Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yk9Eee4pknvFQtNIYuYnX_EaLyU.roa
File: yk9Eee4pknvFQtNIYuYnX_EaLyU.roa (raw, json)
Hash identifier: 74sAiM2jr49QhD0k6FG6fbfvQenqBBmFTfoMig5qI1g=
Subject key identifier: CA:4F:44:79:EE:29:92:7B:C5:42:D3:48:62:E6:27:5F:F1:1A:2F:25
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018992268DA3E27F50146953B12656AF7A21
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yk9Eee4pknvFQtNIYuYnX_EaLyU.roa
Signing time: Wed 26 Jul 2023 12:22:27 +0000
ROA not before: Wed 26 Jul 2023 12:22:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
82.152.111.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:26:8d:a3:e2:7f:50:14:69:53:b1:26:56:af:7a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 26 12:22:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca4f4479ee29927bc542d34862e6275ff11a2f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ac:d3:fa:23:58:25:fb:ca:17:67:7b:8f:27:
b1:0e:36:99:48:4f:0e:5e:d0:b6:e8:cb:a3:a8:a4:
02:13:72:6d:e6:b7:c7:b3:c1:0b:95:76:66:89:dc:
1a:ee:20:6c:9a:99:74:6b:63:7c:5f:98:4b:25:96:
70:c4:59:80:30:48:d7:ad:18:da:0f:3b:b9:f3:ec:
85:12:6e:ba:62:b9:0c:96:82:d7:e7:37:14:71:0c:
7a:eb:2b:41:a1:5c:f7:0d:ff:0d:c9:bd:f8:8f:7b:
7f:5b:3a:2d:00:de:2e:06:9b:84:86:ad:0a:64:72:
36:24:a8:e1:1a:7c:a2:5f:ee:82:f3:c5:7e:d7:e4:
17:5a:41:69:21:4b:40:15:8e:d9:f2:be:ae:03:87:
1e:3a:75:4d:1c:ef:25:71:72:54:70:ae:2b:bf:1b:
b1:24:9f:6a:ba:2a:8a:82:56:e9:46:8e:5d:dd:e4:
66:e8:61:6e:42:6c:7c:8f:54:40:f7:bb:6c:28:4e:
bb:e0:08:62:e2:ce:0a:01:d7:3d:cb:40:b0:23:40:
ee:16:f4:03:cb:c7:d0:ee:70:5c:94:1a:bd:54:67:
72:45:19:c8:df:cc:73:fe:67:bc:a6:f5:2c:29:c5:
ee:02:df:ac:c8:32:5f:d8:9e:fd:a1:f6:57:34:3e:
26:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4F:44:79:EE:29:92:7B:C5:42:D3:48:62:E6:27:5F:F1:1A:2F:25
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yk9Eee4pknvFQtNIYuYnX_EaLyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0/22
82.153.223.0/24
82.153.249.0/24
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
71:f5:e0:d1:d8:7b:8f:ae:f5:32:bf:7f:2d:21:a4:37:ab:22:
b1:a7:79:41:3e:6c:c9:17:16:92:2a:0c:ab:d2:73:b4:3b:e3:
a4:f1:61:44:c6:c1:8d:2e:13:6b:3d:6b:1b:35:d6:50:33:8f:
87:e4:bc:6e:34:c3:ad:09:00:26:ac:ce:d7:c3:73:d2:0c:11:
27:b4:40:49:a3:60:49:5d:e5:43:8a:d7:01:07:bc:ee:0c:29:
dc:83:07:42:31:cf:83:22:07:60:db:df:4b:75:6f:a3:89:06:
ca:33:6c:70:7f:98:cd:d3:1d:9d:21:6a:6e:58:9b:b1:00:6b:
7a:ab:fb:49:a5:44:2f:95:7f:b7:1b:22:52:59:60:c4:dd:a7:
02:c1:07:84:0a:3a:0c:77:0c:08:0d:ff:1c:0b:ef:8e:18:02:
53:ff:8a:64:25:e7:95:7b:ac:c9:2f:f8:a3:cb:e0:7f:e6:ac:
0f:b9:95:5c:34:ad:6e:41:4b:28:59:aa:ec:c7:90:83:d5:93:
d0:9d:c9:f6:f8:1c:5b:64:1e:8d:23:e3:7e:d7:ee:43:3b:2b:
0f:37:5f:d7:4a:16:6a:f0:a2:74:af:bf:80:a5:c0:aa:13:a6:
88:25:d2:b0:b6:dd:cf:25:7a:d1:fd:b7:78:ad:91:48:7e:2e:
26:50:1c:fd
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYmSJo2j4n9QFGlTsSZWr3ohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzI2MTIyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRmNDQ3OWVlMjk5MjdiYzU0MmQzNDg2MmU2Mjc1ZmYxMWEyZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KzT+iNYJfvKF2d7jyexDjaZSE8O
XtC26MujqKQCE3Jt5rfHs8ELlXZmidwa7iBsmpl0a2N8X5hLJZZwxFmAMEjXrRja
Dzu58+yFEm66YrkMloLX5zcUcQx66ytBoVz3Df8Nyb34j3t/WzotAN4uBpuEhq0K
ZHI2JKjhGnyiX+6C88V+1+QXWkFpIUtAFY7Z8r6uA4ceOnVNHO8lcXJUcK4rvxux
JJ9quiqKglbpRo5d3eRm6GFuQmx8j1RA97tsKE674Ahi4s4KAdc9y0CwI0DuFvQD
y8fQ7nBclBq9VGdyRRnI38xz/me8pvUsKcXuAt+syDJf2J79ofZXND4mdQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMpPRHnuKZJ7xULTSGLmJ1/xGi8lMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveWs5RWVlNHBrbnZGUXROSVl1WW5YX0VhTHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAUQWcAwQA
Uah3AwQAUah7AwQAUphvAwQBUpj8AwQAUpj/AwQAUpkBAwQAUplJAwQAUplOAwQC
UpmIAwQAUpnfAwQAUpn5AwQA1ZgqMA0GCSqGSIb3DQEBCwUAA4IBAQBx9eDR2HuP
rvUyv38tIaQ3qyKxp3lBPmzJFxaSKgyr0nO0O+Ok8WFExsGNLhNrPWsbNdZQM4+H
5LxuNMOtCQAmrM7Xw3PSDBEntEBJo2BJXeVDitcBB7zuDCncgwdCMc+DIgdg299L
dW+jiQbKM2xwf5jN0x2dIWpuWJuxAGt6q/tJpUQvlX+3GyJSWWDE3acCwQeECjoM
dwwIDf8cC++OGAJT/4pkJeeVe6zJL/ijy+B/5qwPuZVcNK1uQUsoWarsx5CD1ZPQ
ncn2+BxbZB6NI+N+1+5DOysPN1/XShZq8KJ0r7+ApcCqE6aIJdKwtt3PJXrR/bd4
rZFIfi4mUBz9
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:30 2025 by rpki-client