Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uLKNPvumlJdK9bs5R59tFwutgbQ.roa
File: uLKNPvumlJdK9bs5R59tFwutgbQ.roa (raw, json)
Hash identifier: oRQnVeGKUBzYq8iF2iPoNfVDDIFg2JHiLvhfBP6Qw4Q=
Subject key identifier: B8:B2:8D:3E:FB:A6:94:97:4A:F5:BB:39:47:9F:6D:17:0B:AD:81:B4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018823902674D22604BF59A38EBDA99CB772
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uLKNPvumlJdK9bs5R59tFwutgbQ.roa
Signing time: Tue 16 May 2023 07:57:09 +0000
ROA not before: Tue 16 May 2023 07:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 82.153.136.0/22 maxlen: 22
82.153.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:90:26:74:d2:26:04:bf:59:a3:8e:bd:a9:9c:b7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 16 07:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8b28d3efba694974af5bb39479f6d170bad81b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d2:d6:09:c1:e1:e9:8b:c0:8c:33:cc:1f:d5:
b6:cd:14:dd:00:c8:5a:cd:35:25:1a:76:16:8d:a5:
6c:6e:f9:71:76:fc:82:3e:66:e2:68:d8:4a:0f:4d:
bf:36:40:d2:b3:1e:c3:91:48:ab:80:f7:2a:c5:ea:
a0:a7:99:2e:42:b0:8f:ab:4c:09:92:8e:fc:26:b6:
4d:4a:f4:36:89:af:53:2b:5f:78:73:bc:d8:ee:5e:
da:ed:29:e8:2d:3d:85:9e:36:03:db:ea:4a:26:76:
74:33:8b:ce:e6:f3:11:97:30:24:9b:5d:fa:7d:8c:
c0:cc:50:7d:8f:87:bd:fd:21:4c:26:f1:dd:fa:44:
5d:f7:40:25:74:5b:09:fd:28:52:e8:34:b0:e7:4a:
97:40:62:ed:8d:05:ee:86:be:ff:0f:9e:7b:32:5f:
0c:7c:5a:0e:9e:89:98:fe:f0:f1:a0:9b:c2:0b:70:
65:83:8e:59:15:f0:e3:fd:6b:15:fa:71:76:e4:2f:
bb:af:90:92:76:13:3d:8d:68:11:84:7f:8d:ec:3f:
d5:2c:4e:6a:59:f2:5f:80:9f:c0:c8:7b:c5:d6:b0:
81:a3:bc:b3:5e:78:5f:49:38:49:0d:11:a2:93:76:
ff:51:f8:1a:dd:71:16:9f:23:56:42:04:b7:91:1d:
61:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B2:8D:3E:FB:A6:94:97:4A:F5:BB:39:47:9F:6D:17:0B:AD:81:B4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uLKNPvumlJdK9bs5R59tFwutgbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.136.0/22
82.153.248.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c2:9e:04:d8:96:11:2c:f8:b7:4f:b1:64:66:2f:5d:ae:65:
0d:06:42:c5:ce:95:77:7a:32:02:5c:4f:db:c2:8a:bb:ab:1f:
7f:65:8b:d0:a0:c1:7c:01:f4:ab:0a:19:2a:31:b6:17:98:8e:
92:b3:5c:18:c3:f3:14:1a:91:d3:a3:c6:19:92:39:06:3b:43:
ce:8a:40:aa:41:54:4b:08:fd:f8:32:fb:bd:47:f0:9e:c5:5f:
a0:34:20:ba:fa:51:b2:cb:23:e7:a6:57:6c:87:3a:c9:a1:a9:
1c:2d:57:10:7b:94:bd:81:5a:5a:0e:df:0b:e5:5b:ee:cd:df:
98:94:cd:b6:f6:6e:9e:38:a6:8d:f1:d1:7b:be:3e:8e:85:c2:
81:ef:eb:3b:c0:c3:7a:96:24:7e:c5:b3:d2:7e:ad:8c:15:02:
00:a7:0b:a6:74:8f:56:69:63:c7:1b:f9:ba:e5:8f:71:c6:e4:
83:03:24:95:fa:4e:2e:9f:f6:cb:2c:b2:3b:9b:dc:40:05:a1:
40:c6:be:ad:8e:f1:78:e0:5e:1c:c9:1d:9f:16:cd:ed:cc:06:
95:2b:46:ef:39:bd:0f:df:5d:68:14:1a:3a:1e:e3:a1:51:71:
b0:1c:f3:78:1f:4a:05:0d:ce:d4:4e:a0:13:cd:d6:f4:96:b2:
da:38:72:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgjkCZ00iYEv1mjjr2pnLdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTE2MDc1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIyOGQzZWZiYTY5NDk3NGFmNWJiMzk0NzlmNmQxNzBiYWQ4MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdLWCcHh6YvAjDPMH9W2zRTdAMha
zTUlGnYWjaVsbvlxdvyCPmbiaNhKD02/NkDSsx7DkUirgPcqxeqgp5kuQrCPq0wJ
ko78JrZNSvQ2ia9TK194c7zY7l7a7SnoLT2FnjYD2+pKJnZ0M4vO5vMRlzAkm136
fYzAzFB9j4e9/SFMJvHd+kRd90AldFsJ/ShS6DSw50qXQGLtjQXuhr7/D557Ml8M
fFoOnomY/vDxoJvCC3Blg45ZFfDj/WsV+nF25C+7r5CSdhM9jWgRhH+N7D/VLE5q
WfJfgJ/AyHvF1rCBo7yzXnhfSThJDRGik3b/Ufga3XEWnyNWQgS3kR1hYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLiyjT77ppSXSvW7OUefbRcLrYG0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdUxLTlB2dW1sSmRLOWJzNVI1OXRGd3V0Z2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUpmIAwQA
Upn4MA0GCSqGSIb3DQEBCwUAA4IBAQBQwp4E2JYRLPi3T7FkZi9drmUNBkLFzpV3
ejICXE/bwoq7qx9/ZYvQoMF8AfSrChkqMbYXmI6Ss1wYw/MUGpHTo8YZkjkGO0PO
ikCqQVRLCP34Mvu9R/CexV+gNCC6+lGyyyPnpldshzrJoakcLVcQe5S9gVpaDt8L
5Vvuzd+YlM229m6eOKaN8dF7vj6OhcKB7+s7wMN6liR+xbPSfq2MFQIApwumdI9W
aWPHG/m65Y9xxuSDAySV+k4un/bLLLI7m9xABaFAxr6tjvF44F4cyR2fFs3tzAaV
K0bvOb0P311oFBo6HuOhUXGwHPN4H0oFDc7UTqATzdb0lrLaOHJn
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:40 2025 by rpki-client