Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hSLH1QoCm2Ei4xw87jRvLLlESic.roa
File: hSLH1QoCm2Ei4xw87jRvLLlESic.roa (raw, json)
Hash identifier: 4l9RHYPX9mutz4jDGMv4rUXtuiePz0c99IXoH8DWZ+0=
Subject key identifier: 85:22:C7:D5:0A:02:9B:61:22:E3:1C:3C:EE:34:6F:2C:B9:44:4A:27
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018267EE405C33BEBE288E22A4392FDABE90
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hSLH1QoCm2Ei4xw87jRvLLlESic.roa
Signing time: Thu 04 Aug 2022 08:17:23 +0000
ROA not before: Thu 04 Aug 2022 08:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206509
IP address blocks: 81.168.0.0/17 maxlen: 17
81.5.128.0/18 maxlen: 18
109.176.0.0/16 maxlen: 16
82.152.0.0/15 maxlen: 15
213.152.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:67:ee:40:5c:33:be:be:28:8e:22:a4:39:2f:da:be:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 4 08:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8522c7d50a029b6122e31c3cee346f2cb9444a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e3:6e:c2:cc:77:47:1a:64:8d:a5:4d:b6:5f:
dd:b0:2f:fd:8c:d3:40:5f:44:c2:8e:a8:ae:91:91:
ff:b3:4f:29:ec:52:0c:58:4a:15:06:05:ac:e8:b3:
e2:72:17:ca:88:57:38:a1:fb:16:53:ec:dc:b9:94:
5c:9d:ee:e5:2f:7e:e0:65:52:31:58:9f:4f:7d:6a:
62:64:27:2d:b1:5f:8b:10:40:6e:60:15:ae:ad:ab:
63:8d:2d:ad:a6:3f:08:90:c2:25:e0:b3:22:1e:e1:
d1:11:9d:19:cb:16:d3:93:b1:ab:69:82:6a:de:41:
a2:02:c8:ab:21:7d:f9:aa:cf:60:fc:38:c6:84:2d:
f5:9b:5d:9a:7b:a8:05:20:a4:fe:a4:1f:d3:54:97:
74:d8:94:cd:7b:71:81:57:aa:12:7a:77:91:6d:37:
0a:21:76:94:09:82:51:84:4f:0e:33:de:b1:91:65:
89:06:d7:64:4b:1c:6e:b4:d5:04:96:e0:2d:65:c6:
23:bb:97:21:04:98:64:94:7c:2a:7f:0f:ce:c0:e8:
70:5a:a5:10:86:45:0b:b2:73:d2:ba:2b:95:53:ad:
07:98:11:7b:82:23:79:b4:ea:35:36:3d:78:17:fd:
2b:dd:21:1c:ef:25:a7:96:ea:9e:c9:97:3c:f6:93:
15:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:22:C7:D5:0A:02:9B:61:22:E3:1C:3C:EE:34:6F:2C:B9:44:4A:27
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hSLH1QoCm2Ei4xw87jRvLLlESic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.128.0/18
81.168.0.0/17
82.152.0.0/15
109.176.0.0/16
213.152.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0f:29:42:98:fe:96:9a:85:28:68:a7:01:0b:73:70:09:2d:f0:
b1:ea:14:50:b1:de:4d:72:76:b9:6d:03:75:49:54:9d:6d:5b:
73:ba:ec:ec:00:ff:88:cf:a5:9b:d6:23:16:cc:a4:07:7a:60:
ff:d3:3e:85:3c:98:cd:de:55:cf:ef:57:2b:26:1b:4e:39:8f:
b0:42:bd:f4:4d:74:0d:b3:3a:88:b4:a0:57:02:c8:29:bf:de:
ba:23:48:9f:1b:67:0c:e5:fd:c8:93:5b:85:90:8a:c1:d2:de:
91:ef:8c:a0:27:ca:de:67:53:a2:d8:81:c3:05:13:4c:00:80:
7e:55:58:93:01:d0:83:e2:cc:8b:da:70:80:2c:9e:90:92:75:
19:d1:9e:50:9e:7b:30:39:14:a1:69:8d:88:7b:5e:07:b2:ec:
b1:38:49:72:3c:fa:bc:12:71:02:5f:92:f0:10:eb:22:84:e1:
6e:1e:d4:e0:8e:2a:99:8a:b3:64:6b:78:e9:ea:ef:5e:24:40:
86:aa:33:33:a7:ee:d7:85:6c:34:eb:6e:42:ff:a6:c6:ef:2e:
25:d9:53:26:49:93:ee:37:42:22:f8:b5:fb:a7:ac:97:5e:bd:
88:3b:b7:c0:7b:4d:6f:0c:d3:f0:b9:71:84:e2:77:8c:29:3f:
b4:e6:66:71
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYJn7kBcM76+KI4ipDkv2r6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwODA0MDgxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTIyYzdkNTBhMDI5YjYxMjJlMzFjM2NlZTM0NmYyY2I5NDQ0YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeNuwsx3RxpkjaVNtl/dsC/9jNNA
X0TCjqiukZH/s08p7FIMWEoVBgWs6LPichfKiFc4ofsWU+zcuZRcne7lL37gZVIx
WJ9PfWpiZCctsV+LEEBuYBWuratjjS2tpj8IkMIl4LMiHuHREZ0ZyxbTk7GraYJq
3kGiAsirIX35qs9g/DjGhC31m12ae6gFIKT+pB/TVJd02JTNe3GBV6oSeneRbTcK
IXaUCYJRhE8OM96xkWWJBtdkSxxutNUEluAtZcYju5chBJhklHwqfw/OwOhwWqUQ
hkULsnPSuiuVU60HmBF7giN5tOo1Nj14F/0r3SEc7yWnluqeyZc89pMVwwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIUix9UKApthIuMcPO40byy5REonMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaFNMSDFRb0NtMkVpNHh3ODdqUnZMTGxFU2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcAwQGUQWAAwQH
UagAAwMBUpgDAwBtsAMEBdWYIDANBgkqhkiG9w0BAQsFAAOCAQEADylCmP6WmoUo
aKcBC3NwCS3wseoUULHeTXJ2uW0DdUlUnW1bc7rs7AD/iM+lm9YjFsykB3pg/9M+
hTyYzd5Vz+9XKyYbTjmPsEK99E10DbM6iLSgVwLIKb/euiNInxtnDOX9yJNbhZCK
wdLeke+MoCfK3mdTotiBwwUTTACAflVYkwHQg+LMi9pwgCyekJJ1GdGeUJ57MDkU
oWmNiHteB7LssThJcjz6vBJxAl+S8BDrIoThbh7U4I4qmYqzZGt46ervXiRAhqoz
M6fu14VsNOtuQv+mxu8uJdlTJkmT7jdCIvi1+6esl169iDu3wHtNbwzT8LlxhOJ3
jCk/tOZmcQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:57:45 2025 by rpki-client