Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZyY7kwgDoaJ49PHBpQbhR6dWvY.roa
File: rZyY7kwgDoaJ49PHBpQbhR6dWvY.roa (raw, json)
Hash identifier: 7eko0/b79NEJxGgAWsP5jefe1iFaI0M+yC45kHuCtco=
Subject key identifier: AD:9C:98:EE:4C:20:0E:86:89:E3:D3:C7:06:94:1B:85:1E:9D:5A:F6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0187461BB81D6634DA6180C4BFC07CA594D3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZyY7kwgDoaJ49PHBpQbhR6dWvY.roa
Signing time: Mon 03 Apr 2023 07:53:54 +0000
ROA not before: Mon 03 Apr 2023 07:53:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 82.153.242.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:1b:b8:1d:66:34:da:61:80:c4:bf:c0:7c:a5:94:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 3 07:53:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad9c98ee4c200e8689e3d3c706941b851e9d5af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e7:4f:34:d5:17:02:40:58:ac:df:fb:d0:87:
c0:4e:75:cd:96:e7:da:57:98:3a:8d:ce:c6:47:b6:
c9:6a:ba:93:a4:0e:d9:8f:6c:f2:f4:1a:98:d4:3d:
92:7a:71:c8:e4:8d:ab:e9:b8:db:26:97:98:81:3a:
8c:6b:de:ef:7c:24:20:70:d3:32:dc:3c:dd:f8:1d:
9d:2e:38:8e:7e:8c:ba:b5:e1:88:7b:eb:df:e7:65:
ff:f2:bd:5c:b9:45:1c:0f:a0:b4:6a:f2:fe:84:98:
c1:d1:20:71:f1:5b:57:32:a7:39:ca:73:d1:06:46:
d8:6e:b3:f3:e5:10:5b:5c:7a:f3:e2:66:70:15:f7:
22:f1:69:44:23:07:70:9b:ca:00:8d:60:a9:21:6b:
e9:0f:c3:71:75:f6:2e:12:63:79:e0:6c:ce:a4:25:
84:f2:10:60:3e:f6:aa:78:97:63:c4:88:44:fc:c3:
46:c4:be:4d:38:fc:dd:e6:67:2e:a3:f1:36:1d:26:
f8:b1:c8:86:e6:e7:80:3d:55:26:f8:1c:17:f5:09:
28:00:c1:70:c7:da:c8:1f:52:0e:7d:20:ec:bf:76:
52:ee:38:3f:95:8d:1c:e0:62:46:4e:3b:c8:e9:0a:
32:d9:a5:65:d2:db:8d:8f:f0:3c:e6:c7:3d:70:e2:
af:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9C:98:EE:4C:20:0E:86:89:E3:D3:C7:06:94:1B:85:1E:9D:5A:F6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZyY7kwgDoaJ49PHBpQbhR6dWvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.65.0/24
82.153.242.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:89:19:7c:69:8e:22:cd:3b:22:6b:4b:f7:4e:19:17:8e:9a:
53:81:53:5f:3b:69:36:25:d1:65:e1:bb:de:b6:86:a5:dc:78:
3e:f1:9b:0d:23:8c:e1:84:13:f5:59:90:79:a5:6f:5f:ad:ad:
6c:8d:e0:4f:f6:99:c4:a3:97:c0:f9:62:d7:8d:a4:68:cf:b3:
cc:a1:d2:8c:ff:41:43:fb:94:ae:26:bb:1a:cd:11:79:a1:ed:
68:67:80:48:ee:c3:53:b5:5e:ae:eb:45:0c:07:4e:1b:f5:61:
b6:92:ae:df:9b:cd:71:bd:ab:e8:1e:62:b7:73:7f:e5:ba:18:
7c:92:3a:86:eb:c8:2e:10:39:d9:b4:14:f5:e5:75:7e:95:25:
82:25:f9:b1:f9:24:d2:d3:20:ac:9f:3a:8e:25:e7:b9:a7:1f:
ef:09:4c:1b:7d:b2:6e:b0:24:5f:b8:c6:be:ea:56:21:6b:c1:
72:ef:fa:72:28:b6:3f:06:01:b9:57:0e:40:e3:4e:9f:d6:d5:
8b:58:b2:7c:9d:f6:6c:96:e5:d4:28:7c:c3:77:54:3d:b1:8e:
2d:09:17:91:1b:c5:0f:a6:65:2f:f4:b0:bd:b7:e2:89:a1:d3:
1a:2f:17:b2:f5:ea:1b:6c:9f:4f:1c:83:87:cc:55:a6:bc:58:
ac:f9:2d:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdGG7gdZjTaYYDEv8B8pZTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDAzMDc1MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDljOThlZTRjMjAwZTg2ODllM2QzYzcwNjk0MWI4NTFlOWQ1YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiudPNNUXAkBYrN/70IfATnXNlufa
V5g6jc7GR7bJarqTpA7Zj2zy9BqY1D2SenHI5I2r6bjbJpeYgTqMa97vfCQgcNMy
3Dzd+B2dLjiOfoy6teGIe+vf52X/8r1cuUUcD6C0avL+hJjB0SBx8VtXMqc5ynPR
BkbYbrPz5RBbXHrz4mZwFfci8WlEIwdwm8oAjWCpIWvpD8NxdfYuEmN54GzOpCWE
8hBgPvaqeJdjxIhE/MNGxL5NOPzd5mcuo/E2HSb4sciG5ueAPVUm+BwX9QkoAMFw
x9rIH1IOfSDsv3ZS7jg/lY0c4GJGTjvI6Qoy2aVl0tuNj/A85sc9cOKvkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK2cmO5MIA6GiePTxwaUG4UenVr2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvclp5WTdrd2dEb2FKNDlQSEJwUWJoUjZkV3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplBAwQA
UpnyMA0GCSqGSIb3DQEBCwUAA4IBAQCMiRl8aY4izTsia0v3ThkXjppTgVNfO2k2
JdFl4bvetoal3Hg+8ZsNI4zhhBP1WZB5pW9fra1sjeBP9pnEo5fA+WLXjaRoz7PM
odKM/0FD+5SuJrsazRF5oe1oZ4BI7sNTtV6u60UMB04b9WG2kq7fm81xvavoHmK3
c3/luhh8kjqG68guEDnZtBT15XV+lSWCJfmx+STS0yCsnzqOJee5px/vCUwbfbJu
sCRfuMa+6lYha8Fy7/pyKLY/BgG5Vw5A406f1tWLWLJ8nfZsluXUKHzDd1Q9sY4t
CReRG8UPpmUv9LC9t+KJodMaLxey9eobbJ9PHIOHzFWmvFis+S2X
-----END CERTIFICATE-----
Generated at Thu May 1 11:12:57 2025 by rpki-client