Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ytID1D6Vo2OON07dXz1WJ1aZccA.roa
File: ytID1D6Vo2OON07dXz1WJ1aZccA.roa (raw, json)
Hash identifier: pliWWPTv1V5ntAoerag6rJjbn/FDTE2YLc3ncqTt7xo=
Subject key identifier: CA:D2:03:D4:3E:95:A3:63:8E:37:4E:DD:5F:3D:56:27:56:99:71:C0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01890CDF74E99D337FC848EEBC87D11A5037
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ytID1D6Vo2OON07dXz1WJ1aZccA.roa
Signing time: Fri 30 Jun 2023 15:15:18 +0000
ROA not before: Fri 30 Jun 2023 15:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140155
IP address blocks: 82.153.227.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
109.176.252.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:df:74:e9:9d:33:7f:c8:48:ee:bc:87:d1:1a:50:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 15:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cad203d43e95a3638e374edd5f3d5627569971c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8a:53:89:93:b3:3f:17:38:80:02:b7:96:78:
fd:2c:f2:b6:ab:00:42:fd:e9:82:00:3d:ce:36:8b:
22:6b:f0:1f:91:d6:b1:46:fb:9b:b4:8e:4a:9c:a3:
90:74:78:04:f4:dd:31:eb:11:23:0d:07:32:d9:d3:
b4:9f:e4:b8:d4:18:1a:a9:89:c6:21:34:27:66:30:
42:9c:7c:3f:c8:69:ec:b6:07:86:3c:f3:35:de:3e:
27:f7:95:79:55:0c:f0:c1:f6:76:a5:c6:57:97:51:
e6:b6:ed:d4:87:64:9e:f2:5a:9c:8e:a7:93:bf:76:
3b:29:f3:65:00:33:85:a9:62:e7:74:6a:12:09:d6:
c7:c9:c4:af:5a:95:4b:78:ab:b9:53:4e:6e:44:e4:
ba:38:04:69:c6:85:9c:de:9f:42:c0:bb:77:6e:24:
98:c7:6d:04:bb:65:9b:1c:b4:71:91:e4:82:f6:d4:
68:1f:ff:a9:5a:45:66:e0:c3:5a:ff:59:9e:60:e0:
73:d6:cc:0e:5e:ff:8f:e7:e1:0f:6b:f2:19:f7:62:
c1:a9:a3:9a:25:c1:05:ab:e2:cc:db:c5:7b:83:e6:
8a:b7:ac:9a:f3:f8:06:ea:a2:db:2d:47:0a:72:f9:
92:6d:37:8d:16:73:86:de:95:6b:59:66:92:d6:95:
af:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D2:03:D4:3E:95:A3:63:8E:37:4E:DD:5F:3D:56:27:56:99:71:C0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ytID1D6Vo2OON07dXz1WJ1aZccA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.225.0/24
82.153.227.0/24
89.213.146.0/24
89.213.154.0/24
89.213.188.0/23
109.176.252.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:11:38:1f:4b:75:6a:a3:1d:bc:62:d4:23:c5:13:6e:e8:55:
b8:e2:f0:82:55:85:ae:d8:ca:a7:a6:25:f3:34:63:dd:91:4b:
a8:18:71:b3:e8:44:f9:1e:0e:45:c4:8c:82:53:48:56:b9:95:
ec:fd:03:4b:e3:1d:0d:7b:b0:cb:62:f2:4f:2c:92:42:74:ee:
d5:98:47:37:bf:f4:91:88:b4:54:99:4a:3c:f6:0c:d7:26:89:
76:f1:da:a2:c7:48:3a:8d:bf:4d:5d:2a:26:d5:78:56:cb:de:
b2:64:b0:ec:63:0f:32:1f:a6:57:62:0b:06:8e:2d:8e:ee:cb:
fe:cc:c3:4e:bd:47:38:f8:27:18:57:6b:8f:6b:69:b0:c0:df:
d5:a9:87:f5:c9:4c:1b:8e:b0:26:1e:f3:1b:04:e4:bd:92:c3:
f5:65:cb:32:14:f9:88:b3:93:92:b7:ea:89:d3:a9:74:0e:18:
11:14:39:a4:9c:3d:eb:eb:b4:0e:be:a9:ad:ea:7c:fa:fd:fc:
bd:42:2d:3a:c6:4a:6d:8e:6c:43:b5:ee:e3:f3:f7:5f:8f:38:
47:c7:c1:59:1e:94:77:c0:02:d2:e5:bb:c5:09:24:c9:6e:88:
63:fe:d2:b8:c4:1c:35:38:5c:6b:4c:b1:f0:76:70:07:02:95:
08:e4:21:7a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYkM33TpnTN/yEjuvIfRGlA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjMwMTUxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQyMDNkNDNlOTVhMzYzOGUzNzRlZGQ1ZjNkNTYyNzU2OTk3MWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmopTiZOzPxc4gAK3lnj9LPK2qwBC
/emCAD3ONosia/AfkdaxRvubtI5KnKOQdHgE9N0x6xEjDQcy2dO0n+S41BgaqYnG
ITQnZjBCnHw/yGnstgeGPPM13j4n95V5VQzwwfZ2pcZXl1Hmtu3Uh2Se8lqcjqeT
v3Y7KfNlADOFqWLndGoSCdbHycSvWpVLeKu5U05uROS6OARpxoWc3p9CwLt3biSY
x20Eu2WbHLRxkeSC9tRoH/+pWkVm4MNa/1meYOBz1swOXv+P5+EPa/IZ92LBqaOa
JcEFq+LM28V7g+aKt6ya8/gG6qLbLUcKcvmSbTeNFnOG3pVrWWaS1pWv2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMrSA9Q+laNjjjdO3V89VidWmXHAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveXRJRDFENlZvMk9PTjA3ZFh6MVdKMWFaY2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpnhAwQA
UpnjAwQAWdWSAwQAWdWaAwQBWdW8AwQBbbD8MA0GCSqGSIb3DQEBCwUAA4IBAQAt
ETgfS3Vqox28YtQjxRNu6FW44vCCVYWu2MqnpiXzNGPdkUuoGHGz6ET5Hg5FxIyC
U0hWuZXs/QNL4x0Ne7DLYvJPLJJCdO7VmEc3v/SRiLRUmUo89gzXJol28dqix0g6
jb9NXSom1XhWy96yZLDsYw8yH6ZXYgsGji2O7sv+zMNOvUc4+CcYV2uPa2mwwN/V
qYf1yUwbjrAmHvMbBOS9ksP1ZcsyFPmIs5OSt+qJ06l0DhgRFDmknD3r67QOvqmt
6nz6/fy9Qi06xkptjmxDte7j8/dfjzhHx8FZHpR3wALS5bvFCSTJbohj/tK4xBw1
OFxrTLHwdnAHApUI5CF6
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:41 2025 by rpki-client