Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zmQJWsYiR-MsPJ4yYch1xE7tsFM.roa
File: zmQJWsYiR-MsPJ4yYch1xE7tsFM.roa (raw, json)
Hash identifier: 28SlR6yyqyyvFw/nXs2s8K+UuCRXXR5NfokEqcazcJY=
Subject key identifier: CE:64:09:5A:C6:22:47:E3:2C:3C:9E:32:61:C8:75:C4:4E:ED:B0:53
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0188B9B764ED4A113A10F794B1DBEEF50CE9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zmQJWsYiR-MsPJ4yYch1xE7tsFM.roa
Signing time: Wed 14 Jun 2023 11:43:03 +0000
ROA not before: Wed 14 Jun 2023 11:43:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 82.153.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:b7:64:ed:4a:11:3a:10:f7:94:b1:db:ee:f5:0c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 14 11:43:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce64095ac62247e32c3c9e3261c875c44eedb053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:44:4d:78:f0:4e:8d:03:cf:b1:93:92:f6:b4:
fa:32:85:8c:61:cb:77:06:67:ce:45:06:9c:01:91:
d0:78:51:83:76:87:a0:f6:f8:2c:69:24:65:a6:00:
e2:ce:64:3f:ad:6b:5e:6c:3d:d1:55:63:76:b3:23:
e1:db:7b:ce:98:a3:23:55:ac:79:31:28:26:43:e4:
90:cf:e7:cd:5d:3b:05:09:df:88:96:0e:2b:c1:bd:
d1:34:8b:2c:cd:aa:81:28:e5:70:3b:e7:30:6b:bd:
4c:24:94:6b:0b:a0:3c:0b:71:f6:55:6b:03:7e:33:
53:02:eb:d8:2b:6d:67:44:40:b0:45:7f:3e:2d:86:
a0:ca:0e:af:06:0b:ba:81:80:b0:5d:84:1c:ff:fa:
0f:68:eb:e3:5c:26:1a:7b:b1:75:cf:b2:12:ff:e7:
58:97:b2:ac:8e:b5:51:9b:5f:7a:bc:09:60:91:80:
1c:55:87:21:d9:d5:29:6c:13:4f:3e:4d:39:8d:ad:
e1:80:29:68:24:6c:59:77:63:9b:c2:f8:5b:0b:55:
67:d4:bc:90:72:63:31:e2:95:60:62:c1:20:dc:1b:
10:50:89:b9:c2:6d:62:4a:1c:1e:b4:d5:4c:ee:83:
2e:7e:da:13:6b:a0:18:72:e6:d4:f4:a1:44:05:6e:
df:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:64:09:5A:C6:22:47:E3:2C:3C:9E:32:61:C8:75:C4:4E:ED:B0:53
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zmQJWsYiR-MsPJ4yYch1xE7tsFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.78.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:8c:10:3c:21:97:62:f0:2f:99:08:40:a3:90:ce:ea:bb:b6:
55:f6:6c:99:4d:d2:f7:84:a8:5c:19:a7:dd:31:9a:be:3f:93:
3b:90:f0:d1:43:25:4c:8b:7c:a1:1b:00:01:d9:40:b9:df:16:
0c:dd:63:74:a6:9f:c7:dc:a7:f7:f9:0a:be:4a:db:d9:de:28:
e2:c1:68:57:ce:97:d7:9c:bb:d5:cf:47:7d:c7:a0:17:cd:39:
0c:6a:b6:ab:81:9e:6b:9b:d9:07:39:1a:00:2f:8c:1e:da:b7:
a7:da:bb:d9:d8:cd:e6:4f:cd:45:54:54:ac:ae:a6:73:da:c0:
54:d6:f1:39:ea:5e:42:59:45:2c:98:59:4c:fd:04:a1:9c:f9:
9d:5e:a9:59:4e:68:f1:1b:2d:f5:e8:6d:c5:b6:cc:ed:e8:7d:
a0:2c:1e:09:cd:d2:5a:01:35:98:95:d0:d5:bd:78:61:c0:2b:
8a:e6:e2:f1:2a:de:85:76:42:ad:55:b5:b9:35:83:12:40:0c:
f7:54:85:6c:de:bc:e2:30:c7:11:9a:48:96:c2:2f:f4:9b:21:
72:41:54:83:0b:cd:c2:eb:84:c3:84:0e:a5:7f:b8:f1:32:81:
59:3c:91:9b:2e:70:f7:1a:29:92:03:ba:0c:f7:ea:2d:ec:3b:
39:11:92:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi5t2TtShE6EPeUsdvu9QzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjE0MTE0MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTY0MDk1YWM2MjI0N2UzMmMzYzllMzI2MWM4NzVjNDRlZWRiMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoURNePBOjQPPsZOS9rT6MoWMYct3
BmfORQacAZHQeFGDdoeg9vgsaSRlpgDizmQ/rWtebD3RVWN2syPh23vOmKMjVax5
MSgmQ+SQz+fNXTsFCd+Ilg4rwb3RNIsszaqBKOVwO+cwa71MJJRrC6A8C3H2VWsD
fjNTAuvYK21nRECwRX8+LYagyg6vBgu6gYCwXYQc//oPaOvjXCYae7F1z7IS/+dY
l7KsjrVRm196vAlgkYAcVYch2dUpbBNPPk05ja3hgCloJGxZd2ObwvhbC1Vn1LyQ
cmMx4pVgYsEg3BsQUIm5wm1iShwetNVM7oMuftoTa6AYcubU9KFEBW7fgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM5kCVrGIkfjLDyeMmHIdcRO7bBTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvem1RSldzWWlSLU1zUEo0eVljaDF4RTd0c0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplOMA0G
CSqGSIb3DQEBCwUAA4IBAQCfjBA8IZdi8C+ZCECjkM7qu7ZV9myZTdL3hKhcGafd
MZq+P5M7kPDRQyVMi3yhGwAB2UC53xYM3WN0pp/H3Kf3+Qq+StvZ3ijiwWhXzpfX
nLvVz0d9x6AXzTkMarargZ5rm9kHORoAL4we2ren2rvZ2M3mT81FVFSsrqZz2sBU
1vE56l5CWUUsmFlM/QShnPmdXqlZTmjxGy316G3Ftszt6H2gLB4JzdJaATWYldDV
vXhhwCuK5uLxKt6FdkKtVbW5NYMSQAz3VIVs3rziMMcRmkiWwi/0myFyQVSDC83C
64TDhA6lf7jxMoFZPJGbLnD3GimSA7oM9+ot7Ds5EZK2
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:39 2025 by rpki-client