ9qqRJRaiSOfd2D5HXd7NwLdh
RcI0g43H/L6f8577K0M1gBa6NQfth8c8uj/I15Hx3/i+7Ye9X4n43ce2iATP+yGl
l6LzcAqfX/DeYwvMsaKFANdzouJGxgERlR7ts/1BlRBnVRCzH+P1oZuoU6WIm7ht
8qXTkxgXkpb94LM2im04T+P7l7tiBsD5TcptYWOJTaCEZewrgTS6f+f1Y8WFN3Wo
wpPzWMzySvNIIwvg2RdDxjaqJiPJmEqohiOoGoi7z279/P371bTj
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:32 2025 by rpki-client