Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/nDdF4n9YVGjUYHi9BJDCf7cR684.roa
File: nDdF4n9YVGjUYHi9BJDCf7cR684.roa (raw, json)
Hash identifier: C4Z7xwNzfTEMuD2NYjFaUfImRlNoNJ55wui1gBkntWE=
Subject key identifier: 9C:37:45:E2:7F:58:54:68:D4:60:78:BD:04:90:C2:7F:B7:11:EB:CE
Certificate issuer: /CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Certificate serial: 01857039A549F1FCB69754FD925C3CECE5F4
Authority key identifier: 7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/nDdF4n9YVGjUYHi9BJDCf7cR684.roa
Signing time: Mon 02 Jan 2023 02:05:04 +0000
ROA not before: Mon 02 Jan 2023 02:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 82.192.97.0/24 maxlen: 24
82.192.96.0/24 maxlen: 24
82.192.100.0/24 maxlen: 24
82.192.103.0/24 maxlen: 24
82.192.101.0/24 maxlen: 24
82.192.102.0/24 maxlen: 24
82.192.110.0/24 maxlen: 24
82.192.108.0/24 maxlen: 24
82.192.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:a5:49:f1:fc:b6:97:54:fd:92:5c:3c:ec:e5:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Validity
Not Before: Jan 2 02:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c3745e27f585468d46078bd0490c27fb711ebce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:35:6b:81:1e:30:2f:a8:78:2f:6f:f8:5a:c9:
8e:c9:e8:04:91:15:b9:89:ce:c1:c2:e1:01:12:d4:
8b:e1:a3:e7:eb:5a:cc:cb:b4:62:89:ba:21:8b:a3:
40:14:fd:78:44:ee:02:11:fc:13:4a:bf:c0:72:54:
92:00:92:70:d1:1c:b0:56:09:d9:5d:b7:48:fa:3c:
31:a3:be:b2:78:bf:e5:67:44:e9:2d:94:2c:71:d4:
9d:f7:2a:d0:16:b7:1c:90:b6:8c:55:86:ac:f5:64:
90:72:9d:82:92:be:ed:17:5f:c0:cf:f4:5f:38:03:
8a:9f:b5:f9:75:9f:e6:8e:39:a2:c0:96:ea:66:05:
80:b4:e8:d0:97:c8:71:91:4c:05:05:70:56:b4:c3:
91:26:c1:37:89:ff:4b:ce:3b:d8:7b:7b:ab:af:9c:
78:ae:4f:fe:75:cd:a4:14:e5:00:32:16:2a:34:c6:
f5:c7:98:43:90:4c:24:c0:98:fe:e5:b8:64:78:41:
1f:72:88:0d:35:45:3d:98:09:e1:a7:64:b9:96:6a:
1c:64:fc:55:09:4f:7f:0b:d1:7f:bf:53:61:4f:6f:
20:a0:55:5b:03:a5:08:03:6d:d8:c7:bf:1c:50:dd:
0d:9d:d9:56:98:25:af:e4:f0:51:a3:27:6d:5d:5e:
68:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:37:45:E2:7F:58:54:68:D4:60:78:BD:04:90:C2:7F:B7:11:EB:CE
X509v3 Authority Key Identifier:
keyid:7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/nDdF4n9YVGjUYHi9BJDCf7cR684.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.192.96.0/23
82.192.100.0/22
82.192.108.0-82.192.110.255
Signature Algorithm: sha256WithRSAEncryption
b6:ad:b5:cf:ce:e3:58:c5:0f:35:4f:03:1e:33:0a:72:02:3f:
34:36:5a:f0:bd:ed:dc:6e:aa:25:44:80:3a:5d:18:a7:d1:3b:
b4:22:fd:a8:21:01:12:30:de:f6:0e:b5:22:19:18:44:52:3b:
16:da:a7:2e:3d:22:44:91:6e:5c:9d:e4:7d:a4:67:51:fd:e5:
86:62:95:c1:4f:41:d7:11:81:2e:21:85:43:f9:84:9b:4c:8e:
d5:c9:5c:9e:5d:9c:3a:dc:fc:be:fa:97:1c:fb:43:4f:73:3e:
3e:28:66:50:77:e9:cd:32:8f:9d:71:d4:2d:1c:49:c4:bc:57:
62:20:e5:82:0b:a4:82:33:28:db:47:eb:5b:a0:25:9d:7f:f7:
2c:53:e5:fa:6f:d4:ae:57:35:31:1d:6c:4b:7c:5b:72:43:50:
ec:77:d7:8c:d6:26:2e:60:5e:a4:13:81:f9:ca:08:be:fe:ef:
cb:68:2d:d6:2d:79:d4:f3:ee:5d:89:bd:7b:cf:8b:68:4b:b4:
6a:94:c4:3c:a7:dc:e5:58:05:6f:48:b2:28:72:5f:ba:a9:12:
5d:aa:1e:32:87:69:7a:f6:33:eb:fa:86:2d:72:c6:3b:26:be:
d8:d1:5d:ae:53:63:b7:38:e4:97:56:13:45:18:55:67:9d:0d:
99:06:3d:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwOaVJ8fy2l1T9klw87OX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZWNhNDAxMmJmN2I1MDU2ZTJlMGExNjFlYjQ2MTg4NzZj
OTExMmEwHhcNMjMwMTAyMDIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM3NDVlMjdmNTg1NDY4ZDQ2MDc4YmQwNDkwYzI3ZmI3MTFlYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DVrgR4wL6h4L2/4WsmOyegEkRW5
ic7BwuEBEtSL4aPn61rMy7Riibohi6NAFP14RO4CEfwTSr/AclSSAJJw0RywVgnZ
XbdI+jwxo76yeL/lZ0TpLZQscdSd9yrQFrcckLaMVYas9WSQcp2Ckr7tF1/Az/Rf
OAOKn7X5dZ/mjjmiwJbqZgWAtOjQl8hxkUwFBXBWtMORJsE3if9LzjvYe3urr5x4
rk/+dc2kFOUAMhYqNMb1x5hDkEwkwJj+5bhkeEEfcogNNUU9mAnhp2S5lmocZPxV
CU9/C9F/v1NhT28goFVbA6UIA23Yx78cUN0NndlWmCWv5PBRoydtXV5oRwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJw3ReJ/WFRo1GB4vQSQwn+3EevOMB8GA1UdIwQY
MBaAFHvspAEr97UFbi4KFh60YYh2yREqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYt
NThjYWY0NzAxYmUzLzEvbkRkRjRuOVlWR2pVWUhpOUJKRENmN2NSNjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYtNThjYWY0NzAxYmUz
LzEvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUsBgAwQC
UsBkMAwDBAJSwGwDBABSwG4wDQYJKoZIhvcNAQELBQADggEBALattc/O41jFDzVP
Ax4zCnICPzQ2WvC97dxuqiVEgDpdGKfRO7Qi/aghARIw3vYOtSIZGERSOxbapy49
IkSRblyd5H2kZ1H95YZilcFPQdcRgS4hhUP5hJtMjtXJXJ5dnDrc/L76lxz7Q09z
Pj4oZlB36c0yj51x1C0cScS8V2Ig5YILpIIzKNtH61ugJZ1/9yxT5fpv1K5XNTEd
bEt8W3JDUOx314zWJi5gXqQTgfnKCL7+78toLdYtedTz7l2JvXvPi2hLtGqUxDyn
3OVYBW9IsihyX7qpEl2qHjKHaXr2M+v6hi1yxjsmvtjRXa5TY7c45JdWE0UYVWed
DZkGPdg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:42 2025 by rpki-client