Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZB9vR_kj5pBGlGSWwDv6Ut3_lM.roa
File: oZB9vR_kj5pBGlGSWwDv6Ut3_lM.roa (raw, json)
Hash identifier: K1a2BGpL1geMaXS382X88QtGvxNppcLOPIuxwMbTU6M=
Subject key identifier: A1:90:7D:BD:1F:E4:8F:9A:41:1A:51:92:5B:00:EF:E9:4B:77:FE:53
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189EF84B603A3CD3F5D36D575F6CD8DB69A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZB9vR_kj5pBGlGSWwDv6Ut3_lM.roa
Signing time: Sun 13 Aug 2023 15:29:59 +0000
ROA not before: Sun 13 Aug 2023 15:29:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 82.152.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ef:84:b6:03:a3:cd:3f:5d:36:d5:75:f6:cd:8d:b6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 13 15:29:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1907dbd1fe48f9a411a51925b00efe94b77fe53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fe:79:89:4c:46:43:8f:83:bd:16:15:db:19:
3c:b4:50:9e:91:4a:b3:3c:ab:81:92:05:23:85:dd:
c0:f5:49:c0:e1:a8:eb:a9:f4:95:fe:c9:75:3a:f0:
df:40:93:3d:bb:f8:de:eb:6d:53:11:b1:71:1a:0f:
a1:40:b7:84:30:23:2f:04:23:d9:fd:99:fb:19:19:
5c:56:21:d3:4f:73:26:73:b1:ef:e7:c9:61:46:36:
bf:da:20:94:78:84:9e:78:37:4e:2d:df:40:98:00:
b0:16:74:bd:86:09:66:ea:36:4b:a3:14:f2:c2:88:
cd:ec:4b:d3:28:d6:30:48:46:9f:4a:83:64:56:b8:
b7:54:1d:a2:4e:2e:93:98:16:53:27:cb:5a:6c:73:
2d:22:e9:13:00:52:20:02:18:cf:e9:48:7b:43:b8:
9e:2c:b3:a9:1c:5f:f9:af:87:35:15:1b:7f:24:7f:
2c:81:7b:38:d8:73:61:85:15:fe:c7:08:f0:3a:5c:
f3:3d:96:f9:6c:e5:92:b8:78:f3:25:39:45:97:8a:
f3:27:90:4f:f0:37:20:97:0b:3a:3a:72:61:99:7d:
d8:f1:fd:10:af:96:63:d4:78:99:55:5d:e7:1f:2d:
74:56:b3:40:1c:f6:4b:62:97:84:09:98:00:09:a4:
c9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:90:7D:BD:1F:E4:8F:9A:41:1A:51:92:5B:00:EF:E9:4B:77:FE:53
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZB9vR_kj5pBGlGSWwDv6Ut3_lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.178.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ff:bb:f5:73:e7:66:e4:71:be:61:d4:38:26:51:71:45:d0:
f7:04:60:0b:a0:06:c6:d6:e5:32:97:a2:21:ca:b4:64:30:8d:
64:32:22:01:79:57:6f:54:5d:5c:44:78:88:da:93:7d:82:e1:
9e:23:43:9b:43:05:3a:fc:83:b2:2d:e4:20:a8:63:03:33:6c:
8f:39:96:64:66:ce:ef:83:fc:ed:43:87:17:c5:b9:e0:91:b3:
11:c1:fb:07:49:9e:31:75:ec:0b:06:c0:be:9d:18:af:f5:f9:
e0:ba:ba:8d:54:cb:6c:58:58:ee:07:9e:4e:12:a5:99:c8:d6:
94:bd:29:08:40:56:26:8d:e6:23:bd:4c:67:1e:cd:ca:44:5b:
6f:73:58:2c:49:39:bb:db:b5:75:40:39:11:b0:f6:62:37:43:
f2:2c:e2:47:8c:da:5a:29:9e:5a:ef:aa:c9:c1:a9:4b:d3:22:
c6:25:2d:2f:72:a8:c2:4e:07:2c:ea:bd:54:71:2d:2a:65:dd:
b8:a6:96:0f:1f:18:b3:c9:8f:13:7f:bd:82:88:fe:d5:2e:d0:
19:a7:7d:81:7f:ea:8d:28:a3:63:5d:ba:ca:d3:b0:83:a0:a0:
5a:41:82:c9:5a:e2:a5:0d:e7:60:9a:ef:ac:4c:43:4e:5c:26:
7d:10:eb:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnvhLYDo80/XTbVdfbNjbaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODEzMTUyOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTkwN2RiZDFmZTQ4ZjlhNDExYTUxOTI1YjAwZWZlOTRiNzdmZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP55iUxGQ4+DvRYV2xk8tFCekUqz
PKuBkgUjhd3A9UnA4ajrqfSV/sl1OvDfQJM9u/je621TEbFxGg+hQLeEMCMvBCPZ
/Zn7GRlcViHTT3Mmc7Hv58lhRja/2iCUeISeeDdOLd9AmACwFnS9hglm6jZLoxTy
wojN7EvTKNYwSEafSoNkVri3VB2iTi6TmBZTJ8tabHMtIukTAFIgAhjP6Uh7Q7ie
LLOpHF/5r4c1FRt/JH8sgXs42HNhhRX+xwjwOlzzPZb5bOWSuHjzJTlFl4rzJ5BP
8Dcglws6OnJhmX3Y8f0Qr5Zj1HiZVV3nHy10VrNAHPZLYpeECZgACaTJkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGQfb0f5I+aQRpRklsA7+lLd/5TMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb1pCOXZSX2tqNXBCR2xHU1d3RHY2VXQzX2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpiyMA0G
CSqGSIb3DQEBCwUAA4IBAQBV/7v1c+dm5HG+YdQ4JlFxRdD3BGALoAbG1uUyl6Ih
yrRkMI1kMiIBeVdvVF1cRHiI2pN9guGeI0ObQwU6/IOyLeQgqGMDM2yPOZZkZs7v
g/ztQ4cXxbngkbMRwfsHSZ4xdewLBsC+nRiv9fngurqNVMtsWFjuB55OEqWZyNaU
vSkIQFYmjeYjvUxnHs3KRFtvc1gsSTm727V1QDkRsPZiN0PyLOJHjNpaKZ5a76rJ
walL0yLGJS0vcqjCTgcs6r1UcS0qZd24ppYPHxizyY8Tf72CiP7VLtAZp32Bf+qN
KKNjXbrK07CDoKBaQYLJWuKlDedgmu+sTENOXCZ9EOs/
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:55 2025 by rpki-client