Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oj58K-s0CcBqDYjoV6u_YOt2Izs.roa
File: oj58K-s0CcBqDYjoV6u_YOt2Izs.roa (raw, json)
Hash identifier: q5aUNxSkeJb6ntTM1s371DvzSbzqkBAAzo0vMBgh3uI=
Subject key identifier: A2:3E:7C:2B:EB:34:09:C0:6A:0D:88:E8:57:AB:BF:60:EB:76:23:3B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01884282724C60B18BDC5AAA7D5ABAA87074
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oj58K-s0CcBqDYjoV6u_YOt2Izs.roa
Signing time: Mon 22 May 2023 08:10:25 +0000
ROA not before: Mon 22 May 2023 08:10:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142111
IP address blocks: 82.153.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:82:72:4c:60:b1:8b:dc:5a:aa:7d:5a:ba:a8:70:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 22 08:10:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a23e7c2beb3409c06a0d88e857abbf60eb76233b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b8:a4:a9:3e:69:43:e2:35:fe:33:5a:f1:a1:
14:74:4b:bd:37:fe:d7:bf:6e:06:a1:93:1a:77:2b:
94:63:2b:ca:81:38:65:8a:61:4f:ab:4a:6c:2c:8f:
02:9e:6f:9b:6f:aa:0a:cc:ce:bf:df:fc:28:10:5c:
24:44:6d:e2:f0:f4:4b:c8:38:54:1c:a3:a9:87:5e:
21:a2:05:41:d0:c5:f8:fe:15:dd:e2:1b:2b:83:0a:
9b:d6:37:c2:05:48:15:e5:e7:38:e0:90:29:e7:b9:
ac:fa:85:01:91:ac:3e:9e:ac:b0:a0:a8:3c:cc:37:
3c:1e:b6:8c:16:b8:ae:c0:db:47:4c:0e:cf:c2:dd:
4e:77:5d:a7:56:b3:6e:f6:6d:60:4b:47:60:b7:3a:
6f:3d:23:82:d4:44:37:7f:5a:81:b4:68:90:95:57:
eb:35:de:c8:1e:ba:9a:45:f7:57:2d:cd:6d:fe:a3:
99:85:f9:0e:ae:99:18:f4:50:c4:49:c1:1b:8c:2d:
1e:ae:5c:0a:fe:0f:59:2c:9e:f8:7b:0d:4e:46:06:
19:dd:56:a4:6c:9e:9d:d2:15:0b:8d:c7:e2:5d:a1:
18:78:be:d8:7e:b9:c8:5e:d5:30:69:eb:c8:6c:07:
17:1e:8f:66:f4:46:a5:5e:cc:34:c4:64:ab:76:f5:
c4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3E:7C:2B:EB:34:09:C0:6A:0D:88:E8:57:AB:BF:60:EB:76:23:3B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oj58K-s0CcBqDYjoV6u_YOt2Izs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.10.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:dc:fd:d6:aa:66:86:5e:dd:45:27:78:86:4b:1f:96:0c:5e:
52:58:2f:f4:42:5e:79:79:51:07:a6:95:8a:33:ff:5b:5a:fc:
20:fa:43:c1:2d:01:e6:92:e1:5c:f8:f0:bd:fa:cc:2c:17:5f:
84:46:d7:03:96:91:f2:65:14:eb:70:dd:ec:37:c4:26:d2:b7:
89:90:72:35:3a:42:ed:13:5c:9b:27:3d:0f:33:e0:ec:73:a1:
5a:38:c2:d5:40:ef:7d:a8:7d:f6:69:29:02:82:ef:93:d6:07:
6e:6e:bb:b2:d7:e2:38:1e:11:ca:93:55:7d:f8:ac:e7:61:24:
c4:43:31:39:ad:67:72:4e:6a:93:8c:92:b8:ee:88:65:d8:3d:
87:9c:e2:17:6c:83:4d:21:54:4f:3d:bc:b1:96:32:56:42:45:
45:e7:16:e1:aa:4c:3b:33:76:fd:04:b2:06:01:9d:d5:e1:05:
5e:86:57:7e:0f:90:3c:7e:dd:ca:77:85:b5:20:4f:5e:24:45:
7d:cd:27:d5:07:12:97:07:05:2d:a7:bd:11:15:68:23:21:7d:
80:ad:a3:1d:f8:80:df:da:98:c1:6f:42:9f:22:34:27:f5:ce:
e2:70:00:bb:15:b2:3b:cc:c7:e1:4b:6f:a0:e1:24:72:25:cc:
3c:c4:30:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhCgnJMYLGL3FqqfVq6qHB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTIyMDgxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNlN2MyYmViMzQwOWMwNmEwZDg4ZTg1N2FiYmY2MGViNzYyMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrikqT5pQ+I1/jNa8aEUdEu9N/7X
v24GoZMadyuUYyvKgThlimFPq0psLI8Cnm+bb6oKzM6/3/woEFwkRG3i8PRLyDhU
HKOph14hogVB0MX4/hXd4hsrgwqb1jfCBUgV5ec44JAp57ms+oUBkaw+nqywoKg8
zDc8HraMFriuwNtHTA7Pwt1Od12nVrNu9m1gS0dgtzpvPSOC1EQ3f1qBtGiQlVfr
Nd7IHrqaRfdXLc1t/qOZhfkOrpkY9FDEScEbjC0erlwK/g9ZLJ74ew1ORgYZ3Vak
bJ6d0hULjcfiXaEYeL7YfrnIXtUwaevIbAcXHo9m9EalXsw0xGSrdvXEWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKI+fCvrNAnAag2I6Ferv2DrdiM7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb2o1OEstczBDY0JxRFlqb1Y2dV9ZT3QySXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkKMA0G
CSqGSIb3DQEBCwUAA4IBAQBq3P3WqmaGXt1FJ3iGSx+WDF5SWC/0Ql55eVEHppWK
M/9bWvwg+kPBLQHmkuFc+PC9+swsF1+ERtcDlpHyZRTrcN3sN8Qm0reJkHI1OkLt
E1ybJz0PM+Dsc6FaOMLVQO99qH32aSkCgu+T1gdubruy1+I4HhHKk1V9+KznYSTE
QzE5rWdyTmqTjJK47ohl2D2HnOIXbINNIVRPPbyxljJWQkVF5xbhqkw7M3b9BLIG
AZ3V4QVehld+D5A8ft3Kd4W1IE9eJEV9zSfVBxKXBwUtp70RFWgjIX2AraMd+IDf
2pjBb0KfIjQn9c7icAC7FbI7zMfhS2+g4SRyJcw8xDDn
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:19 2025 by rpki-client