Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p76miMVcIsvDIM_xNHACzXtnsTA.roa
File: p76miMVcIsvDIM_xNHACzXtnsTA.roa (raw, json)
Hash identifier: LVQyb8kgC01On8OQn/GI9HOPGBeTBx4tkZKyf9dHzTE=
Subject key identifier: A7:BE:A6:88:C5:5C:22:CB:C3:20:CF:F1:34:70:02:CD:7B:67:B1:30
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018770656FE8C60A1ADC9467F56C4916E562
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p76miMVcIsvDIM_xNHACzXtnsTA.roa
Signing time: Tue 11 Apr 2023 12:58:28 +0000
ROA not before: Tue 11 Apr 2023 12:58:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 82.153.245.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:65:6f:e8:c6:0a:1a:dc:94:67:f5:6c:49:16:e5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 11 12:58:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7bea688c55c22cbc320cff1347002cd7b67b130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d9:d6:95:27:12:ac:72:2d:12:1e:25:7e:5b:
c5:bd:82:bb:33:43:1f:31:4e:4f:15:f7:a4:36:79:
71:ab:e2:ac:b8:30:7d:d7:ad:d6:1d:20:78:ba:76:
6f:0f:6a:fa:d9:24:14:63:8c:ee:8b:6d:99:19:ac:
b8:ab:83:73:6d:ac:24:f1:ab:a6:f7:fb:8f:43:82:
a7:08:df:7b:f3:a3:e7:bb:ad:7d:de:bb:32:e7:ba:
3e:b2:75:4b:cb:36:ad:1b:08:80:c9:28:54:b2:12:
7f:d6:23:ff:34:c1:4a:17:53:03:13:17:2e:b5:19:
42:2d:0d:19:61:c3:2a:79:a0:6d:c4:25:2b:31:83:
42:9f:72:49:f0:9a:65:12:61:a3:2e:42:02:21:5a:
df:13:80:3f:bf:ba:c9:91:49:54:28:38:1b:20:14:
0e:58:1f:9e:c2:13:ce:7c:67:8e:e3:c8:77:a0:34:
a2:ee:fe:65:d8:66:3a:52:c8:9c:55:c7:a2:78:93:
8a:ac:38:2e:ec:78:d1:9a:cd:68:ae:3e:d2:6d:d0:
86:9b:1f:1b:fb:96:85:51:2e:7b:90:16:b1:01:63:
c3:d2:b9:d6:79:29:2d:fd:84:29:c0:73:39:0e:88:
8a:ad:a5:9b:20:2c:03:f2:4d:b4:96:98:94:2c:7f:
91:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:BE:A6:88:C5:5C:22:CB:C3:20:CF:F1:34:70:02:CD:7B:67:B1:30
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/p76miMVcIsvDIM_xNHACzXtnsTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.123.0/24
82.153.245.0/24
Signature Algorithm: sha256WithRSAEncryption
08:96:7c:12:74:f6:48:70:94:ba:74:78:4f:fd:9c:9f:2c:bd:
38:c0:86:e3:cd:92:c3:5a:b9:4e:ad:dc:6c:14:39:81:5c:81:
22:47:48:a8:93:d2:0d:66:8a:94:06:34:dd:95:76:83:59:f3:
3c:c1:21:e1:99:ce:6e:b7:5c:2e:ee:46:18:e0:f7:80:33:bf:
76:1b:36:a6:f3:d9:a6:71:0b:b1:50:b2:66:04:8f:e5:0f:8d:
93:1d:3f:da:fa:3e:dd:2b:41:99:a6:55:57:1d:eb:5a:be:b2:
0c:1c:b8:d5:80:7f:a0:f5:d2:7f:17:09:62:50:08:4e:82:19:
9a:6e:08:17:78:47:dd:c5:91:0b:cf:3c:fa:68:e8:d3:36:e7:
9e:e9:70:86:43:35:17:fb:a7:d0:d7:7e:28:f2:2c:dc:37:85:
77:e2:7c:ae:cc:00:9e:00:d0:13:38:79:42:e5:3a:e4:25:d3:
7b:98:1d:86:46:07:b5:f9:50:4f:87:30:f0:1f:2d:11:17:f6:
21:12:e5:1c:02:24:c9:68:92:a2:25:c1:7a:70:49:bd:ce:77:
31:ec:6c:d1:1b:8a:11:6b:f0:d8:5c:dd:94:9d:28:52:5e:25:
65:3e:b8:45:f1:07:d0:f8:82:dc:9f:e2:5a:90:82:cb:69:55:
a4:4b:f3:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdwZW/oxgoa3JRn9WxJFuViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDExMTI1ODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2JlYTY4OGM1NWMyMmNiYzMyMGNmZjEzNDcwMDJjZDdiNjdiMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttnWlScSrHItEh4lflvFvYK7M0Mf
MU5PFfekNnlxq+KsuDB9163WHSB4unZvD2r62SQUY4zui22ZGay4q4Nzbawk8aum
9/uPQ4KnCN9786Pnu6193rsy57o+snVLyzatGwiAyShUshJ/1iP/NMFKF1MDExcu
tRlCLQ0ZYcMqeaBtxCUrMYNCn3JJ8JplEmGjLkICIVrfE4A/v7rJkUlUKDgbIBQO
WB+ewhPOfGeO48h3oDSi7v5l2GY6UsicVceieJOKrDgu7HjRms1orj7SbdCGmx8b
+5aFUS57kBaxAWPD0rnWeSkt/YQpwHM5DoiKraWbICwD8k20lpiULH+RewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKe+pojFXCLLwyDP8TRwAs17Z7EwMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcDc2bWlNVmNJc3ZESU1feE5IQUN6WHRuc1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah7AwQA
Upn1MA0GCSqGSIb3DQEBCwUAA4IBAQAIlnwSdPZIcJS6dHhP/ZyfLL04wIbjzZLD
WrlOrdxsFDmBXIEiR0iok9INZoqUBjTdlXaDWfM8wSHhmc5ut1wu7kYY4PeAM792
Gzam89mmcQuxULJmBI/lD42THT/a+j7dK0GZplVXHetavrIMHLjVgH+g9dJ/Fwli
UAhOghmabggXeEfdxZELzzz6aOjTNuee6XCGQzUX+6fQ134o8izcN4V34nyuzACe
ANATOHlC5TrkJdN7mB2GRge1+VBPhzDwHy0RF/YhEuUcAiTJaJKiJcF6cEm9zncx
7GzRG4oRa/DYXN2UnShSXiVlPrhF8QfQ+ILcn+JakILLaVWkS/P5
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:30 2025 by rpki-client