Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BoqJV7Fjpm_Uzt51V03Ya9O4CQs.roa
File: BoqJV7Fjpm_Uzt51V03Ya9O4CQs.roa (raw, json)
Hash identifier: Rm8ktYoD7DD9oWcofYLEC/mfZenvbtrWy/pJKRVunVY=
Subject key identifier: 06:8A:89:57:B1:63:A6:6F:D4:CE:DE:75:57:4D:D8:6B:D3:B8:09:0B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189CEDFC549E27FDC560E11CAAD117F8D2A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BoqJV7Fjpm_Uzt51V03Ya9O4CQs.roa
Signing time: Mon 07 Aug 2023 07:21:58 +0000
ROA not before: Mon 07 Aug 2023 07:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.168.41.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
109.176.241.0/24 maxlen: 24
109.176.250.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.249.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
89.213.41.0/24 maxlen: 24
89.213.44.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.186.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.187.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.213.0/24 maxlen: 24
109.176.210.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ce:df:c5:49:e2:7f:dc:56:0e:11:ca:ad:11:7f:8d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 7 07:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=068a8957b163a66fd4cede75574dd86bd3b8090b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0f:a5:a1:e9:07:aa:18:bb:5e:33:dd:d4:d1:
6b:74:1a:5b:b7:59:13:5a:d4:85:e6:ab:0c:d2:37:
8b:81:b7:f7:ed:73:48:f3:8c:18:4b:53:22:30:04:
96:3a:a8:87:6e:78:b2:d4:5b:00:eb:8d:b8:45:6b:
ca:cf:38:6c:98:7f:f9:f6:3b:b5:df:43:76:6e:5e:
01:d7:d6:8c:b3:fe:9b:71:75:a1:46:46:77:75:a1:
0e:2d:d6:3e:7f:73:74:b9:a2:5f:75:06:ec:e9:d5:
98:63:1a:5f:78:35:fb:9d:ce:8b:21:cb:a0:24:34:
80:78:e0:4c:7d:16:76:92:79:c7:9b:e7:ef:a4:37:
7e:ce:7a:77:f2:f7:75:0c:cb:1f:98:09:e0:7b:27:
e7:d6:77:be:de:6a:1c:13:b8:e0:fd:71:0d:bb:6b:
c6:cf:13:0e:f2:d5:e5:81:d5:0a:61:11:f1:10:31:
46:bf:de:55:16:bf:10:e6:ce:70:1f:10:93:60:e3:
6c:b1:2a:81:40:bd:cc:ee:9e:53:7d:81:7e:42:a9:
9e:5b:b6:aa:0f:56:2d:6f:09:cd:ad:51:4b:f5:94:
45:ef:f7:d5:72:cc:4e:ee:f2:1c:82:5b:b9:54:2d:
a1:97:32:36:e4:4b:80:01:7a:db:50:ec:a1:1c:c3:
51:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8A:89:57:B1:63:A6:6F:D4:CE:DE:75:57:4D:D8:6B:D3:B8:09:0B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BoqJV7Fjpm_Uzt51V03Ya9O4CQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.223.0/24
82.153.227.0/24
82.153.240.0/24
82.153.249.0/24
89.213.41.0/24
89.213.44.0/24
89.213.136.0/24
89.213.139.0-89.213.140.255
89.213.150.0/24
89.213.152.0/24
89.213.155.0/24
89.213.160.0/24
89.213.162.0/23
89.213.168.0/24
89.213.173.0/24
