Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ywwtIjD4xYH8Azg7roAbWKAzyUo.roa
File: ywwtIjD4xYH8Azg7roAbWKAzyUo.roa (raw, json)
Hash identifier: KdiS/WgU2mR9h+fdfAY4jYL2arAU1Y03ao7Ltfu59ho=
Subject key identifier: CB:0C:2D:22:30:F8:C5:81:FC:03:38:3B:AE:80:1B:58:A0:33:C9:4A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C305CDE26A4A3FDAFF022BD23EF9B5A82
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ywwtIjD4xYH8Azg7roAbWKAzyUo.roa
Signing time: Sun 03 Dec 2023 15:47:21 +0000
ROA not before: Sun 03 Dec 2023 15:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.213.180.0/22 maxlen: 24
89.213.182.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
109.176.245.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:30:5c:de:26:a4:a3:fd:af:f0:22:bd:23:ef:9b:5a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 3 15:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb0c2d2230f8c581fc03383bae801b58a033c94a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c5:1f:71:fa:e7:b4:7a:e3:21:43:94:2f:b8:
6d:10:81:de:f7:09:56:f5:28:04:9e:ce:c5:66:67:
43:ef:5b:1e:84:2d:18:f6:31:ac:7c:ba:98:f2:f5:
42:94:65:c9:eb:34:20:dd:ff:76:1f:d9:17:40:29:
e0:39:b0:c0:b6:c2:bc:96:ab:08:07:0a:02:69:43:
71:00:6a:65:99:ff:0f:81:59:db:7c:e9:50:34:66:
5e:e5:e7:4e:82:5f:b4:df:7e:98:d5:85:9d:4e:59:
14:7b:c2:b1:fb:99:44:8e:dc:09:af:4d:76:a2:62:
df:24:cf:b5:02:b2:7e:8b:c1:c3:31:54:c1:38:27:
ab:16:c4:a0:71:e0:d6:98:59:2c:b6:42:bb:8e:d0:
09:b0:c1:0c:e2:ab:69:27:a3:e2:70:63:b3:5c:12:
4f:2b:38:fd:4a:be:ac:2f:9b:66:13:b3:45:8d:20:
93:a7:be:40:12:37:98:57:3b:62:57:26:64:5e:91:
e0:4e:c5:e5:83:70:c4:49:9c:47:f5:29:8e:6f:12:
5f:da:95:b7:aa:bd:d6:7b:97:00:53:91:a7:6e:38:
36:ad:92:19:5a:fe:f1:0d:ba:fc:31:ca:cf:25:d4:
3e:70:bd:a5:41:c7:16:a8:a1:34:be:55:fe:2f:1d:
03:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0C:2D:22:30:F8:C5:81:FC:03:38:3B:AE:80:1B:58:A0:33:C9:4A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ywwtIjD4xYH8Azg7roAbWKAzyUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/22
109.176.245.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:74:37:d1:be:37:00:0c:58:3a:51:8e:58:2a:8b:c6:40:e3:
72:88:b8:1b:65:11:ab:39:c2:f0:3a:af:16:45:0c:f5:91:b4:
e2:de:90:7f:bc:20:27:ec:66:0b:57:c0:d6:ba:8d:7d:87:7b:
3b:31:da:1b:a9:08:f3:b8:65:70:e5:5e:f4:07:d2:c8:d9:4a:
7a:df:1f:6f:d9:f6:12:4e:71:83:07:81:03:1a:7a:06:31:2c:
29:4f:f1:b7:12:86:87:53:47:e4:cf:03:06:f3:61:e1:3d:85:
3f:1c:12:51:8a:6b:b5:df:fc:94:a4:88:03:92:12:2a:86:50:
62:3f:b7:9d:da:95:83:fd:c8:1f:a5:e9:72:db:ff:b4:35:c3:
07:cf:30:07:3d:b9:c0:d3:da:57:39:b1:e8:c9:65:b1:3c:01:
de:87:59:d9:d8:a0:7f:84:59:00:83:2a:ed:04:25:ca:4b:be:
95:44:0d:c2:10:c5:6f:55:c8:28:d1:32:23:76:43:81:ba:77:
8b:71:44:9c:9a:0e:3b:ce:46:3c:9e:2e:46:46:9a:b1:cc:e7:
78:41:81:a3:18:e1:11:30:de:92:0d:01:d0:51:b0:5f:be:7b:
1b:84:10:58:6e:89:73:36:f9:eb:9f:79:26:18:bb:15:c7:17:
6c:5d:c5:27
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYwwXN4mpKP9r/AivSPvm1qCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjAzMTU0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBjMmQyMjMwZjhjNTgxZmMwMzM4M2JhZTgwMWI1OGEwMzNjOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8UfcfrntHrjIUOUL7htEIHe9wlW
9SgEns7FZmdD71sehC0Y9jGsfLqY8vVClGXJ6zQg3f92H9kXQCngObDAtsK8lqsI
BwoCaUNxAGplmf8PgVnbfOlQNGZe5edOgl+0336Y1YWdTlkUe8Kx+5lEjtwJr012
omLfJM+1ArJ+i8HDMVTBOCerFsSgceDWmFkstkK7jtAJsMEM4qtpJ6PicGOzXBJP
Kzj9Sr6sL5tmE7NFjSCTp75AEjeYVztiVyZkXpHgTsXlg3DESZxH9SmObxJf2pW3
qr3We5cAU5Gnbjg2rZIZWv7xDbr8McrPJdQ+cL2lQccWqKE0vlX+Lx0DPwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMsMLSIw+MWB/AM4O66AG1igM8lKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveXd3dElqRDR4WUg4QXpnN3JvQWJXS0F6eVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQC
UpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBAJZ1bQDBABtsPUDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBACt0N9G+NwAMWDpRjlgqi8ZA43KIuBtlEas5wvA6
rxZFDPWRtOLekH+8ICfsZgtXwNa6jX2Hezsx2hupCPO4ZXDlXvQH0sjZSnrfH2/Z
9hJOcYMHgQMaegYxLClP8bcShodTR+TPAwbzYeE9hT8cElGKa7Xf/JSkiAOSEiqG
UGI/t53alYP9yB+l6XLb/7Q1wwfPMAc9ucDT2lc5sejJZbE8Ad6HWdnYoH+EWQCD
Ku0EJcpLvpVEDcIQxW9VyCjRMiN2Q4G6d4txRJyaDjvORjyeLkZGmrHM53hBgaMY
4REw3pINAdBRsF++exuEEFhuiXM2+eufeSYYuxXHF2xdxSc=
-----END CERTIFICATE-----
Generated at Tue Apr 29 23:29:50 2025 by rpki-client