Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/y1D9hL4Hea7yaXt30P9tPO36SnY.roa
File: y1D9hL4Hea7yaXt30P9tPO36SnY.roa (raw, json)
Hash identifier: mDe230ee3m8AFDEwk7MU4CHwCadIkc5T/m5yCPQylKM=
Subject key identifier: CB:50:FD:84:BE:07:79:AE:F2:69:7B:77:D0:FF:6D:3C:ED:FA:4A:76
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BADF15B606E0CC0E7622139921A96F0C4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/y1D9hL4Hea7yaXt30P9tPO36SnY.roa
Signing time: Wed 08 Nov 2023 07:59:17 +0000
ROA not before: Wed 08 Nov 2023 07:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 89.213.43.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:f1:5b:60:6e:0c:c0:e7:62:21:39:92:1a:96:f0:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 8 07:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb50fd84be0779aef2697b77d0ff6d3cedfa4a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:63:f5:bb:f5:84:83:fb:db:40:26:dc:0b:ee:
47:2e:55:6c:5a:66:1b:d2:ff:f8:26:74:66:7a:53:
45:35:59:f4:5a:7f:e2:3c:43:b2:a7:2c:49:a7:39:
51:2b:56:f7:46:ea:8e:10:59:f9:68:db:79:29:c6:
dc:04:75:3d:cf:e6:be:98:35:e1:a3:da:ea:65:e6:
04:87:f7:35:21:6b:32:a5:0a:ce:14:7e:6e:38:75:
56:3d:c1:37:72:c4:ee:c4:2a:82:b6:e9:d9:d6:a8:
47:76:d0:59:ff:a2:d8:b1:18:4d:ac:f4:3d:31:9c:
f3:78:67:56:0e:41:16:ff:23:67:16:66:cf:5b:88:
2a:7a:45:e7:ba:1c:84:e4:82:67:d0:a2:c7:21:04:
09:84:1f:6d:70:49:a9:75:a6:65:89:d0:e1:15:b7:
b3:a0:94:64:c7:3e:07:d9:ca:7d:86:d5:d4:dd:54:
e9:f9:ee:6b:f1:cd:ea:3a:54:a5:dc:d0:c2:25:b3:
63:6b:22:dd:02:4f:72:64:fa:01:8e:95:ca:cd:c7:
c7:bc:29:be:ff:0d:0c:6a:7e:a9:56:77:7c:68:bc:
af:a1:e6:9b:44:1c:c2:e8:71:42:a1:c6:d2:f0:ca:
86:b2:e6:63:97:a0:45:56:37:34:99:f9:0b:70:8b:
fd:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:50:FD:84:BE:07:79:AE:F2:69:7B:77:D0:FF:6D:3C:ED:FA:4A:76
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/y1D9hL4Hea7yaXt30P9tPO36SnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.116.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.1.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/23
89.213.4.0/24
89.213.6.0/23
89.213.43.0/24
89.213.130.0/24
89.213.145.0-89.213.146.255
89.213.161.0/24
89.213.190.0/24
109.176.208.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:80:91:3d:e1:b0:99:e1:f0:3e:fa:c9:70:e1:bd:b9:66:3a:
09:fa:67:ed:ac:f1:37:e6:1e:ff:99:17:5f:b1:b5:64:4c:79:
59:45:1d:ed:49:86:d6:7d:68:be:58:4d:57:4c:ea:b6:73:83:
e1:2f:0d:b2:b8:f0:55:8a:56:a8:5b:d5:48:1f:c7:26:75:50:
12:a1:c9:00:b6:d4:ca:5b:e3:a5:51:4a:46:5f:d9:ef:9f:df:
2d:17:41:98:67:6d:4c:7e:09:d1:95:04:ac:6e:31:dc:3b:71:
06:11:d4:87:70:3a:c7:4f:1f:52:e4:e5:dd:db:8a:b2:a5:27:
80:f3:a9:67:9b:fd:4d:02:58:7f:46:73:66:6a:33:48:ee:d0:
f2:d5:9a:11:c7:3c:70:e3:32:0d:81:79:2f:3d:c3:c1:94:64:
c8:a7:f9:03:e3:1d:75:5f:c0:75:b2:4a:6a:07:48:f2:f7:a8:
e0:9e:4a:d8:56:1f:00:ac:b4:7c:af:0a:8a:ad:ed:9c:c8:ff:
f4:36:e2:9d:19:43:ee:f3:df:65:e2:6f:7c:89:10:c1:09:ed:
ad:5c:09:6f:9d:de:53:d5:4b:03:07:62:36:2e:47:85:32:46:
a4:2e:a1:eb:97:b8:f4:2d:63:79:47:46:7d:50:48:62:fc:0e:
09:66:a2:71
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYut8VtgbgzA52IhOZIalvDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA4MDc1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjUwZmQ4NGJlMDc3OWFlZjI2OTdiNzdkMGZmNmQzY2VkZmE0YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWP1u/WEg/vbQCbcC+5HLlVsWmYb
0v/4JnRmelNFNVn0Wn/iPEOypyxJpzlRK1b3RuqOEFn5aNt5KcbcBHU9z+a+mDXh
o9rqZeYEh/c1IWsypQrOFH5uOHVWPcE3csTuxCqCtunZ1qhHdtBZ/6LYsRhNrPQ9
MZzzeGdWDkEW/yNnFmbPW4gqekXnuhyE5IJn0KLHIQQJhB9tcEmpdaZlidDhFbez
oJRkxz4H2cp9htXU3VTp+e5r8c3qOlSl3NDCJbNjayLdAk9yZPoBjpXKzcfHvCm+
/w0Man6pVnd8aLyvoeabRBzC6HFCocbS8MqGsuZjl6BFVjc0mfkLcIv9HQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFMtQ/YS+B3mu8ml7d9D/bTzt+kp2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveTFEOWhMNEhlYTd5YVh0MzBQOXRQTzM2U25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBABR
qHQwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wMEAFKY/gME
AFKZAQMEAFKZRQMEAFKZSAMEAFKZTwMEAFKZhAMEAVKZ4AMEAFnVBAMEAVnVBgME
AFnVKwMEAFnVgjAMAwQAWdWRAwQAWdWSAwQAWdWhAwQAWdW+AwQAbbDQAwQAbbD3
AwQAbbD7AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQAdgJE94bCZ4fA++slw4b25
ZjoJ+mftrPE35h7/mRdfsbVkTHlZRR3tSYbWfWi+WE1XTOq2c4PhLw2yuPBVilao
W9VIH8cmdVASockAttTKW+OlUUpGX9nvn98tF0GYZ21MfgnRlQSsbjHcO3EGEdSH
cDrHTx9S5OXd24qypSeA86lnm/1NAlh/RnNmajNI7tDy1ZoRxzxw4zINgXkvPcPB
lGTIp/kD4x11X8B1skpqB0jy96jgnkrYVh8ArLR8rwqKre2cyP/0NuKdGUPu899l
4m98iRDBCe2tXAlvnd5T1UsDB2I2LkeFMkakLqHrl7j0LWN5R0Z9UEhi/A4JZqJx
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:51 2025 by rpki-client