89.213.176.0/24
89.213.180.0/24
89.213.182.0/24
89.213.184.0/22
109.176.210.0/23
109.176.213.0/24
109.176.218.0/24
109.176.220.0/24
109.176.240.0/22
109.176.247.0/24
109.176.250.0/24
185.49.125.0-185.49.127.255
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:2c:35:92:4d:03:97:4f:9e:f4:ad:4c:f5:fa:f2:a3:c6:61:
d1:83:b0:a7:66:10:62:16:b9:d0:9e:0b:86:02:12:6f:4c:9b:
7e:67:ae:37:50:0c:e6:fb:f1:52:c6:cb:c8:58:e8:56:21:cf:
02:51:02:9d:9c:78:7c:e5:65:cb:43:d2:35:2d:a4:53:49:84:
8f:d9:55:d7:89:40:79:46:09:29:c7:83:57:86:ba:6d:92:68:
e0:fd:08:eb:7a:83:28:98:f1:7b:57:af:fd:5b:cb:ef:cc:da:
15:03:a3:37:14:0d:9b:f8:f8:7a:60:23:4d:5e:74:00:1e:28:
ac:1d:df:b5:de:1d:d3:df:3e:68:34:5d:6e:1d:83:52:f6:78:
17:bc:fc:13:b6:17:20:cc:14:89:fc:1a:47:d2:b7:14:75:4f:
84:50:7a:e0:3f:a8:71:01:06:22:75:07:a9:f6:fd:60:87:67:
e9:ff:56:b2:d4:ca:e2:95:90:a7:18:11:c1:2c:dd:e6:b2:39:
28:5b:56:09:ab:1f:c2:cf:cc:f2:04:00:e9:20:95:a4:bd:44:
e2:30:40:e7:3c:0e:72:b3:d8:21:b0:71:cc:b2:9c:b5:03:94:
de:5d:e0:f1:ec:7c:57:bb:0b:f6:04:3b:29:e5:b7:07:d6:28:
91:78:bf:60
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAYnO38VJ4n/cVg4Ryq0Rf40qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MDcyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjhhODk1N2IxNjNhNjZmZDRjZWRlNzU1NzRkZDg2YmQzYjgwOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw+loekHqhi7XjPd1NFrdBpbt1kT
WtSF5qsM0jeLgbf37XNI84wYS1MiMASWOqiHbniy1FsA6424RWvKzzhsmH/59ju1
30N2bl4B19aMs/6bcXWhRkZ3daEOLdY+f3N0uaJfdQbs6dWYYxpfeDX7nc6LIcug
JDSAeOBMfRZ2knnHm+fvpDd+znp38vd1DMsfmAngeyfn1ne+3mocE7jg/XENu2vG
zxMO8tXlgdUKYRHxEDFGv95VFr8Q5s5wHxCTYONssSqBQL3M7p5TfYF+QqmeW7aq
D1YtbwnNrVFL9ZRF7/fVcsxO7vIcglu5VC2hlzI25EuAAXrbUOyhHMNRuwIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFAaKiVexY6Zv1M7edVdN2GvTuAkLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQm9xSlY3RmpwbV9VenQ1MVYwM1lhOU80Q1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpnfAwQAUpnjAwQA
UpnwAwQAUpn5AwQAWdUpAwQAWdUsAwQAWdWIMAwDBABZ1YsDBABZ1YwDBABZ1ZYD
BABZ1ZgDBABZ1ZsDBABZ1aADBAFZ1aIDBABZ1agDBABZ1a0DBABZ1bADBABZ1bQD
BABZ1bYDBAJZ1bgDBAFtsNIDBABtsNUDBABtsNoDBABtsNwDBAJtsPADBABtsPcD
BABtsPowDAMEALkxfQMEB7kxAAMEANWYKjANBgkqhkiG9w0BAQsFAAOCAQEAfyw1
kk0Dl0+e9K1M9fryo8Zh0YOwp2YQYha50J4LhgISb0ybfmeuN1AM5vvxUsbLyFjo
ViHPAlECnZx4fOVly0PSNS2kU0mEj9lV14lAeUYJKceDV4a6bZJo4P0I63qDKJjx
e1ev/VvL78zaFQOjNxQNm/j4emAjTV50AB4orB3ftd4d098+aDRdbh2DUvZ4F7z8
E7YXIMwUifwaR9K3FHVPhFB64D+ocQEGInUHqfb9YIdn6f9WstTK4pWQpxgRwSzd
5rI5KFtWCasfws/M8gQA6SCVpL1E4jBA5zwOcrPYIbBxzLKctQOU3l3g8ex8V7sL
9gQ7KeW3B9YokXi/YA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:41:51 2025 by rpki-client