Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uDvspPJpiu9sAJkw2qjmI5Krl48.roa
File: uDvspPJpiu9sAJkw2qjmI5Krl48.roa (raw, json)
Hash identifier: gGJUQlp1s+b7VMxVDaDphiGtIbuCmhZuPFfL19tnDlI=
Subject key identifier: B8:3B:EC:A4:F2:69:8A:EF:6C:00:99:30:DA:A8:E6:23:92:AB:97:8F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AFA3E8DB07CDAF861A04B9504022BEAE4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uDvspPJpiu9sAJkw2qjmI5Krl48.roa
Signing time: Wed 04 Oct 2023 10:31:58 +0000
ROA not before: Wed 04 Oct 2023 10:31:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.140.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:3e:8d:b0:7c:da:f8:61:a0:4b:95:04:02:2b:ea:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 4 10:31:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b83beca4f2698aef6c009930daa8e62392ab978f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7a:bc:88:c4:4f:2b:5c:23:b9:45:19:91:28:
d2:57:ad:ed:d4:fe:fe:bd:03:5c:3a:db:82:db:05:
5f:9c:55:02:e2:fd:33:5a:3e:36:d4:65:c0:cf:9e:
8e:56:e8:ed:29:51:47:d2:e2:26:82:5e:57:ba:71:
6d:af:ee:d6:ac:a1:00:1d:43:c2:bf:0a:70:d1:80:
96:05:ed:37:7f:4b:b5:63:0c:cd:da:ce:a6:53:b5:
1e:19:f2:78:50:4a:03:48:72:c5:29:f9:6c:90:a0:
7f:c6:7e:2f:51:12:bd:68:78:4f:0e:c6:de:c3:14:
4d:cc:c4:d7:03:15:40:de:ea:42:f3:55:51:d0:e5:
91:95:07:fe:2a:5a:77:b9:54:d1:37:97:b7:30:71:
fa:e8:34:88:5e:9d:67:b9:6f:0e:fa:c9:78:3a:0c:
1e:38:e1:76:26:28:bc:97:a6:28:f3:86:8b:5e:f8:
85:0f:90:88:63:b6:78:58:45:62:e5:88:c1:de:09:
57:02:ca:0d:a1:df:7b:07:2b:2d:26:33:6b:88:5b:
96:b1:fa:63:25:ef:18:0b:40:0f:da:b2:f2:12:1d:
eb:96:20:c1:b7:fb:1e:cb:1b:86:fd:17:c3:96:fa:
b4:c9:12:fa:c2:39:0a:0f:12:fc:1d:ec:08:ec:90:
52:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:3B:EC:A4:F2:69:8A:EF:6C:00:99:30:DA:A8:E6:23:92:AB:97:8F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uDvspPJpiu9sAJkw2qjmI5Krl48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
82.152.252.0/23
82.152.255.0/24
82.153.137.0/24
82.153.139.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.240.0/24
82.153.249.0-82.153.250.255
89.213.136.0/24
Signature Algorithm: sha256WithRSAEncryption
84:d5:b2:c0:21:f3:68:7a:d8:65:04:4a:80:12:61:a0:46:67:
18:cf:5d:dd:ee:26:80:fd:2a:38:04:ea:5b:49:69:cf:9b:15:
53:ed:a3:96:d4:25:e1:9f:8b:a9:58:ca:14:c5:9e:80:e5:44:
68:d9:e1:5e:d4:d9:86:ea:87:fe:ad:4c:53:01:3e:09:8f:b1:
7d:e1:d4:37:67:8e:54:12:7b:4f:c4:55:91:cf:94:a2:c2:fd:
97:59:09:f2:8a:2e:cc:54:82:70:49:c8:07:73:d6:94:68:97:
15:26:44:11:c5:34:55:99:91:ed:21:3e:d3:71:64:1d:1a:1f:
06:ac:02:2d:cd:1f:dc:e7:2f:af:5b:e2:25:d5:a4:d9:5c:27:
a2:f8:d3:f7:30:4e:d7:35:84:c6:89:35:99:f7:f6:9b:f3:7e:
71:68:39:e3:af:19:ac:39:d4:c9:24:d7:7e:28:24:1f:16:f4:
d6:a6:97:b4:f2:86:d7:38:98:3e:2b:0e:4a:02:ae:5a:8e:69:
6d:bc:97:34:f7:17:0a:91:35:d7:e9:18:0a:f5:38:95:46:42:
09:f3:a8:b2:66:97:74:c9:5c:2f:ad:01:c7:55:d4:92:72:71:
30:7b:fa:89:b6:ea:2d:01:c0:59:38:d5:af:22:1e:8a:8a:13:
3e:00:e6:7a
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYr6Po2wfNr4YaBLlQQCK+rkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA0MTAzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODNiZWNhNGYyNjk4YWVmNmMwMDk5MzBkYWE4ZTYyMzkyYWI5NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXq8iMRPK1wjuUUZkSjSV63t1P7+
vQNcOtuC2wVfnFUC4v0zWj421GXAz56OVujtKVFH0uImgl5XunFtr+7WrKEAHUPC
vwpw0YCWBe03f0u1YwzN2s6mU7UeGfJ4UEoDSHLFKflskKB/xn4vURK9aHhPDsbe
wxRNzMTXAxVA3upC81VR0OWRlQf+Klp3uVTRN5e3MHH66DSIXp1nuW8O+sl4Ogwe
OOF2Jii8l6Yo84aLXviFD5CIY7Z4WEVi5YjB3glXAsoNod97BystJjNriFuWsfpj
Je8YC0AP2rLyEh3rliDBt/seyxuG/RfDlvq0yRL6wjkKDxL8HewI7JBSewIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLg77KTyaYrvbACZMNqo5iOSq5ePMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdUR2c3BQSnBpdTlzQUprdzJxam1JNUtybDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAUQWcAwQA
UagpAwQBUpj8AwQAUpj/AwQAUpmJMAwDBABSmYsDBABSmYwDBABSmd0DBABSmd8D
BABSmfAwDAMEAFKZ+QMEAFKZ+gMEAFnViDANBgkqhkiG9w0BAQsFAAOCAQEAhNWy
wCHzaHrYZQRKgBJhoEZnGM9d3e4mgP0qOATqW0lpz5sVU+2jltQl4Z+LqVjKFMWe
gOVEaNnhXtTZhuqH/q1MUwE+CY+xfeHUN2eOVBJ7T8RVkc+UosL9l1kJ8oouzFSC
cEnIB3PWlGiXFSZEEcU0VZmR7SE+03FkHRofBqwCLc0f3Ocvr1viJdWk2VwnovjT
9zBO1zWExok1mff2m/N+cWg5468ZrDnUySTXfigkHxb01qaXtPKG1ziYPisOSgKu
Wo5pbbyXNPcXCpE11+kYCvU4lUZCCfOosmaXdMlcL60Bx1XUknJxMHv6ibbqLQHA
WTjVryIeiooTPgDmeg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:23 2025 by rpki-client