Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/d0T2UwxASRNXFVKUc0E50NHXglo.roa
File: d0T2UwxASRNXFVKUc0E50NHXglo.roa (raw, json)
Hash identifier: U2apDS3PixjO5ORJh17mHY7DW/lKgxuwvmEtoOj7fVg=
Subject key identifier: 77:44:F6:53:0C:40:49:13:57:15:52:94:73:41:39:D0:D1:D7:82:5A
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 367ABFAB
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/d0T2UwxASRNXFVKUc0E50NHXglo.roa
Signing time: Sat 01 Jan 2022 15:06:32 +0000
ROA not before: Sat 01 Jan 2022 15:06:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30818
IP address blocks: 82.221.80.0/20 maxlen: 20
82.221.96.0/20 maxlen: 20
82.221.0.0/20 maxlen: 20
82.221.112.0/20 maxlen: 20
82.221.16.0/20 maxlen: 20
82.221.32.0/20 maxlen: 20
82.221.48.0/20 maxlen: 20
82.221.164.0/24 maxlen: 24
82.221.64.0/20 maxlen: 20
82.221.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 914014123 (0x367abfab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jan 1 15:06:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7744f6530c40491357155294734139d0d1d7825a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:78:1e:f0:1a:44:26:b2:9a:86:52:19:0a:16:
e2:15:bf:7f:f4:32:77:5b:b8:7d:af:43:75:b7:b6:
9c:0c:cc:a9:7b:89:80:19:72:d2:fb:3d:f2:dc:6c:
1d:d0:f2:6d:4d:b5:36:46:8b:d6:6a:d5:1c:2c:c5:
29:3d:8f:4b:2d:fb:04:21:8a:48:b0:c8:1a:86:b9:
fa:c4:cc:c1:e7:a5:7b:81:e2:98:22:f0:cd:e4:15:
cf:08:fe:9f:31:65:64:58:ed:a8:e4:7d:22:01:64:
49:04:cc:c9:6d:68:6a:de:06:98:0e:66:9f:77:48:
eb:89:33:81:b8:ac:2b:36:77:9f:ef:99:11:06:be:
e4:07:fa:27:1b:15:84:2a:2b:31:e9:76:22:58:20:
2e:ed:58:ba:85:2a:1d:a8:0e:5b:79:2b:24:74:5d:
f1:18:0f:b9:53:18:87:5f:8d:6f:0f:30:ef:b8:cd:
86:87:59:c3:d1:ea:b6:43:87:6e:10:1e:50:02:5b:
b8:e0:76:0a:18:14:28:f5:e0:bb:ca:dc:23:fa:fa:
fc:13:9d:39:84:51:0c:c3:2e:56:33:96:93:76:a8:
b7:2d:9b:e8:1b:eb:49:55:b9:87:66:ad:4d:b0:52:
19:50:ba:03:bd:10:d8:9b:d7:fe:23:92:c8:e0:ae:
a8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:44:F6:53:0C:40:49:13:57:15:52:94:73:41:39:D0:D1:D7:82:5A
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/d0T2UwxASRNXFVKUc0E50NHXglo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.0.0/17
82.221.164.0/24
82.221.168.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:59:9e:62:3a:7b:45:27:8e:82:a2:cd:eb:ce:72:30:c1:a7:
da:da:16:8b:95:75:9d:9f:90:70:cd:c6:b7:83:e0:bf:64:58:
