Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLqT9zp3s3WqK586Re_1STjHbFI.roa
File: rLqT9zp3s3WqK586Re_1STjHbFI.roa (raw, json)
Hash identifier: pdYembeLDji/P3rPxvVhXbUqpe77kMcQAjOOy7Kx/x0=
Subject key identifier: AC:BA:93:F7:3A:77:B3:75:AA:2B:9F:3A:45:EF:F5:49:38:C7:6C:52
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018A6007498E3C22981F38CC7ADE79908252
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLqT9zp3s3WqK586Re_1STjHbFI.roa
Signing time: Mon 04 Sep 2023 11:50:04 +0000
ROA not before: Mon 04 Sep 2023 11:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 89.213.190.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:07:49:8e:3c:22:98:1f:38:cc:7a:de:79:90:82:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 4 11:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acba93f73a77b375aa2b9f3a45eff54938c76c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c5:d2:5d:59:9b:59:c0:42:43:56:6e:1a:0a:
b1:8b:c2:42:12:f9:8a:d1:f7:10:b8:a8:4b:a4:97:
20:ea:26:72:2d:c9:cd:d3:2e:ba:8d:36:1c:78:a3:
e3:c2:97:23:ba:3a:e3:7d:8a:47:31:d8:ef:cf:12:
92:2b:58:a6:c1:4f:b7:b3:a0:63:78:66:d0:21:84:
02:04:59:c8:a0:4c:bc:f6:91:4b:f3:a1:0f:4b:ac:
56:28:ed:53:fb:4e:a6:58:33:fa:b5:7e:ab:49:13:
d3:33:c4:a2:44:6f:4f:da:18:92:50:7b:2b:14:ae:
9f:5b:e1:9b:56:0b:d8:0a:f2:ed:fb:ee:7a:64:6e:
8c:ab:af:d2:b4:27:5a:88:21:55:b7:9e:e8:48:ac:
5d:b6:41:23:9c:09:48:50:7f:11:a0:95:eb:23:dc:
60:37:68:f6:a8:62:a2:d4:16:73:c3:cc:c9:05:23:
1a:22:c6:0e:f6:b9:61:69:d8:b0:a7:8d:76:bc:f2:
41:ba:20:fa:cd:30:be:75:c4:2e:51:03:62:c6:2f:
61:05:86:75:ca:a8:9c:61:5b:c6:40:26:be:c0:9c:
d2:4e:d4:ae:2d:8a:3b:03:0d:06:60:21:59:68:b4:
dc:ea:b2:a0:1f:58:84:f5:e3:0e:ae:21:27:da:a6:
c9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:BA:93:F7:3A:77:B3:75:AA:2B:9F:3A:45:EF:F5:49:38:C7:6C:52
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLqT9zp3s3WqK586Re_1STjHbFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.68.0/23
82.153.71.0-82.153.72.255
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.6.0/23
89.213.130.0/24
89.213.161.0/24
89.213.190.0/24
109.176.240.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
16:00:f9:ff:37:12:b8:41:38:7b:c4:d6:27:9b:4a:1d:cc:60:
22:42:d7:36:29:f1:f8:75:89:f7:2a:ec:b2:0d:83:3a:4a:e1:
82:7f:df:65:bf:43:ba:3a:98:64:07:99:d1:3f:5c:93:4e:66:
64:0c:1b:9d:64:14:d7:bb:7e:e6:21:58:95:b5:d4:6b:45:47:
8d:e4:77:60:7b:b9:24:99:8a:dc:e6:3f:c7:d2:1a:fc:8d:4a:
b4:e2:cd:80:24:31:48:0a:40:58:93:fb:57:6c:a3:70:55:7b:
e6:f7:c7:3f:94:77:22:67:9b:96:98:76:ca:74:b7:2c:4a:f4:
e5:d4:27:d3:27:5c:bc:77:8e:84:67:f7:33:70:14:7f:13:ae:
b6:17:45:5d:46:7b:49:4e:ce:ee:80:88:72:df:da:90:ba:60:
0c:03:c1:87:16:da:ff:05:7e:44:91:f4:20:00:0f:cf:2d:d8:
dd:b6:f8:75:58:e4:58:6a:01:f3:ef:f4:58:7e:b2:94:c7:e3:
4b:57:0c:6b:0e:19:c8:bc:e5:a0:88:69:94:e2:ee:32:d5:81:
c2:5b:aa:84:27:ce:a9:6f:e2:24:86:19:37:56:fa:04:4c:73:
81:e3:17:94:4c:0b:bc:4d:02:27:ee:2f:d0:1c:b0:f6:d4:05:
92:76:1d:e2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYpgB0mOPCKYHzjMet55kIJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTE1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2JhOTNmNzNhNzdiMzc1YWEyYjlmM2E0NWVmZjU0OTM4Yzc2YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisXSXVmbWcBCQ1ZuGgqxi8JCEvmK
0fcQuKhLpJcg6iZyLcnN0y66jTYceKPjwpcjujrjfYpHMdjvzxKSK1imwU+3s6Bj
eGbQIYQCBFnIoEy89pFL86EPS6xWKO1T+06mWDP6tX6rSRPTM8SiRG9P2hiSUHsr
FK6fW+GbVgvYCvLt++56ZG6Mq6/StCdaiCFVt57oSKxdtkEjnAlIUH8RoJXrI9xg
N2j2qGKi1BZzw8zJBSMaIsYO9rlhadiwp412vPJBuiD6zTC+dcQuUQNixi9hBYZ1
yqicYVvGQCa+wJzSTtSuLYo7Aw0GYCFZaLTc6rKgH1iE9eMOriEn2qbJaQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFKy6k/c6d7N1qiufOkXv9Uk4x2xSMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvckxxVDl6cDNzM1dxSzU4NlJlXzFTVGpIYkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBABR
Bb0DBABRqCMwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wME
AFKY/gMEAVKZRDAMAwQAUplHAwQAUplIAwQAUplPAwQAUpmEAwQAUpngAwQBWdUG
AwQAWdWCAwQAWdWhAwQAWdW+AwQAbbDwAwQAbbD3AwQAbbD7AwQAuTF8MA0GCSqG
SIb3DQEBCwUAA4IBAQAWAPn/NxK4QTh7xNYnm0odzGAiQtc2KfH4dYn3KuyyDYM6
SuGCf99lv0O6OphkB5nRP1yTTmZkDBudZBTXu37mIViVtdRrRUeN5Hdge7kkmYrc
5j/H0hr8jUq04s2AJDFICkBYk/tXbKNwVXvm98c/lHciZ5uWmHbKdLcsSvTl1CfT
J1y8d46EZ/czcBR/E662F0VdRntJTs7ugIhy39qQumAMA8GHFtr/BX5EkfQgAA/P
Ldjdtvh1WORYagHz7/RYfrKUx+NLVwxrDhnIvOWgiGmU4u4y1YHCW6qEJ86pb+Ik
hhk3VvoETHOB4xeUTAu8TQIn7i/QHLD21AWSdh3i
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:47 2025 by rpki-client