Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vF3M0sfDvmMWFqnuKiQn5ARGMR8.roa
File: vF3M0sfDvmMWFqnuKiQn5ARGMR8.roa (raw, json)
Hash identifier: DI9dHnuJM8ev1CTfPfFXUb7eSJTrvoAri7UqMjEkGvI=
Subject key identifier: BC:5D:CC:D2:C7:C3:BE:63:16:16:A9:EE:2A:24:27:E4:04:46:31:1F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018A5FF4F93D7431623207FF09D5261ED8A6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vF3M0sfDvmMWFqnuKiQn5ARGMR8.roa
Signing time: Mon 04 Sep 2023 11:30:04 +0000
ROA not before: Mon 04 Sep 2023 11:30:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 89.213.186.0/23 maxlen: 24
82.152.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:f4:f9:3d:74:31:62:32:07:ff:09:d5:26:1e:d8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 4 11:30:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc5dccd2c7c3be631616a9ee2a2427e40446311f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:69:d3:48:99:a9:26:2d:76:74:44:d0:97:
e2:37:6b:de:a1:d1:10:f3:e9:7c:c9:b5:80:f1:d8:
d4:1a:f0:f4:b4:1c:f4:1a:9f:c8:0f:4f:f9:17:4f:
08:ae:3d:bc:5b:5d:21:12:3b:1a:51:ab:3b:39:59:
94:c2:08:b1:ac:48:e6:42:ca:06:22:fe:51:f9:83:
10:22:6a:52:76:45:dd:dc:a4:bb:46:37:de:b2:35:
69:9b:17:08:e6:52:4d:ed:cc:2b:c7:33:7f:bd:62:
89:9e:b9:23:34:d1:68:63:ff:86:a8:5c:04:1e:37:
48:53:69:41:17:a2:c3:2e:2a:55:35:17:8c:df:dd:
f0:77:7d:b7:87:54:8b:b1:69:d4:d9:29:c2:d4:d9:
f3:af:45:e3:e6:8c:29:50:8d:c0:db:90:81:8c:90:
f7:5f:8a:cb:d5:0f:0b:3c:72:b2:fb:89:a8:95:8f:
ad:33:4d:29:ee:60:ca:ec:88:08:62:43:a9:07:d5:
20:76:d8:4e:23:04:da:f2:09:31:c1:36:1b:a9:66:
7d:46:c5:fe:f6:1e:f4:31:c4:3c:5b:22:7a:09:53:
4c:11:d0:c7:2f:e3:e4:7e:29:69:fa:29:e6:67:41:
19:6b:97:6a:53:95:18:c0:80:94:50:e9:d1:ca:12:
5a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5D:CC:D2:C7:C3:BE:63:16:16:A9:EE:2A:24:27:E4:04:46:31:1F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vF3M0sfDvmMWFqnuKiQn5ARGMR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.178.0/24
89.213.186.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:a8:5a:e8:65:a3:36:d8:16:86:81:b1:c8:6c:41:b6:c3:91:
52:ea:3e:dc:8e:26:73:0b:70:3f:57:0b:41:11:95:ae:90:b7:
1c:37:27:2c:13:95:91:d5:04:2f:ea:d3:5f:af:50:61:eb:48:
03:2c:93:5a:79:d1:5d:59:d0:2d:39:28:37:24:e8:40:b3:58:
a2:0b:42:13:bc:42:5e:ac:63:54:23:1b:6c:20:f2:8e:d1:d8:
2c:40:c7:de:8f:c5:e9:bf:04:19:67:5b:05:4d:54:e9:9a:95:
9a:a7:b9:0a:fd:4c:65:12:dc:12:2e:76:46:ff:1c:4f:56:58:
d8:bd:e9:aa:57:fd:72:cf:24:6f:a8:68:94:9d:02:72:4c:46:
bd:88:fa:7b:a1:cf:8e:2e:f6:a3:00:0f:cd:e7:3b:f5:59:76:
cd:62:fa:5e:11:5f:7d:83:99:44:79:83:31:a5:2a:47:d6:f3:
e8:9e:97:86:c9:cc:ed:5b:97:b3:aa:5f:97:99:68:5b:86:a3:
09:f0:6f:c9:91:6f:c4:12:94:41:40:d9:ee:f0:52:76:09:36:
89:b1:9c:6e:5f:e7:cd:91:08:5d:84:00:d9:72:d1:a7:56:de:
6c:71:a3:98:ed:46:6a:80:d5:0c:43:e0:27:45:a0:45:74:26:
95:88:42:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpf9Pk9dDFiMgf/CdUmHtimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTEzMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVkY2NkMmM3YzNiZTYzMTYxNmE5ZWUyYTI0MjdlNDA0NDYzMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ9p00iZqSYtdnRE0JfiN2veodEQ
8+l8ybWA8djUGvD0tBz0Gp/ID0/5F08Irj28W10hEjsaUas7OVmUwgixrEjmQsoG
Iv5R+YMQImpSdkXd3KS7RjfesjVpmxcI5lJN7cwrxzN/vWKJnrkjNNFoY/+GqFwE
HjdIU2lBF6LDLipVNReM393wd323h1SLsWnU2SnC1Nnzr0Xj5owpUI3A25CBjJD3
X4rL1Q8LPHKy+4molY+tM00p7mDK7IgIYkOpB9UgdthOIwTa8gkxwTYbqWZ9RsX+
9h70McQ8WyJ6CVNMEdDHL+Pkfilp+inmZ0EZa5dqU5UYwICUUOnRyhJaWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLxdzNLHw75jFhap7iokJ+QERjEfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdkYzTTBzZkR2bU1XRnFudUtpUW41QVJHTVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpiyAwQB
WdW6MA0GCSqGSIb3DQEBCwUAA4IBAQAdqFroZaM22BaGgbHIbEG2w5FS6j7cjiZz
C3A/VwtBEZWukLccNycsE5WR1QQv6tNfr1Bh60gDLJNaedFdWdAtOSg3JOhAs1ii
C0ITvEJerGNUIxtsIPKO0dgsQMfej8XpvwQZZ1sFTVTpmpWap7kK/UxlEtwSLnZG
/xxPVljYvemqV/1yzyRvqGiUnQJyTEa9iPp7oc+OLvajAA/N5zv1WXbNYvpeEV99
g5lEeYMxpSpH1vPonpeGycztW5ezql+XmWhbhqMJ8G/JkW/EEpRBQNnu8FJ2CTaJ
sZxuX+fNkQhdhADZctGnVt5scaOY7UZqgNUMQ+AnRaBFdCaViEKZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:34 2025 by rpki-client