Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSQjbkRJotOl4-8IzGAWh585_Q8.roa
File: pSQjbkRJotOl4-8IzGAWh585_Q8.roa (raw, json)
Hash identifier: mhtycZrVslCQrHMIf4OijF7s+yDxjVmtr+0FcdVP94M=
Subject key identifier: A5:24:23:6E:44:49:A2:D3:A5:E3:EF:08:CC:60:16:87:9F:39:FD:0F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018A6103F7B80A14353EE263AF6DEC92E5A0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSQjbkRJotOl4-8IzGAWh585_Q8.roa
Signing time: Mon 04 Sep 2023 16:26:04 +0000
ROA not before: Mon 04 Sep 2023 16:26:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.168.41.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
109.176.245.0/24 maxlen: 24
109.176.246.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
109.176.250.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.249.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.174.0/24 maxlen: 24
89.213.179.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.177.0/24 maxlen: 24
89.213.178.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
109.176.209.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
89.213.138.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.135.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.149.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.158.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.172.0/24 maxlen: 24
89.213.170.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
89.213.5.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:61:03:f7:b8:0a:14:35:3e:e2:63:af:6d:ec:92:e5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 4 16:26:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a524236e4449a2d3a5e3ef08cc6016879f39fd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:82:a5:eb:9f:9e:37:c6:f1:fe:7d:24:5e:8e:
04:0e:5d:30:db:2e:b9:d7:26:c7:0a:41:30:b6:a1:
b6:7c:13:4b:2f:e4:ab:0d:33:a9:c6:cc:8a:06:c9:
3a:d5:97:38:56:c1:b6:50:9b:89:88:89:ae:ad:35:
95:be:b0:19:c8:3c:e3:db:a0:af:33:0e:98:b9:04:
f1:17:c5:2f:da:da:5b:be:3d:e7:ca:c4:a8:68:65:
66:c6:a9:15:26:15:ef:45:80:a4:32:92:01:fe:db:
df:84:8b:b5:59:57:b7:2c:98:13:21:a4:2e:f3:89:
34:59:96:72:de:64:de:1e:e7:d8:da:a7:c2:f4:4e:
02:40:9e:b0:94:fc:f1:89:bb:c6:fc:ea:f3:c9:87:
63:4b:39:af:ab:34:d2:42:60:2a:31:73:98:a7:26:
31:a8:b0:89:40:a1:87:6f:f8:fe:ec:42:76:0f:56:
44:b0:ea:07:ab:ec:a4:6f:df:61:c0:01:28:a9:4f:
f7:20:91:73:6e:97:40:7f:de:69:8e:31:86:a6:30:
9f:d1:00:89:14:cc:00:c0:42:b0:f8:b0:cd:9e:85:
b2:2f:b4:bc:01:3b:13:fa:75:f9:ff:e0:44:9f:be:
8a:f9:8d:ab:72:67:6f:7a:4b:09:21:dd:d4:5a:54:
9b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:24:23:6E:44:49:A2:D3:A5:E3:EF:08:CC:60:16:87:9F:39:FD:0F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSQjbkRJotOl4-8IzGAWh585_Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.225.0/24
82.153.227.0/24
82.153.240.0/24
82.153.249.0-82.153.250.255
89.213.5.0/24
