Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/3YWMajb6iNJEo3tmR_Kz7qW-_jk.roa
File: 3YWMajb6iNJEo3tmR_Kz7qW-_jk.roa (raw, json)
Hash identifier: 5nAJ70Cy6LmjN7PSKhPq8VR2uCs6RY+iNCVHeobPMc0=
Subject key identifier: DD:85:8C:6A:36:FA:88:D2:44:A3:7B:66:47:F2:B3:EE:A5:BE:FE:39
Certificate issuer: /CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Certificate serial: 08C2A4FA
Authority key identifier: 7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/3YWMajb6iNJEo3tmR_Kz7qW-_jk.roa
Signing time: Sat 01 Jan 2022 14:55:49 +0000
ROA not before: Sat 01 Jan 2022 14:55:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 82.192.97.0/24 maxlen: 24
82.192.96.0/24 maxlen: 24
82.192.101.0/24 maxlen: 24
82.192.100.0/24 maxlen: 24
82.192.103.0/24 maxlen: 24
82.192.102.0/24 maxlen: 24
82.192.108.0/24 maxlen: 24
82.192.110.0/24 maxlen: 24
82.192.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146973946 (0x8c2a4fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Validity
Not Before: Jan 1 14:55:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd858c6a36fa88d244a37b6647f2b3eea5befe39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:2d:24:74:07:53:58:cf:b8:92:56:17:52:58:
a1:48:d3:76:e5:70:17:75:75:b5:04:87:b4:b0:75:
66:2a:8d:59:f8:ea:78:e3:fd:06:6d:ee:39:7e:82:
f1:64:a8:45:11:5d:6a:7d:99:31:3c:3f:aa:5b:82:
36:f3:e1:4a:72:7a:ca:a7:b9:8d:e9:4b:a6:e5:a9:
0c:16:ee:fa:55:78:75:d2:11:8a:fa:62:af:e2:f4:
0c:31:ba:c2:8f:30:51:46:ff:eb:46:a0:c9:80:95:
2c:8a:22:bd:53:18:4e:9f:4f:47:2f:c7:ec:a0:ab:
f2:da:b3:58:32:cb:c4:df:4e:f5:00:d7:89:eb:67:
84:8d:60:05:e5:a3:91:70:21:cf:30:6b:28:f3:83:
6d:7b:be:94:50:e7:08:22:21:98:11:0c:7a:04:39:
1f:e2:0a:f4:4f:b9:c9:42:cc:18:b8:1c:1c:36:43:
3e:a0:55:14:4c:4c:28:ee:fd:fe:c5:57:ab:24:b4:
c6:4e:da:c8:81:35:cf:90:49:70:04:2a:9f:b4:16:
b2:a6:fc:a0:01:63:95:38:86:61:28:79:0f:fd:a9:
0f:a9:c5:ec:24:30:7e:6c:df:21:88:3a:f5:dd:3c:
04:e0:c0:2b:09:71:0b:bb:ad:7c:51:6d:d2:36:0b:
10:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:85:8C:6A:36:FA:88:D2:44:A3:7B:66:47:F2:B3:EE:A5:BE:FE:39
X509v3 Authority Key Identifier:
keyid:7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/3YWMajb6iNJEo3tmR_Kz7qW-_jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.192.96.0/23
82.192.100.0/22
82.192.108.0-82.192.110.255
Signature Algorithm: sha256WithRSAEncryption
c2:38:d1:b2:7e:bb:af:07:8a:88:ff:24:bf:24:22:78:13:25:
d7:d8:30:29:66:1b:52:79:d8:4a:e4:e7:7d:6f:39:96:09:49:
