Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xIByoRw7dV--Ij7WeMERtJUE100.roa
File: xIByoRw7dV--Ij7WeMERtJUE100.roa (raw, json)
Hash identifier: coZwRM6elzQ2W4ZIbXyokdhBc0njqgyIEdB1/6Fo8wk=
Subject key identifier: C4:80:72:A1:1C:3B:75:5F:BE:22:3E:D6:78:C1:11:B4:95:04:D7:4D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018945AB74391359372ABD0D6F7B4F5D108A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xIByoRw7dV--Ij7WeMERtJUE100.roa
Signing time: Tue 11 Jul 2023 15:56:51 +0000
ROA not before: Tue 11 Jul 2023 15:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
82.152.108.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.242.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:45:ab:74:39:13:59:37:2a:bd:0d:6f:7b:4f:5d:10:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 11 15:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c48072a11c3b755fbe223ed678c111b49504d74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:94:99:b6:1f:9f:a8:8d:3e:0e:af:7c:46:0e:
d0:ed:0e:44:60:f3:bf:0c:c6:8e:c7:48:d6:38:43:
ee:ce:59:a0:27:ec:90:2f:e4:29:23:b4:93:ba:47:
09:23:1c:fe:5f:01:69:84:4a:6a:3b:df:95:bb:6e:
a0:0b:4c:2a:ad:23:16:cc:ba:3a:1e:b2:9f:fd:f8:
26:b0:4c:f2:51:08:0d:0c:bd:b6:ff:ef:23:2a:ac:
06:95:ff:1a:fc:28:25:71:65:3d:6c:a6:9b:5a:0b:
a8:85:e3:1c:56:39:90:11:16:08:66:c2:9d:58:77:
e1:13:cc:f1:87:7c:69:56:4e:40:87:de:16:39:f9:
32:9d:93:d6:f2:2b:10:95:e8:e6:e0:c3:08:9e:4e:
fc:97:c9:04:50:c3:1b:40:dd:6b:2d:b9:17:a3:82:
24:37:04:d4:e0:0d:65:f4:22:73:35:70:07:77:d8:
42:d2:3e:4b:17:e8:20:d3:a5:0a:64:df:c9:b9:5b:
8d:f6:5b:c1:78:d2:f3:10:91:87:34:54:b3:3e:5e:
df:54:49:00:ca:5b:60:9d:ed:93:98:21:b9:8a:19:
55:c9:75:78:c7:4f:46:b3:58:fd:0d:02:7b:70:77:
2e:e3:ba:24:b7:e8:90:28:fa:90:99:06:58:9b:fc:
e6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:80:72:A1:1C:3B:75:5F:BE:22:3E:D6:78:C1:11:B4:95:04:D7:4D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xIByoRw7dV--Ij7WeMERtJUE100.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.119.0/24
81.168.123.0/24
82.152.108.0/24
82.152.111.0/24
82.152.252.0/23
82.153.73.0/24
82.153.136.0/22
82.153.223.0/24
82.153.242.0/24
82.153.246.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:96:d0:b3:c4:59:f2:51:47:63:5c:49:d4:94:1a:19:fb:e5:
61:55:bc:26:00:1f:11:d3:2e:e4:e6:d8:54:da:5a:18:20:93:
1d:06:ec:88:9f:f9:c4:80:34:f1:83:01:2b:0c:c0:43:58:14:
c5:b9:d9:f1:6b:66:d6:72:d3:ed:f6:59:79:c5:8a:32:69:d8:
bb:cf:d5:ac:77:63:9e:ef:04:b4:66:56:0f:af:54:b5:71:fe:
6a:36:18:05:f7:c7:d9:98:73:27:05:ff:09:d8:d6:22:39:28:
37:7c:b5:a8:27:43:ad:56:27:3a:a6:f1:47:db:0e:97:71:6e:
2c:48:5d:ee:25:ba:0d:7f:22:dd:dd:14:99:ce:cd:93:64:37:
ae:46:2d:5c:5c:70:21:05:84:e6:14:fb:84:a5:51:ee:fb:71:
b2:5a:c5:5c:5d:d0:ff:48:7d:98:a2:80:d3:9f:a6:f9:cb:2a:
2d:59:5d:d4:83:d4:f4:20:a3:e8:2c:f6:4b:44:52:b9:d8:ac:
af:4a:56:f7:55:44:eb:b8:f2:57:20:b3:6c:d8:9f:8a:ba:19:
82:05:39:36:ce:ac:17:9c:86:ad:17:b2:1e:ec:0b:87:bc:e2:
73:d4:32:72:c9:b6:89:f4:1a:44:80:12:92:07:b7:3b:49:a3:
9b:43:00:60
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYlFq3Q5E1k3Kr0Nb3tPXRCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzExMTU1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDgwNzJhMTFjM2I3NTVmYmUyMjNlZDY3OGMxMTFiNDk1MDRkNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ZSZth+fqI0+Dq98Rg7Q7Q5EYPO/
DMaOx0jWOEPuzlmgJ+yQL+QpI7STukcJIxz+XwFphEpqO9+Vu26gC0wqrSMWzLo6
HrKf/fgmsEzyUQgNDL22/+8jKqwGlf8a/CglcWU9bKabWguoheMcVjmQERYIZsKd
WHfhE8zxh3xpVk5Ah94WOfkynZPW8isQlejm4MMInk78l8kEUMMbQN1rLbkXo4Ik
NwTU4A1l9CJzNXAHd9hC0j5LF+gg06UKZN/JuVuN9lvBeNLzEJGHNFSzPl7fVEkA
yltgne2TmCG5ihlVyXV4x09Gs1j9DQJ7cHcu47okt+iQKPqQmQZYm/zmLwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMSAcqEcO3VfviI+1njBEbSVBNdNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveElCeW9SdzdkVi0tSWo3V2VNRVJ0SlVFMTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUQWcAwQA
Uah3AwQAUah7AwQAUphsAwQAUphvAwQBUpj8AwQAUplJAwQCUpmIAwQAUpnfAwQA
UpnyAwQAUpn2AwQBUpn4MA0GCSqGSIb3DQEBCwUAA4IBAQBdltCzxFnyUUdjXEnU
lBoZ++VhVbwmAB8R0y7k5thU2loYIJMdBuyIn/nEgDTxgwErDMBDWBTFudnxa2bW
ctPt9ll5xYoyadi7z9Wsd2Oe7wS0ZlYPr1S1cf5qNhgF98fZmHMnBf8J2NYiOSg3
fLWoJ0OtVic6pvFH2w6XcW4sSF3uJboNfyLd3RSZzs2TZDeuRi1cXHAhBYTmFPuE
pVHu+3GyWsVcXdD/SH2YooDTn6b5yyotWV3Ug9T0IKPoLPZLRFK52KyvSlb3VUTr
uPJXILNs2J+KuhmCBTk2zqwXnIatF7Ie7AuHvOJz1DJyybaJ9BpEgBKSB7c7SaOb
QwBg
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:34 2025 by rpki-client