5b:78:df:5b:7f:8b:91:1a:1d:98:52:70:53:2c:33:4e:1d:78:
c9:63:e3:b3:6b:35:02:bf:e2:28:f8:34:e4:f6:7d:0a:fa:89:
e4:02:20:18:84:52:62:a7:99:0e:25:c0:75:b9:89:4b:43:b0:
4d:a2:14:63:fa:44:86:a3:29:eb:25:3c:d2:6d:63:be:7d:a7:
31:08:0f:8c:12:eb:05:79:e8:c4:f2:52:e3:9c:79:a6:0c:b4:
31:e3:28:60:4a:d9:d3:ce:39:e8:4e:e1:16:7d:0f:a8:52:37:
4d:7d:14:81:f3:f8:64:b5:0c:4d:e6:1c:cd:12:9b:f7:9c:7d:
14:1d:c0:03:f0:86:7d:8c:5c:e0:02:c9:f5:60:0d:ac:10:a2:
ad:14:ea:05:ff:01:03:c7:50:dd:57:cf:20:34:6b:7d:bf:7b:
0f:9e:91:80:51:d8:72:c6:ef:02:30:52:05:e5:c4:c0:2b:fc:
6d:ee:b3:ff:54:0b:33:d4:0c:fe:c8:78:f2:64:01:26:83:72:
c8:6b:27:29:98:fa:68:33:51:f2:e0:82:1b:65:94:bc:66:de:
4d:5d:84:c9
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENnq/qzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDgwMjVjN2RlMDQwMGUwZjNjODhkNGExMjJhMzE3ZTMyYzVlMjFjMB4XDTIyMDEw
MTE1MDYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc0NGY2NTMwYzQw
NDkxMzU3MTU1Mjk0NzM0MTM5ZDBkMWQ3ODI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI94HvAaRCaymoZSGQoW4hW/f/Qyd1u4fa9Ddbe2nAzMqXuJ
gBly0vs98txsHdDybU21NkaL1mrVHCzFKT2PSy37BCGKSLDIGoa5+sTMweele4Hi
mCLwzeQVzwj+nzFlZFjtqOR9IgFkSQTMyW1oat4GmA5mn3dI64kzgbisKzZ3n++Z
EQa+5Af6JxsVhCorMel2IlggLu1YuoUqHagOW3krJHRd8RgPuVMYh1+Nbw8w77jN
hodZw9HqtkOHbhAeUAJbuOB2ChgUKPXgu8rcI/r6/BOdOYRRDMMuVjOWk3aoty2b
6BvrSVW5h2atTbBSGVC6A70Q2JvX/iOSyOCuqJsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR3RPZTDEBJE1cVUpRzQTnQ0deCWjAfBgNVHSMEGDAWgBRAgCXH3gQA4PPI
jUoSKjF+MsXiHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJQWx4OTRFQU9EenlJMUtFaW94ZmpMRjRody5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvNTkzMDNkLTc0OGEtNDc5Ny04MTFlLWZlZTJlOGQ0MDg0Zi8x
L2QwVDJVd3hBU1JOWEZWS1VjMEU1ME5IWGdsby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
NTkzMDNkLTc0OGEtNDc5Ny04MTFlLWZlZTJlOGQ0MDg0Zi8xL1FJQWx4OTRFQU9E
enlJMUtFaW94ZmpMRjRody5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEB1LdAAMEAFLdpAMEAFLdqDANBgkq
hkiG9w0BAQsFAAOCAQEAuFmeYjp7RSeOgqLN685yMMGn2toWi5V1nZ+QcM3Gt4Pg
v2RYW3jfW3+LkRodmFJwUywzTh14yWPjs2s1Ar/iKPg05PZ9CvqJ5AIgGIRSYqeZ
DiXAdbmJS0OwTaIUY/pEhqMp6yU80m1jvn2nMQgPjBLrBXnoxPJS45x5pgy0MeMo
YErZ08456E7hFn0PqFI3TX0UgfP4ZLUMTeYczRKb95x9FB3AA/CGfYxc4ALJ9WAN
rBCirRTqBf8BA8dQ3VfPIDRrfb97D56RgFHYcsbvAjBSBeXEwCv8be6z/1QLM9QM
/sh48mQBJoNyyGsnKZj6aDNR8uCCG2WUvGbeTV2EyQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:54:16 2025 by rpki-client