Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZoaTfY-Iy6jwfwdybmKcGi_Ci4.roa
File: oZoaTfY-Iy6jwfwdybmKcGi_Ci4.roa (raw, json)
Hash identifier: Z/OVawc9ZXYH/Lc0/wc/Gh6d3XCDmOu7g58ugZ/Qe9U=
Subject key identifier: A1:9A:1A:4D:F6:3E:23:2E:A3:C1:FC:1D:C9:B9:8A:70:68:BF:0A:2E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01888A921F258822D7DD6FA86FE96423F26A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZoaTfY-Iy6jwfwdybmKcGi_Ci4.roa
Signing time: Mon 05 Jun 2023 08:00:12 +0000
ROA not before: Mon 05 Jun 2023 08:00:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:92:1f:25:88:22:d7:dd:6f:a8:6f:e9:64:23:f2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 5 08:00:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a19a1a4df63e232ea3c1fc1dc9b98a7068bf0a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:24:36:0e:a1:67:e1:fb:9e:27:b6:38:9a:41:
cf:33:76:07:08:00:6a:e0:61:b8:97:f0:c7:7a:83:
ce:de:ef:38:e3:e1:1b:7c:c8:ba:35:12:0c:0b:cd:
c8:20:53:60:b1:78:36:2b:dd:8b:a6:dc:71:bb:2f:
43:53:2f:84:89:d6:05:f5:ca:74:16:bb:9b:a5:fe:
b6:ec:0d:9e:77:9f:bb:5e:af:3b:6c:0f:00:30:a0:
09:b1:cb:f0:d7:62:fb:41:7e:08:e7:13:00:66:24:
41:f5:6b:e4:cc:7a:03:5c:28:9b:f4:2a:02:f5:35:
5f:c7:a6:6d:68:57:68:70:c4:4e:f4:69:cc:49:6f:
6b:00:33:d7:8a:76:6a:22:fb:33:d2:22:ad:70:ab:
d0:e4:f9:57:60:f8:3f:64:c3:e3:5c:46:83:61:b3:
e0:7b:95:c8:b6:b8:e8:b1:80:e8:2c:26:f8:a4:62:
53:b1:37:63:9a:de:0f:ee:9a:11:33:86:32:23:93:
48:40:aa:85:9b:af:92:66:6a:e5:1a:13:bb:6a:49:
d0:ab:69:ef:6c:9f:24:37:f9:39:96:ad:36:16:b6:
21:a0:d8:1d:32:31:d2:0a:ab:cf:6c:bc:87:9e:f4:
a1:db:f1:b5:b6:2e:b6:aa:fd:74:c8:84:ec:4a:2a:
80:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9A:1A:4D:F6:3E:23:2E:A3:C1:FC:1D:C9:B9:8A:70:68:BF:0A:2E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oZoaTfY-Iy6jwfwdybmKcGi_Ci4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.174.0/23
82.153.208.0/22
Signature Algorithm: sha256WithRSAEncryption
78:6b:52:68:93:dd:fb:4f:2c:cf:d5:0b:c1:2b:9a:12:cf:d1:
37:3d:ef:91:db:e7:62:f1:8c:99:e3:ef:3c:58:7d:39:ed:a6:
3d:c4:31:c7:bd:fe:93:0f:e6:84:70:f2:09:2f:6a:74:ee:e6:
4c:94:7c:e2:47:02:9c:43:37:98:22:fe:8c:ec:fc:ba:b6:38:
05:07:8f:8f:3d:c2:dc:42:75:ba:1c:89:8b:cb:aa:2f:18:a8:
f8:16:59:e1:da:57:fc:c8:1d:51:b0:c9:7a:0f:87:93:c7:da:
19:82:ea:05:4e:53:5a:10:f0:0a:32:63:ef:54:6f:c4:e8:c7:
68:81:85:58:eb:b0:7f:51:ef:78:34:04:db:b4:59:9b:5b:b0:
a8:42:57:ef:6a:da:30:f4:77:85:9b:44:d0:ff:8b:da:49:f6:
21:75:90:a1:f0:21:b9:05:d4:c3:60:b9:e8:e5:86:64:b7:b5:
0c:1b:9e:fa:1f:90:4e:da:71:d3:3c:5b:1c:70:1f:10:e7:cb:
c4:f4:2d:58:2e:c3:c3:bb:2e:c9:51:d5:87:b7:59:3e:ad:52:
1e:53:49:cc:87:61:05:e7:5e:00:a7:1f:ef:aa:0d:00:27:b3:
47:f7:e3:1f:a7:a2:10:43:df:cd:89:d8:87:02:e9:be:64:1f:
17:63:77:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiKkh8liCLX3W+ob+lkI/JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTlhMWE0ZGY2M2UyMzJlYTNjMWZjMWRjOWI5OGE3MDY4YmYwYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliQ2DqFn4fueJ7Y4mkHPM3YHCABq
4GG4l/DHeoPO3u844+EbfMi6NRIMC83IIFNgsXg2K92Lptxxuy9DUy+EidYF9cp0
Frubpf627A2ed5+7Xq87bA8AMKAJscvw12L7QX4I5xMAZiRB9WvkzHoDXCib9CoC
9TVfx6ZtaFdocMRO9GnMSW9rADPXinZqIvsz0iKtcKvQ5PlXYPg/ZMPjXEaDYbPg
e5XItrjosYDoLCb4pGJTsTdjmt4P7poRM4YyI5NIQKqFm6+SZmrlGhO7aknQq2nv
bJ8kN/k5lq02FrYhoNgdMjHSCqvPbLyHnvSh2/G1ti62qv10yITsSiqA0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKGaGk32PiMuo8H8Hcm5inBovwouMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb1pvYVRmWS1JeTZqd2Z3ZHlibUtjR2lfQ2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpiuAwQC
UpnQMA0GCSqGSIb3DQEBCwUAA4IBAQB4a1Jok937TyzP1QvBK5oSz9E3Pe+R2+di
8YyZ4+88WH057aY9xDHHvf6TD+aEcPIJL2p07uZMlHziRwKcQzeYIv6M7Py6tjgF
B4+PPcLcQnW6HImLy6ovGKj4Flnh2lf8yB1RsMl6D4eTx9oZguoFTlNaEPAKMmPv
VG/E6MdogYVY67B/Ue94NATbtFmbW7CoQlfvatow9HeFm0TQ/4vaSfYhdZCh8CG5
BdTDYLno5YZkt7UMG576H5BO2nHTPFsccB8Q58vE9C1YLsPDuy7JUdWHt1k+rVIe
U0nMh2EF514Apx/vqg0AJ7NH9+Mfp6IQQ9/NidiHAum+ZB8XY3cg
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:44 2025 by rpki-client