Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/98FoDSEiz7zza8NAuWh-9f-mq-Y.roa
File: 98FoDSEiz7zza8NAuWh-9f-mq-Y.roa (raw, json)
Hash identifier: SEACUTYcWFBBrjroTK+xiMHuXRxLkIlfCb73x0a2/UQ=
Subject key identifier: F7:C1:68:0D:21:22:CF:BC:F3:6B:C3:40:B9:68:7E:F5:FF:A6:AB:E6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018921BE5BAFFE4CE0EF3EA3EE563F6E25C4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/98FoDSEiz7zza8NAuWh-9f-mq-Y.roa
Signing time: Tue 04 Jul 2023 16:31:10 +0000
ROA not before: Tue 04 Jul 2023 16:31:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 185.49.125.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.44.0/24 maxlen: 24
89.213.42.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
89.213.45.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:be:5b:af:fe:4c:e0:ef:3e:a3:ee:56:3f:6e:25:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 4 16:31:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7c1680d2122cfbcf36bc340b9687ef5ffa6abe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:85:e5:81:35:83:f1:2f:1f:1e:50:15:57:3e:
21:d1:be:b3:72:fd:e7:d3:8b:6a:39:1e:e1:eb:b6:
62:10:ca:5c:9c:c4:7f:07:31:fe:1a:8c:6b:03:41:
6e:c1:43:82:14:02:8f:f2:4e:9b:6f:f3:37:7b:15:
dc:54:61:b7:00:f7:3d:73:3b:bf:e8:ff:89:92:a3:
6a:af:11:1a:bc:56:57:d7:1d:cc:1d:d6:a0:ca:8a:
22:36:fc:2c:91:87:9c:e3:c6:a6:fe:12:9c:4c:e1:
9b:bd:40:54:6e:f8:6e:51:91:6d:5b:4e:3c:73:2a:
9d:1f:dd:72:66:01:03:c4:a8:c5:fa:7c:c1:75:97:
84:5e:04:1b:0c:53:a2:f4:0c:9b:4d:e6:18:62:5a:
a9:a1:c6:b7:13:36:54:78:90:71:e2:96:47:9d:99:
a3:37:86:76:e9:4e:be:7f:59:d3:a8:38:1e:a8:03:
02:b6:da:3d:87:0b:02:57:00:85:e8:97:38:7a:b5:
ca:db:ef:5c:75:c6:4c:4d:88:bf:f3:1b:af:86:05:
0f:13:b1:00:81:70:c4:39:4e:c6:40:9a:8d:32:6f:
1f:a5:f0:ff:6c:59:bd:4a:1f:bf:23:dd:ea:8e:72:
a2:16:b9:24:6b:68:c6:e9:bd:06:12:6a:22:d2:9d:
06:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C1:68:0D:21:22:CF:BC:F3:6B:C3:40:B9:68:7E:F5:FF:A6:AB:E6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/98FoDSEiz7zza8NAuWh-9f-mq-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.221.0/24
89.213.42.0/24
89.213.44.0/23
89.213.145.0/24
89.213.155.0/24
89.213.160.0/24
89.213.183.0/24
109.176.243.0/24
185.49.125.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:bd:94:72:02:fd:43:b3:4b:cc:3c:6c:17:fe:6d:fa:40:06:
ff:0d:c5:3e:34:26:68:40:9f:fa:0c:84:85:53:bf:51:75:1f:
0e:a7:8b:62:32:88:20:b3:0f:90:b5:d7:15:98:90:96:02:1c:
01:b9:48:3f:c9:08:e3:53:5f:ec:c2:92:a4:ec:e6:79:07:01:
81:aa:e4:ff:1e:84:cb:73:61:7d:76:6b:4f:00:2b:21:85:01:
47:4a:3c:ce:7a:a1:77:52:59:9a:8a:53:73:45:3b:14:0c:8a:
e2:cc:7e:97:0f:83:7f:9c:f9:3f:7f:e8:79:ea:9c:3b:d0:90:
d8:fc:53:76:04:66:ef:bc:c6:3c:5d:80:e5:28:32:75:92:8f:
2c:13:a0:a9:bf:5d:b0:d3:82:f8:53:6a:cf:3a:39:55:12:58:
8b:9f:c7:1f:7a:3e:ec:b5:e8:de:1d:4f:f8:52:1e:8b:26:e3:
b0:d6:33:50:9f:94:0a:17:18:8d:ba:91:ba:fc:22:8b:60:aa:
51:ec:cc:80:b2:49:94:66:69:bc:d4:2c:40:de:39:33:11:81:
b3:b5:e0:9a:e7:90:15:a6:d9:98:d3:d0:2d:44:6b:72:3d:74:
b7:0a:60:36:7b:d5:e9:4f:43:1c:f3:d0:c8:65:1f:b4:99:a6:
a2:35:79:32
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYkhvluv/kzg7z6j7lY/biXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA0MTYzMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2MxNjgwZDIxMjJjZmJjZjM2YmMzNDBiOTY4N2VmNWZmYTZhYmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIXlgTWD8S8fHlAVVz4h0b6zcv3n
04tqOR7h67ZiEMpcnMR/BzH+GoxrA0FuwUOCFAKP8k6bb/M3exXcVGG3APc9czu/
6P+JkqNqrxEavFZX1x3MHdagyooiNvwskYec48am/hKcTOGbvUBUbvhuUZFtW048
cyqdH91yZgEDxKjF+nzBdZeEXgQbDFOi9AybTeYYYlqpoca3EzZUeJBx4pZHnZmj
N4Z26U6+f1nTqDgeqAMCtto9hwsCVwCF6Jc4erXK2+9cdcZMTYi/8xuvhgUPE7EA
gXDEOU7GQJqNMm8fpfD/bFm9Sh+/I93qjnKiFrkka2jG6b0GEmoi0p0GCwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPfBaA0hIs+882vDQLlofvX/pqvmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOThGb0RTRWl6N3p6YThOQXVXaC05Zi1tcS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUpndAwQA
WdUqAwQBWdUsAwQAWdWRAwQAWdWbAwQAWdWgAwQAWdW3AwQAbbDzAwQAuTF9MA0G
CSqGSIb3DQEBCwUAA4IBAQAtvZRyAv1Ds0vMPGwX/m36QAb/DcU+NCZoQJ/6DISF
U79RdR8Op4tiMoggsw+QtdcVmJCWAhwBuUg/yQjjU1/swpKk7OZ5BwGBquT/HoTL
c2F9dmtPACshhQFHSjzOeqF3UlmailNzRTsUDIrizH6XD4N/nPk/f+h56pw70JDY
/FN2BGbvvMY8XYDlKDJ1ko8sE6Cpv12w04L4U2rPOjlVEliLn8cfej7stejeHU/4
Uh6LJuOw1jNQn5QKFxiNupG6/CKLYKpR7MyAskmUZmm81CxA3jkzEYGzteCa55AV
ptmY09AtRGtyPXS3CmA2e9XpT0Mc89DIZR+0maaiNXky
-----END CERTIFICATE-----
Generated at Sat May 17 02:24:38 2025 by rpki-client