Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKrXZqruslB-r67qjXcTeiNKiIU.roa
File: tKrXZqruslB-r67qjXcTeiNKiIU.roa (raw, json)
Hash identifier: pGNmWrOIEdZ75iTzOlgVGUtD/HlYW/jkQjh54ez6Uu0=
Subject key identifier: B4:AA:D7:66:AA:EE:B2:50:7E:AF:AE:EA:8D:77:13:7A:23:4A:88:85
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0182C4977313FBB33994E7ECA8A3EF3CC637
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKrXZqruslB-r67qjXcTeiNKiIU.roa
Signing time: Mon 22 Aug 2022 08:07:15 +0000
ROA not before: Mon 22 Aug 2022 08:07:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 82.153.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:97:73:13:fb:b3:39:94:e7:ec:a8:a3:ef:3c:c6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 22 08:07:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4aad766aaeeb2507eafaeea8d77137a234a8885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b5:00:12:5d:c8:1a:44:74:c4:e9:1d:00:03:
7f:59:97:10:ac:75:cb:fd:87:0b:ad:2c:26:06:40:
fa:fe:ef:b7:ba:f3:e0:f5:69:ab:e6:ce:46:eb:eb:
d4:03:09:98:7b:c9:9a:0a:d6:87:9a:e3:85:e4:67:
12:2f:d8:65:20:c3:12:8e:f5:72:2b:03:59:36:27:
7c:5c:55:80:d1:66:08:ca:29:70:6b:35:88:d1:25:
5a:2b:c2:9d:b2:7b:2f:98:84:33:19:71:eb:1a:8a:
3f:28:ca:18:29:cd:78:e0:68:65:c0:dd:c0:f9:0c:
76:ce:d8:7f:6a:d1:c4:6f:9d:15:07:ae:d7:80:02:
12:bd:8d:b5:8d:9f:e4:0f:48:36:82:84:b5:e5:a1:
b0:3f:4c:2f:6c:b3:7e:9e:f1:cb:21:ef:bc:dd:81:
cd:61:a2:de:6e:39:6d:57:aa:a3:f8:f3:6a:8b:66:
c7:81:21:bf:dc:13:d3:f5:1b:41:3d:4f:ec:3e:de:
ce:5b:3f:83:2f:d2:65:6c:98:4f:ce:9a:79:27:23:
44:43:35:60:36:73:39:b4:be:79:f1:a5:f9:e0:4d:
bc:29:8a:e8:d3:a4:3e:5a:24:5e:8f:ff:ec:7b:ed:
2c:b9:e9:21:ee:dc:00:36:55:a9:fc:ae:65:11:e0:
d5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AA:D7:66:AA:EE:B2:50:7E:AF:AE:EA:8D:77:13:7A:23:4A:88:85
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKrXZqruslB-r67qjXcTeiNKiIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:8e:09:5d:8b:0c:8a:d1:fa:c7:14:a7:3a:c6:37:e2:d7:8b:
5e:07:51:81:f5:bd:f3:f2:12:c0:b9:c1:d6:1d:72:7d:6a:59:
fe:53:44:ad:20:a1:1a:7c:3e:24:4f:78:d0:35:cb:07:00:a1:
df:12:37:99:54:b6:4f:a0:10:d9:ca:8d:86:5a:ed:6f:6b:82:
4c:95:aa:b4:64:e0:0e:73:49:ef:13:5d:f1:9b:75:f9:3b:90:
f2:f5:f9:e5:b2:b9:83:04:12:3b:7e:d7:31:82:eb:38:c2:11:
71:d9:bd:22:c5:63:a0:b5:a1:eb:6b:7b:50:02:42:f1:2b:cd:
2e:37:50:e3:e7:a4:c6:75:5e:7b:ac:5c:6f:81:7d:42:f5:ed:
ae:e3:3b:e3:60:62:ef:bf:91:85:5a:12:65:c0:97:d0:c1:13:
64:1e:7f:78:01:ed:57:c0:d9:2b:e3:a8:ac:09:55:ed:13:04:
e1:ea:43:76:0d:00:ae:ba:29:94:de:c0:cc:06:44:f9:70:b7:
fc:3f:99:6b:1b:24:a2:4a:e7:ae:8c:a5:14:23:26:14:d3:f8:
5e:31:02:16:a3:a1:23:e7:b7:da:d4:76:e3:27:cc:5d:00:f9:
a6:cd:a1:22:5d:28:84:5e:a3:a5:8c:4c:d8:49:4a:ab:f6:a9:
08:eb:20:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLEl3MT+7M5lOfsqKPvPMY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwODIyMDgwNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFhZDc2NmFhZWViMjUwN2VhZmFlZWE4ZDc3MTM3YTIzNGE4ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLUAEl3IGkR0xOkdAAN/WZcQrHXL
/YcLrSwmBkD6/u+3uvPg9Wmr5s5G6+vUAwmYe8maCtaHmuOF5GcSL9hlIMMSjvVy
KwNZNid8XFWA0WYIyilwazWI0SVaK8KdsnsvmIQzGXHrGoo/KMoYKc144GhlwN3A
+Qx2zth/atHEb50VB67XgAISvY21jZ/kD0g2goS15aGwP0wvbLN+nvHLIe+83YHN
YaLebjltV6qj+PNqi2bHgSG/3BPT9RtBPU/sPt7OWz+DL9JlbJhPzpp5JyNEQzVg
NnM5tL558aX54E28KYro06Q+WiRej//se+0suekh7twANlWp/K5lEeDVyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSq12aq7rJQfq+u6o13E3ojSoiFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdEtyWFpxcnVzbEItcjY3cWpYY1RlaU5LaUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn5MA0G
CSqGSIb3DQEBCwUAA4IBAQAqjgldiwyK0frHFKc6xjfi14teB1GB9b3z8hLAucHW
HXJ9aln+U0StIKEafD4kT3jQNcsHAKHfEjeZVLZPoBDZyo2GWu1va4JMlaq0ZOAO
c0nvE13xm3X5O5Dy9fnlsrmDBBI7ftcxgus4whFx2b0ixWOgtaHra3tQAkLxK80u
N1Dj56TGdV57rFxvgX1C9e2u4zvjYGLvv5GFWhJlwJfQwRNkHn94Ae1XwNkr46is
CVXtEwTh6kN2DQCuuimU3sDMBkT5cLf8P5lrGySiSueujKUUIyYU0/heMQIWo6Ej
57fa1HbjJ8xdAPmmzaEiXSiEXqOljEzYSUqr9qkI6yBE
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:08 2025 by rpki-client