89.213.133.0-89.213.139.255
89.213.141.0/24
89.213.145.0/24
89.213.149.0-89.213.158.255
89.213.160.0/24
89.213.162.0-89.213.164.255
89.213.167.0-89.213.168.255
89.213.170.0/24
89.213.172.0-89.213.174.255
89.213.176.0-89.213.185.255
89.213.188.0/23
109.176.208.0/23
109.176.211.0/24
109.176.216.0/21
109.176.245.0-109.176.246.255
109.176.248.0-109.176.250.255
185.49.125.0-185.49.127.255
213.152.42.0/24
213.152.61.0/24
Signature Algorithm: sha256WithRSAEncryption
65:1e:6f:9b:97:db:ab:f9:82:4d:50:71:67:c6:59:f0:49:ab:
02:dc:8c:d6:f7:47:92:0a:e6:56:fb:75:b5:7b:a9:3d:d7:62:
1d:a0:1a:08:29:f2:e7:96:2d:7e:9e:c6:da:40:70:7c:2f:52:
79:a5:ac:0e:0f:12:ed:fc:ee:8f:82:0a:ab:14:14:4b:af:5c:
79:d5:88:a7:a2:6c:d4:17:b5:9a:7e:b2:e1:4e:8d:14:cc:58:
d8:00:a9:3d:cf:6d:63:94:4d:7d:32:31:5d:1a:0d:d9:ed:62:
ec:14:80:30:ed:22:f8:c0:69:87:58:98:c8:62:eb:e2:9a:77:
a9:37:60:99:1e:3e:90:5a:7e:2d:78:d2:30:8e:db:a3:85:19:
59:94:eb:cd:d8:c2:d2:32:10:fe:4c:a9:94:4f:44:a7:ce:5d:
74:29:14:e9:60:2f:b2:63:47:52:b5:54:24:69:3f:01:bf:5b:
80:91:9f:a8:8f:bf:81:50:31:c5:63:29:25:d4:06:76:24:59:
6a:1e:03:bc:f0:06:e9:13:f9:a3:e0:d5:d1:69:08:2a:60:61:
68:61:6f:76:f0:4b:5e:32:96:5d:27:c6:aa:1d:0f:a6:06:1b:
e2:a1:9a:d7:49:34:8c:05:db:01:83:a8:31:d0:20:e0:12:2b:
e0:8f:71:d5
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAYphA/e4ChQ1PuJjr23skuWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTYyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI0MjM2ZTQ0NDlhMmQzYTVlM2VmMDhjYzYwMTY4NzlmMzlmZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oKl65+eN8bx/n0kXo4EDl0w2y65
1ybHCkEwtqG2fBNLL+SrDTOpxsyKBsk61Zc4VsG2UJuJiImurTWVvrAZyDzj26Cv
Mw6YuQTxF8Uv2tpbvj3nysSoaGVmxqkVJhXvRYCkMpIB/tvfhIu1WVe3LJgTIaQu
84k0WZZy3mTeHufY2qfC9E4CQJ6wlPzxibvG/OrzyYdjSzmvqzTSQmAqMXOYpyYx
qLCJQKGHb/j+7EJ2D1ZEsOoHq+ykb99hwAEoqU/3IJFzbpdAf95pjjGGpjCf0QCJ
FMwAwEKw+LDNnoWyL7S8ATsT+nX5/+BEn76K+Y2rcmdveksJId3UWlSb/QIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFKUkI25ESaLTpePvCMxgFoefOf0PMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcFNRamJrUkpvdE9sNC04SXpHQVdoNTg1X1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnhAwQAUpnjAwQAUpnwMAwDBABSmfkDBABSmfoDBABZ1QUwDAMEAFnVhQMEAlnV
iAMEAFnVjQMEAFnVkTAMAwQAWdWVAwQAWdWeAwQAWdWgMAwDBAFZ1aIDBABZ1aQw
DAMEAFnVpwMEAFnVqAMEAFnVqjAMAwQCWdWsAwQAWdWuMAwDBARZ1bADBAFZ1bgD
BAFZ1bwDBAFtsNADBABtsNMDBANtsNgwDAMEAG2w9QMEAG2w9jAMAwQDbbD4AwQA
bbD6MAwDBAC5MX0DBAe5MQADBADVmCoDBADVmD0wDQYJKoZIhvcNAQELBQADggEB
AGUeb5uX26v5gk1QcWfGWfBJqwLcjNb3R5IK5lb7dbV7qT3XYh2gGggp8ueWLX6e
xtpAcHwvUnmlrA4PEu387o+CCqsUFEuvXHnViKeibNQXtZp+suFOjRTMWNgAqT3P
bWOUTX0yMV0aDdntYuwUgDDtIvjAaYdYmMhi6+Kad6k3YJkePpBafi140jCO26OF
GVmU683YwtIyEP5MqZRPRKfOXXQpFOlgL7JjR1K1VCRpPwG/W4CRn6iPv4FQMcVj
KSXUBnYkWWoeA7zwBukT+aPg1dFpCCpgYWhhb3bwS14yll0nxqodD6YGG+KhmtdJ
NIwF2wGDqDHQIOASK+CPcdU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:44 2025 by rpki-client