Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zUMohQ8ZCvEf_g-rHyxSJeLNmsY.roa
File: zUMohQ8ZCvEf_g-rHyxSJeLNmsY.roa (raw, json)
Hash identifier: Iuar6gcpQxidANnGKrakyzHVS4sgp7kr3ZxWE1Leqnw=
Subject key identifier: CD:43:28:85:0F:19:0A:F1:1F:FE:0F:AB:1F:2C:52:25:E2:CD:9A:C6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01864A822F1643C6F0898DD27D15692577B4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zUMohQ8ZCvEf_g-rHyxSJeLNmsY.roa
Signing time: Mon 13 Feb 2023 11:21:31 +0000
ROA not before: Mon 13 Feb 2023 11:21:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 82.153.250.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:82:2f:16:43:c6:f0:89:8d:d2:7d:15:69:25:77:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 13 11:21:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd4328850f190af11ffe0fab1f2c5225e2cd9ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0b:43:22:7b:8d:80:b9:c5:29:81:2b:78:45:
88:77:6a:d7:71:ca:f3:5a:f4:0b:e0:b3:8f:80:1f:
9d:66:b3:5f:75:c2:27:3c:85:9f:66:90:56:46:b7:
b6:12:07:54:0e:59:06:a3:67:59:ed:14:06:2b:e2:
fc:95:07:c9:00:d9:d4:1b:58:58:80:e4:18:7e:0d:
ac:4d:69:c6:9d:f3:e3:a8:ee:62:ec:54:a7:27:4b:
7c:ec:80:3f:78:55:65:5b:fa:cf:d9:3e:21:68:a7:
4f:11:38:3f:25:a8:f6:d7:77:0e:0e:7d:9f:b0:e8:
84:d4:76:88:c0:dc:01:4a:93:58:4c:d8:13:c1:9e:
0f:4b:eb:86:b4:a1:e3:f3:db:54:09:f2:cc:e8:87:
61:45:bb:c8:c3:d7:ab:29:3b:a6:0f:c8:0e:a2:2d:
38:8f:aa:45:8c:3b:0d:32:82:27:5a:2a:5e:4e:81:
fd:c0:78:26:79:2b:97:28:43:8d:e3:33:61:69:ef:
a4:16:98:b2:d9:6d:fb:d0:dd:b7:f5:a8:b2:b9:94:
b8:5a:12:d6:99:83:06:6f:ae:ba:7c:db:16:95:24:
1d:3e:af:ad:01:85:75:3b:5f:6d:e4:81:54:35:16:
03:0c:26:e8:53:c2:c1:f2:f5:66:8e:19:f2:3e:8c:
07:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:43:28:85:0F:19:0A:F1:1F:FE:0F:AB:1F:2C:52:25:E2:CD:9A:C6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zUMohQ8ZCvEf_g-rHyxSJeLNmsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.220.0/24
82.153.223.0/24
82.153.250.0/24
Signature Algorithm: sha256WithRSAEncryption
49:88:65:80:28:da:83:8e:fd:14:47:45:18:66:7a:40:c5:5f:
f0:d8:20:c2:a0:12:ec:c5:74:5a:69:a0:7f:b6:a1:13:22:59:
a5:42:5e:c7:01:aa:b2:6b:0c:e0:c7:c2:3a:71:2e:bc:88:1e:
32:23:fd:4c:8c:2f:67:22:25:88:1a:e4:56:51:c4:8b:77:48:
c1:85:98:8e:6b:3a:50:9f:cf:a4:c4:5d:42:33:2a:29:b6:19:
0e:8d:e9:30:a3:ac:94:66:e5:37:8a:74:7f:ba:52:7c:0e:06:
1b:0b:89:fc:3e:0b:81:ae:4d:bd:3e:e2:9b:26:09:c7:3b:2a:
90:ed:63:05:5c:7a:97:76:9d:bf:17:cd:78:d8:02:fd:10:54:
54:e8:fc:ed:1f:65:db:1b:66:ca:4c:ed:3d:7b:85:aa:b9:4b:
54:ba:5c:36:94:df:cb:81:ab:a5:3e:be:5c:eb:aa:fc:79:e8:
c0:cd:89:4e:e6:5c:03:40:7f:37:9b:ce:ca:cc:da:06:f8:54:
ce:c7:c2:ca:1b:f2:b4:79:d5:b3:50:96:0a:bb:85:e9:5e:ac:
e8:a1:75:72:0b:2d:04:a6:ad:1a:9a:1d:4b:67:1b:c7:4d:e9:
f9:a4:eb:79:78:d3:64:0b:71:67:98:27:36:05:68:7a:d4:0c:
fa:d7:1b:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZKgi8WQ8bwiY3SfRVpJXe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjEzMTEyMTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQzMjg4NTBmMTkwYWYxMWZmZTBmYWIxZjJjNTIyNWUyY2Q5YWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQtDInuNgLnFKYEreEWId2rXccrz
WvQL4LOPgB+dZrNfdcInPIWfZpBWRre2EgdUDlkGo2dZ7RQGK+L8lQfJANnUG1hY
gOQYfg2sTWnGnfPjqO5i7FSnJ0t87IA/eFVlW/rP2T4haKdPETg/Jaj213cODn2f
sOiE1HaIwNwBSpNYTNgTwZ4PS+uGtKHj89tUCfLM6IdhRbvIw9erKTumD8gOoi04
j6pFjDsNMoInWipeToH9wHgmeSuXKEON4zNhae+kFpiy2W370N239aiyuZS4WhLW
mYMGb666fNsWlSQdPq+tAYV1O19t5IFUNRYDDCboU8LB8vVmjhnyPowHDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM1DKIUPGQrxH/4Pqx8sUiXizZrGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvelVNb2hROFpDdkVmX2ctckh5eFNKZUxObXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpncAwQA
UpnfAwQAUpn6MA0GCSqGSIb3DQEBCwUAA4IBAQBJiGWAKNqDjv0UR0UYZnpAxV/w
2CDCoBLsxXRaaaB/tqETIlmlQl7HAaqyawzgx8I6cS68iB4yI/1MjC9nIiWIGuRW
UcSLd0jBhZiOazpQn8+kxF1CMyopthkOjekwo6yUZuU3inR/ulJ8DgYbC4n8PguB
rk29PuKbJgnHOyqQ7WMFXHqXdp2/F8142AL9EFRU6PztH2XbG2bKTO09e4WquUtU
ulw2lN/LgaulPr5c66r8eejAzYlO5lwDQH83m87KzNoG+FTOx8LKG/K0edWzUJYK
u4XpXqzooXVyCy0Epq0amh1LZxvHTen5pOt5eNNkC3FnmCc2BWh61Az61xtN
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:57 2025 by rpki-client