Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/1-R-SkK4ulQJv6www1bOHziU4I-E.roa
File: 1-R-SkK4ulQJv6www1bOHziU4I-E.roa (raw, json)
Hash identifier: 4KeFEodu6aL4FHHNZqioxY4SZLmLWtLi1qkgjV63pzw=
Subject key identifier: F9:1F:92:90:AE:2E:95:02:6F:EB:0C:30:D5:B3:87:CE:25:38:23:E1
Certificate issuer: /CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Certificate serial: 3837E471
Authority key identifier: 15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/1-R-SkK4ulQJv6www1bOHziU4I-E.roa
Signing time: Sat 01 Jan 2022 16:10:28 +0000
ROA not before: Sat 01 Jan 2022 16:10:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33942
IP address blocks: 82.213.67.0/24 maxlen: 24
82.213.68.0/23 maxlen: 23
82.213.72.0/22 maxlen: 22
82.213.76.0/22 maxlen: 22
82.213.84.0/22 maxlen: 22
82.213.102.0/24 maxlen: 24
82.213.104.0/21 maxlen: 21
82.213.103.0/24 maxlen: 24
83.139.201.0/24 maxlen: 24
83.139.208.0/24 maxlen: 24
82.213.64.0/23 maxlen: 23
83.139.192.0/23 maxlen: 23
83.139.197.0/24 maxlen: 24
83.139.196.0/22 maxlen: 22
83.139.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943187057 (0x3837e471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Validity
Not Before: Jan 1 16:10:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f91f9290ae2e95026feb0c30d5b387ce253823e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7a:5c:55:d0:4a:4e:dd:c4:fd:5b:95:fb:12:
b9:12:21:18:a2:f2:32:d0:74:93:56:a9:4a:df:52:
13:ba:73:77:79:3d:08:55:a8:d9:a3:23:3e:a2:2b:
d9:66:51:2f:6f:5c:b6:9f:4b:06:4f:5c:15:03:50:
3c:c5:2f:dc:b8:59:8d:c1:1f:cd:79:37:ce:79:f6:
01:66:d9:da:c9:f7:24:81:da:44:0e:f9:c4:fa:e1:
33:3d:de:a8:bc:8e:9e:f8:f7:69:88:9a:9f:94:b6:
cc:7f:ed:cf:2e:da:1d:b6:6a:8a:96:a5:a8:b8:fe:
bd:8e:25:fd:cc:e8:f3:a6:bf:75:78:32:4c:32:28:
4f:81:f2:30:cd:fa:fa:1a:c8:a4:b2:ef:22:af:f5:
2d:a5:f7:a0:9e:48:c6:7b:26:46:05:fd:99:43:05:
3b:a9:48:7e:d7:68:c7:e3:a3:12:01:fe:ef:c9:98:
e2:d2:6b:29:f0:a9:25:18:d6:bd:16:5e:04:19:b1:
a0:4c:50:d3:66:8d:5a:ca:7a:02:fc:0b:fe:9d:07:
ec:26:82:57:04:7b:bb:3d:70:6b:ef:c5:f2:9d:2a:
dd:d3:3b:cc:c6:55:45:51:a6:07:f3:d7:c8:d0:bb:
1f:5f:0e:99:e4:99:5e:8f:d1:32:76:4a:cc:f7:d4:
5e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1F:92:90:AE:2E:95:02:6F:EB:0C:30:D5:B3:87:CE:25:38:23:E1
X509v3 Authority Key Identifier:
keyid:15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/1-R-SkK4ulQJv6www1bOHziU4I-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.213.64.0/23
82.213.67.0-82.213.69.255
82.213.72.0/21
82.213.84.0/22
82.213.102.0-82.213.111.255
83.139.192.0/23
83.139.195.0-83.139.199.255
83.139.201.0/24
83.139.208.0/24
Signature Algorithm: sha256WithRSAEncryption