7a:32:10:04:69:93:ee:5b:3a:1c:49:96:42:74:57:c6:fe:01:
ee:29:45:39:a9:58:a2:30:bc:3a:99:e6:d1:cd:95:b6:09:f8:
e8:01:a8:dc:d3:91:e5:3f:9b:57:9d:f0:31:f8:1a:ee:6b:20:
58:43:8f:22:78:d4:9f:80:af:b7:8d:0f:ec:bb:38:00:80:2e:
f7:72:81:e6:30:31:a5:6d:d8:fd:86:4d:90:fc:78:28:9e:c5:
92:8a:89:99:41:ca:2b:4e:5c:e5:54:c7:4b:e2:73:6a:f4:d5:
4f:cb:57:e2:11:12:42:80:ea:85:7f:c9:aa:35:91:81:c5:73:
72:46:bf:ac:ca:f6:d8:41:94:15:4b:47:6f:c2:ac:91:39:b5:
d8:66:d5:db:a1:2a:2f:a3:59:6f:9a:27:cd:96:cf:87:e1:1e:
73:5d:0d:38:fb:ef:94:ec:2f:2e:d3:4e:cf:67:a3:c3:ca:ca:
d3:e0:19:72:ea:de:11:07:c3:6b:20:05:c9:16:a5:40:13:f7:
e8:1c:32:4a:54:27:8c:66:22:90:ed:a7:f6:c5:77:f0:75:94:
fb:fb:92:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECMKk+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmVjYTQwMTJiZjdiNTA1NmUyZTBhMTYxZWI0NjE4ODc2YzkxMTJhMB4XDTIyMDEw
MTE0NTU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ4NThjNmEzNmZh
ODhkMjQ0YTM3YjY2NDdmMmIzZWVhNWJlZmUzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwtJHQHU1jPuJJWF1JYoUjTduVwF3V1tQSHtLB1ZiqNWfjq
eOP9Bm3uOX6C8WSoRRFdan2ZMTw/qluCNvPhSnJ6yqe5jelLpuWpDBbu+lV4ddIR
ivpir+L0DDG6wo8wUUb/60agyYCVLIoivVMYTp9PRy/H7KCr8tqzWDLLxN9O9QDX
ietnhI1gBeWjkXAhzzBrKPODbXu+lFDnCCIhmBEMegQ5H+IK9E+5yULMGLgcHDZD
PqBVFExMKO79/sVXqyS0xk7ayIE1z5BJcAQqn7QWsqb8oAFjlTiGYSh5D/2pD6nF
7CQwfmzfIYg69d08BODAKwlxC7utfFFt0jYLEPUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTdhYxqNvqI0kSje2ZH8rPupb7+OTAfBgNVHSMEGDAWgBR77KQBK/e1BW4u
ChYetGGIdskRKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2UteWtBU3YzdFFWdUxnb1dIclJoaUhiSkVTby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvOTQ4OGQ1LWE4ZDMtNDRiNS05MmRmLTU4Y2FmNDcwMWJlMy8x
LzNZV01hamI2aU5KRW8zdG1SX0t6N3FXLV9qay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
OTQ4OGQ1LWE4ZDMtNDRiNS05MmRmLTU4Y2FmNDcwMWJlMy8xL2UteWtBU3YzdFFW
dUxnb1dIclJoaUhiSkVTby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAVLAYAMEAlLAZDAMAwQCUsBsAwQA
UsBuMA0GCSqGSIb3DQEBCwUAA4IBAQDCONGyfruvB4qI/yS/JCJ4EyXX2DApZhtS
edhK5Od9bzmWCUl6MhAEaZPuWzocSZZCdFfG/gHuKUU5qViiMLw6mebRzZW2Cfjo
Aajc05HlP5tXnfAx+BruayBYQ48ieNSfgK+3jQ/suzgAgC73coHmMDGlbdj9hk2Q
/HgonsWSiomZQcorTlzlVMdL4nNq9NVPy1fiERJCgOqFf8mqNZGBxXNyRr+syvbY
QZQVS0dvwqyRObXYZtXboSovo1lvmifNls+H4R5zXQ04+++U7C8u007PZ6PDysrT
4Bly6t4RB8NrIAXJFqVAE/foHDJKVCeMZiKQ7af2xXfwdZT7+5I5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:54 2025 by rpki-client