Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wLqXDZrQT74W1kQ89NTkXvVBiSw.roa
File: wLqXDZrQT74W1kQ89NTkXvVBiSw.roa (raw, json)
Hash identifier: GLTJNQr0P8nYBNOxA5ssM4U+EbPJ7YKKHXYLxxGVHaI=
Subject key identifier: C0:BA:97:0D:9A:D0:4F:BE:16:D6:44:3C:F4:D4:E4:5E:F5:41:89:2C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01885337C8BD82457038737F6386063CDEEA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wLqXDZrQT74W1kQ89NTkXvVBiSw.roa
Signing time: Thu 25 May 2023 14:02:24 +0000
ROA not before: Thu 25 May 2023 14:02:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.65.0/24 maxlen: 24
82.153.70.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.153.64.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.153.208.0/24 maxlen: 24
82.153.209.0/24 maxlen: 24
82.153.210.0/24 maxlen: 24
82.153.211.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.4.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:37:c8:bd:82:45:70:38:73:7f:63:86:06:3c:de:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 25 14:02:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0ba970d9ad04fbe16d6443cf4d4e45ef541892c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d3:6f:8d:e6:79:a8:b7:d1:e8:f3:1a:ae:89:
4d:84:5e:04:d9:22:19:08:ea:f4:ba:8e:bc:47:7f:
5d:eb:1f:d7:5f:21:8d:0a:9f:be:8f:aa:d5:71:6f:
a7:72:e6:7d:7a:1b:78:9c:c4:09:1b:7f:7d:89:c7:
33:dc:54:84:8e:fa:50:a9:80:1a:77:bd:96:70:5f:
3a:80:fa:69:b1:63:5a:a4:fa:18:da:7c:15:3a:a0:
a7:b1:ae:33:cf:e6:6d:15:8a:17:41:e0:bd:8e:c1:
60:2c:98:46:4d:e5:c2:08:97:00:c7:6c:16:6b:db:
13:ca:82:b8:ce:a0:17:a1:07:d9:74:d1:72:9d:ce:
d1:72:4a:99:82:26:1c:f5:ef:bd:14:74:54:ef:22:
25:81:53:9c:1c:ec:cc:79:f5:45:12:b9:85:d8:ad:
6c:4d:ae:99:9d:d5:b7:b2:70:ef:23:7c:f1:d4:ca:
6a:66:f7:42:87:4b:03:dc:16:6a:7e:33:18:90:01:
d6:40:de:18:c0:65:76:b6:ce:b6:84:cb:b5:68:b3:
ea:71:27:a9:ad:da:67:07:42:90:cc:86:88:3a:9d:
89:91:5b:cb:63:52:ae:f6:08:67:1e:85:89:f5:3d:
6b:98:26:7e:e6:84:c9:9d:1d:c6:53:9a:0c:9b:3e:
f2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BA:97:0D:9A:D0:4F:BE:16:D6:44:3C:F4:D4:E4:5E:F5:41:89:2C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wLqXDZrQT74W1kQ89NTkXvVBiSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.152.174.0/23
82.152.249.0/24
82.152.251.0/24
82.152.253.0-82.152.255.255
82.153.4.0/24
82.153.64.0/23
82.153.70.0/24
82.153.73.0/24
82.153.208.0/22
82.153.222.0/24
82.153.246.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
73:ef:b7:89:45:e4:0f:25:1f:e3:a9:7f:09:38:c3:fa:d6:fa:
8a:3f:a8:ed:2f:86:6a:9b:82:49:6e:ec:b1:3a:a8:50:7b:14:
03:0a:cd:16:41:0f:86:85:b5:15:ff:c0:9b:02:87:98:dd:a0:
29:89:5e:93:5d:5e:17:25:e7:af:36:02:c2:34:e1:92:38:5a:
15:da:de:ce:4f:92:2b:95:35:c8:24:05:69:fb:58:06:2f:b3:
46:be:08:c4:24:99:50:d3:ed:dd:d5:a8:41:8a:f8:6b:70:52:
cb:75:17:71:9e:2c:67:db:ab:0c:3e:7f:65:06:5a:18:1d:40:
5b:7d:c7:c8:cd:62:99:00:8a:cc:61:df:e8:82:3d:b3:1d:2e:
7c:dc:35:62:02:de:37:06:2d:a9:6c:6a:d3:a0:01:cf:e3:60:
fd:66:e2:fc:aa:12:73:02:33:f2:57:fd:b8:f9:28:e2:fa:8b:
89:ea:5f:bf:4e:ed:5e:2f:d2:5f:84:f6:e0:a2:7f:0b:df:79:
bc:44:8e:5a:09:f1:73:2f:5e:41:b2:71:89:a8:b9:65:21:e0:
6d:59:58:e1:c9:1f:fe:b9:58:a3:23:09:fd:35:6a:77:00:d9:
c8:35:40:b1:aa:4c:d4:b2:25:af:4c:64:cd:74:a5:1e:56:a2:
2f:6d:b2:c3
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYhTN8i9gkVwOHN/Y4YGPN7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTI1MTQwMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGJhOTcwZDlhZDA0ZmJlMTZkNjQ0M2NmNGQ0ZTQ1ZWY1NDE4OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9NvjeZ5qLfR6PMarolNhF4E2SIZ
COr0uo68R39d6x/XXyGNCp++j6rVcW+ncuZ9eht4nMQJG399iccz3FSEjvpQqYAa
d72WcF86gPppsWNapPoY2nwVOqCnsa4zz+ZtFYoXQeC9jsFgLJhGTeXCCJcAx2wW
a9sTyoK4zqAXoQfZdNFync7RckqZgiYc9e+9FHRU7yIlgVOcHOzMefVFErmF2K1s
Ta6ZndW3snDvI3zx1MpqZvdCh0sD3BZqfjMYkAHWQN4YwGV2ts62hMu1aLPqcSep
rdpnB0KQzIaIOp2JkVvLY1Ku9ghnHoWJ9T1rmCZ+5oTJnR3GU5oMmz7ySwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFMC6lw2a0E++FtZEPPTU5F71QYksMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd0xxWERaclFUNzRXMWtRODlOVGtYdlZCaVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAATBbAwQAUah3AwQA
Uah7AwQBUpiuAwQAUpj5AwQAUpj7MAsDBABSmP0DAwBSmAMEAFKZBAMEAVKZQAME
AFKZRgMEAFKZSQMEAlKZ0AMEAFKZ3gMEAFKZ9gMEAVKZ+DANBgkqhkiG9w0BAQsF
AAOCAQEAc++3iUXkDyUf46l/CTjD+tb6ij+o7S+GapuCSW7ssTqoUHsUAwrNFkEP
hoW1Ff/AmwKHmN2gKYlek11eFyXnrzYCwjThkjhaFdrezk+SK5U1yCQFaftYBi+z
Rr4IxCSZUNPt3dWoQYr4a3BSy3UXcZ4sZ9urDD5/ZQZaGB1AW33HyM1imQCKzGHf
6II9sx0ufNw1YgLeNwYtqWxq06ABz+Ng/Wbi/KoScwIz8lf9uPko4vqLiepfv07t
Xi/SX4T24KJ/C995vESOWgnxcy9eQbJxiai5ZSHgbVlY4ckf/rlYoyMJ/TVqdwDZ
yDVAsapM1LIlr0xkzXSlHlaiL22yww==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:20 2025 by rpki-client