39:95:2a:2b:95:2b:44:c4:20:9a:d2:22:cc:50:4b:23:89:63:
da:42:92:2b:32:87:be:67:7b:11:8e:81:f4:07:67:5d:41:fa:
9f:be:9f:7c:66:09:ea:c9:43:dd:39:87:48:de:f3:fa:a3:18:
26:a8:19:ab:6c:49:d2:e4:e2:b1:da:3b:9a:f1:57:8a:a5:d5:
51:6a:30:e4:3d:ac:2b:00:95:05:c4:20:a3:e1:12:20:12:6c:
d4:64:9b:de:a9:02:63:59:e6:a9:2e:0b:27:7c:b9:a9:0f:0e:
3e:2f:7c:c3:29:45:19:3e:03:cd:ab:be:62:e6:d9:e9:b2:99:
f3:16:1d:3d:79:3a:8e:18:35:8b:cc:54:a6:46:a8:93:e5:c2:
42:df:f1:b1:c1:d1:3f:26:3b:e0:fd:27:23:a9:36:75:63:68:
41:11:27:eb:40:eb:55:dd:a6:12:3d:ec:bc:f6:e8:f6:10:58:
55:4c:87:ef:82:42:2c:a8:ee:57:af:b0:6f:da:c7:21:2e:b6:
d2:8f:23:8a:65:c3:e6:2b:f4:c4:f9:ca:66:f1:a9:b3:1c:0e:
fe:4b:bc:96:f6:3d:33:93:f2:49:30:21:2b:2f:5b:36:98:c9:
46:30:5d:15:9e:a9:88:d2:74:82:56:3f:62:0a:56:10:59:9c:
f0:37:d2:8a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIEODfkcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NTAxYzg0NWYxM2RkNGFkNmU5ZGFlNDcwZDVmZjY5YzVjY2EzNzcxMB4XDTIyMDEw
MTE2MTAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjkxZjkyOTBhZTJl
OTUwMjZmZWIwYzMwZDViMzg3Y2UyNTM4MjNlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKB6XFXQSk7dxP1blfsSuRIhGKLyMtB0k1apSt9SE7pzd3k9
CFWo2aMjPqIr2WZRL29ctp9LBk9cFQNQPMUv3LhZjcEfzXk3znn2AWbZ2sn3JIHa
RA75xPrhMz3eqLyOnvj3aYian5S2zH/tzy7aHbZqipalqLj+vY4l/czo86a/dXgy
TDIoT4HyMM36+hrIpLLvIq/1LaX3oJ5IxnsmRgX9mUMFO6lIftdox+OjEgH+78mY
4tJrKfCpJRjWvRZeBBmxoExQ02aNWsp6AvwL/p0H7CaCVwR7uz1wa+/F8p0q3dM7
zMZVRVGmB/PXyNC7H18OmeSZXo/RMnZKzPfUXlcCAwEAAaOCAlIwggJOMB0GA1Ud
DgQWBBT5H5KQri6VAm/rDDDVs4fOJTgj4TAfBgNVHSMEGDAWgBQVAchF8T3UrW6d
rkcNX/acXMo3cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZRSElSZkU5MUsxdW5hNUhEVl8ybkZ6S04zRS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvMDM3NmExLTQ5ZDYtNGE0ZC04YzJhLWVkNzkxNTQzNmIyNy8x
LzEtUi1Ta0s0dWxRSnY2d3d3MWJPSHppVTRJLUUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vh
LzAzNzZhMS00OWQ2LTRhNGQtOGMyYS1lZDc5MTU0MzZiMjcvMS9GUUhJUmZFOTFL
MXVuYTVIRFZfMm5GektOM0UuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
ZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBAFS1UAwDAMEAFLVQwMEAVLVRAME
A1LVSAMEAlLVVDAMAwQBUtVmAwQEUtVgAwQBU4vAMAwDBABTi8MDBANTi8ADBABT
i8kDBABTi9AwDQYJKoZIhvcNAQELBQADggEBADmVKiuVK0TEIJrSIsxQSyOJY9pC
kisyh75nexGOgfQHZ11B+p++n3xmCerJQ905h0je8/qjGCaoGatsSdLk4rHaO5rx
V4ql1VFqMOQ9rCsAlQXEIKPhEiASbNRkm96pAmNZ5qkuCyd8uakPDj4vfMMpRRk+
A82rvmLm2emymfMWHT15Oo4YNYvMVKZGqJPlwkLf8bHB0T8mO+D9JyOpNnVjaEER
J+tA61XdphI97Lz26PYQWFVMh++CQiyo7levsG/axyEuttKPI4plw+Yr9MT5ymbx
qbMcDv5LvJb2PTOT8kkwISsvWzaYyUYwXRWeqYjSdIJWP2IKVhBZnPA30oo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:27 2025 by rpki-client