Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ky12IdDaP7GgvBHmD0IRiAa0hKg.roa
File: Ky12IdDaP7GgvBHmD0IRiAa0hKg.roa (raw, json)
Hash identifier: Z9zxzJlUmjJllk9IvACCrLE34T6HUqHw2R4Gfnddek4=
Subject key identifier: 2B:2D:76:21:D0:DA:3F:B1:A0:BC:11:E6:0F:42:11:88:06:B4:84:A8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01884281860FAE2BBB3583A25F6B5E54AFE8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ky12IdDaP7GgvBHmD0IRiAa0hKg.roa
Signing time: Mon 22 May 2023 08:09:24 +0000
ROA not before: Mon 22 May 2023 08:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.64.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.4.0/24 maxlen: 24
82.153.10.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.70.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.153.208.0/24 maxlen: 24
82.153.209.0/24 maxlen: 24
82.153.210.0/24 maxlen: 24
82.153.211.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:81:86:0f:ae:2b:bb:35:83:a2:5f:6b:5e:54:af:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 22 08:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b2d7621d0da3fb1a0bc11e60f42118806b484a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:30:56:10:1f:27:7e:fb:01:94:e0:55:d8:53:
e8:86:0b:76:1f:47:e7:bc:a4:dc:d0:2a:72:04:b9:
04:d8:7a:43:b5:ef:43:0b:76:f1:c9:d7:06:0c:a4:
16:c2:2e:68:ff:ab:4b:4a:ac:f1:cd:00:85:d3:26:
e1:ed:05:7d:3a:f4:24:42:8d:1f:19:79:43:05:a9:
77:05:6e:fb:60:1c:4e:9f:2b:66:86:a9:34:f9:9a:
ea:9c:8d:40:6a:df:9e:ab:32:66:64:f9:85:28:6e:
60:97:e2:10:ba:4d:be:39:01:2b:af:1d:ac:3d:e2:
c5:94:90:98:e0:8b:22:45:53:fe:62:37:6c:ad:09:
b7:8a:d7:40:9a:10:c8:54:e8:b7:11:07:d3:7d:22:
25:ff:aa:36:59:33:ba:1b:23:aa:88:79:4d:85:ef:
77:cd:72:b6:7b:ef:45:4c:13:4b:0c:c3:48:ef:0b:
f2:13:6e:66:9c:92:f5:1d:1a:dc:31:f6:5c:c4:b6:
18:ae:2f:c7:88:9f:84:76:74:31:e8:a5:e4:51:ba:
a1:2a:6b:ef:b6:84:7a:c3:c9:df:67:fa:5a:6e:71:
43:f0:62:a1:24:5b:eb:41:a8:af:e4:13:a2:23:76:
91:62:bb:31:5e:4c:e2:a3:04:ec:8e:5c:ce:a5:dc:
0e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2D:76:21:D0:DA:3F:B1:A0:BC:11:E6:0F:42:11:88:06:B4:84:A8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ky12IdDaP7GgvBHmD0IRiAa0hKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.35.0/24
81.168.119.0/24
81.168.123.0/24
82.152.174.0/23
82.152.249.0/24
82.152.251.0/24
82.152.253.0-82.152.255.255
82.153.4.0/24
82.153.10.0/24
82.153.64.0/23
82.153.68.0/24
82.153.70.0/23
82.153.73.0/24
82.153.208.0/22
82.153.222.0/24
82.153.246.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
68:d2:23:6d:38:ab:b0:ff:aa:19:4f:7a:01:1d:14:4d:c3:9f:
35:ee:3f:e0:73:c0:95:2a:83:fc:4e:2d:8d:a3:0b:8e:ac:9e:
01:a3:ff:80:e8:8d:ff:6c:5b:cd:a1:bd:2a:e3:2e:74:1e:94:
cd:f9:5c:af:76:89:13:be:fe:33:44:4f:e3:6c:fc:c6:80:a0:
54:7a:bd:bd:39:82:55:a9:04:f8:90:47:c8:9a:f5:9d:d5:cd:
65:97:78:07:f7:cd:95:0e:43:08:fd:c6:a6:52:1e:67:53:18:
32:16:e0:6d:48:3e:c0:4b:7e:b0:80:14:40:b7:32:aa:b4:44:
55:b6:9a:e2:ac:de:37:85:14:65:fe:e9:d5:f3:40:b5:20:68:
5b:71:f0:93:a3:2b:dd:d4:1b:54:0c:f5:f1:be:5c:c5:89:13:
7c:94:d1:29:55:21:39:38:ff:45:30:57:1c:09:75:9d:1c:aa:
a7:ec:a1:ab:e7:0f:93:46:0a:6b:7d:50:58:86:a1:8e:9f:79:
22:b1:8b:41:4e:bc:14:a5:55:d2:b5:67:45:de:f7:66:b3:9d:
7c:29:a1:b0:ad:38:a5:16:0b:cf:5d:dc:23:16:e7:a6:06:9e:
6f:d5:25:75:60:ad:28:11:4d:22:85:a3:f6:e5:c2:73:fb:97:
22:96:f0:7f
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYhCgYYPriu7NYOiX2teVK/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTIyMDgwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjJkNzYyMWQwZGEzZmIxYTBiYzExZTYwZjQyMTE4ODA2YjQ4NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujBWEB8nfvsBlOBV2FPohgt2H0fn
vKTc0CpyBLkE2HpDte9DC3bxydcGDKQWwi5o/6tLSqzxzQCF0ybh7QV9OvQkQo0f
GXlDBal3BW77YBxOnytmhqk0+ZrqnI1Aat+eqzJmZPmFKG5gl+IQuk2+OQErrx2s
PeLFlJCY4IsiRVP+YjdsrQm3itdAmhDIVOi3EQfTfSIl/6o2WTO6GyOqiHlNhe93
zXK2e+9FTBNLDMNI7wvyE25mnJL1HRrcMfZcxLYYri/HiJ+EdnQx6KXkUbqhKmvv
toR6w8nfZ/pabnFD8GKhJFvrQaiv5BOiI3aRYrsxXkziowTsjlzOpdwO0wIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFCstdiHQ2j+xoLwR5g9CEYgGtISoMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS3kxMklkRGFQN0dndkJIbUQwSVJpQWEwaEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbQMEAFGoIwME
AFGodwMEAFGoewMEAVKYrgMEAFKY+QMEAFKY+zALAwQAUpj9AwMAUpgDBABSmQQD
BABSmQoDBAFSmUADBABSmUQDBAFSmUYDBABSmUkDBAJSmdADBABSmd4DBABSmfYD
BAFSmfgwDQYJKoZIhvcNAQELBQADggEBAGjSI204q7D/qhlPegEdFE3DnzXuP+Bz
wJUqg/xOLY2jC46sngGj/4Dojf9sW82hvSrjLnQelM35XK92iRO+/jNET+Ns/MaA
oFR6vb05glWpBPiQR8ia9Z3VzWWXeAf3zZUOQwj9xqZSHmdTGDIW4G1IPsBLfrCA
FEC3Mqq0RFW2muKs3jeFFGX+6dXzQLUgaFtx8JOjK93UG1QM9fG+XMWJE3yU0SlV
ITk4/0UwVxwJdZ0cqqfsoavnD5NGCmt9UFiGoY6feSKxi0FOvBSlVdK1Z0Xe92az
nXwpobCtOKUWC89d3CMW56YGnm/VJXVgrSgRTSKFo/blwnP7lyKW8H8=
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:40:43 2025 by rpki-client