Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x7z25JJMWzUsDdHDouGMZ1d8ZnI.roa
File: x7z25JJMWzUsDdHDouGMZ1d8ZnI.roa (raw, json)
Hash identifier: r+gN88gBf5p82VNELmAEtV3YK9ATcKh1aI1BJei7vq8=
Subject key identifier: C7:BC:F6:E4:92:4C:5B:35:2C:0D:D1:C3:A2:E1:8C:67:57:7C:66:72
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01866E83825444EE3088890D76E78B722592
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x7z25JJMWzUsDdHDouGMZ1d8ZnI.roa
Signing time: Mon 20 Feb 2023 11:09:17 +0000
ROA not before: Mon 20 Feb 2023 11:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 82.153.73.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:83:82:54:44:ee:30:88:89:0d:76:e7:8b:72:25:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 20 11:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7bcf6e4924c5b352c0dd1c3a2e18c67577c6672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cf:07:15:24:c5:5e:bd:81:2a:61:be:05:dc:
6c:a8:63:ab:41:de:c4:2a:b4:f1:14:a4:96:32:32:
4f:84:58:0e:4f:dd:a1:a8:31:91:f7:e3:3d:9f:14:
f1:06:18:4f:84:ea:93:89:bc:62:86:4e:96:62:0e:
48:a6:68:e5:3e:e0:eb:77:21:bf:86:71:e8:1a:b2:
eb:19:39:e3:24:55:38:74:3a:dc:47:0d:99:26:ca:
b6:9a:e1:99:de:f2:72:a7:90:ea:db:62:92:b0:25:
7f:61:86:b3:3d:96:fd:7f:49:0b:8a:51:3b:38:df:
93:c8:f9:54:25:27:df:7d:6a:6e:1f:97:72:2c:2f:
a6:d2:b3:1c:57:45:f7:3d:19:d6:9f:d3:a7:3e:c8:
af:1b:74:e0:f5:e9:33:02:0c:15:d9:dc:d6:e2:da:
f9:67:c6:6d:7d:51:49:e2:ee:23:38:bb:45:59:76:
0b:a0:10:56:70:9e:33:4c:58:ab:27:36:3b:c3:56:
28:f6:7d:cf:ec:c5:77:ed:50:43:d6:5f:fb:52:66:
35:24:6c:b4:e9:6a:9a:d9:ab:b5:c1:a8:b5:b8:03:
d5:6d:48:a1:2d:8e:ff:b6:f4:28:93:66:ef:0a:50:
fe:aa:c1:3e:d0:8f:71:2f:07:2a:88:e8:18:11:f1:
8d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BC:F6:E4:92:4C:5B:35:2C:0D:D1:C3:A2:E1:8C:67:57:7C:66:72
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x7z25JJMWzUsDdHDouGMZ1d8ZnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.116.0/24
82.153.73.0/24
Signature Algorithm: sha256WithRSAEncryption
88:bb:d9:e0:67:e5:96:94:7a:61:88:b1:9d:ac:bb:c5:25:02:
ee:8b:65:53:34:da:28:69:12:ce:a0:2e:de:08:52:f3:71:ce:
8b:4f:d5:c1:95:24:25:03:5b:19:e0:8e:a2:86:bd:5d:d5:22:
13:07:d2:a4:c7:f1:e4:1b:ae:1c:7c:46:ec:40:9e:8b:b8:fe:
c4:dd:f8:9f:69:2d:2a:a3:70:a0:ed:04:ee:c1:ae:65:aa:37:
f9:6f:a9:07:10:82:e1:c4:22:58:1c:ae:2f:a9:92:72:79:f3:
ca:f9:db:71:47:d3:c7:9e:ae:d3:38:e9:cb:dd:5f:03:4e:92:
17:dd:c1:67:2d:25:b9:72:95:1d:40:56:1d:dd:23:4b:0b:98:
3a:87:b8:eb:a6:c3:38:72:0a:82:f6:2b:e1:c2:54:cb:94:a2:
cf:a2:ea:74:ea:95:4a:d1:43:69:ef:8b:81:92:2e:e3:4f:ed:
b8:11:2a:5f:f3:a4:8c:7c:4a:47:82:8b:c2:f3:33:e3:b9:fd:
db:9e:22:1f:62:39:df:fb:09:03:bd:c8:6d:7a:f4:0e:e2:56:
ab:ac:08:35:df:06:d9:71:5c:a9:b9:e3:e7:30:0d:c1:87:99:
e7:5c:11:63:15:63:3d:fa:4b:e3:5f:d8:61:4b:20:5e:9d:05:
a1:f0:a6:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZug4JURO4wiIkNdueLciWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjIwMTEwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JjZjZlNDkyNGM1YjM1MmMwZGQxYzNhMmUxOGM2NzU3N2M2NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo88HFSTFXr2BKmG+BdxsqGOrQd7E
KrTxFKSWMjJPhFgOT92hqDGR9+M9nxTxBhhPhOqTibxihk6WYg5IpmjlPuDrdyG/
hnHoGrLrGTnjJFU4dDrcRw2ZJsq2muGZ3vJyp5Dq22KSsCV/YYazPZb9f0kLilE7
ON+TyPlUJSfffWpuH5dyLC+m0rMcV0X3PRnWn9OnPsivG3Tg9ekzAgwV2dzW4tr5
Z8ZtfVFJ4u4jOLtFWXYLoBBWcJ4zTFirJzY7w1Yo9n3P7MV37VBD1l/7UmY1JGy0
6Wqa2au1wai1uAPVbUihLY7/tvQok2bvClD+qsE+0I9xLwcqiOgYEfGNUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMe89uSSTFs1LA3Rw6LhjGdXfGZyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveDd6MjVKSk1XelVzRGRIRG91R01aMWQ4Wm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah0AwQA
UplJMA0GCSqGSIb3DQEBCwUAA4IBAQCIu9ngZ+WWlHphiLGdrLvFJQLui2VTNNoo
aRLOoC7eCFLzcc6LT9XBlSQlA1sZ4I6ihr1d1SITB9Kkx/HkG64cfEbsQJ6LuP7E
3fifaS0qo3Cg7QTuwa5lqjf5b6kHEILhxCJYHK4vqZJyefPK+dtxR9PHnq7TOOnL
3V8DTpIX3cFnLSW5cpUdQFYd3SNLC5g6h7jrpsM4cgqC9ivhwlTLlKLPoup06pVK
0UNp74uBki7jT+24ESpf86SMfEpHgovC8zPjuf3bniIfYjnf+wkDvchtevQO4lar
rAg13wbZcVypuePnMA3Bh5nnXBFjFWM9+kvjX9hhSyBenQWh8KYx
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:09 2025 by rpki-client