Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EL7-M806H04DFyIIHYuBz7iD0hE.roa
File: EL7-M806H04DFyIIHYuBz7iD0hE.roa (raw, json)
Hash identifier: Xo1G9DRD8tSYgBFqUXE2CfFAC+QXetnIpR+foN02MGI=
Subject key identifier: 10:BE:FE:33:CD:3A:1F:4E:03:17:22:08:1D:8B:81:CF:B8:83:D2:11
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01891C7B9F70A6D4366FA89930962FB4AABA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EL7-M806H04DFyIIHYuBz7iD0hE.roa
Signing time: Mon 03 Jul 2023 16:00:11 +0000
ROA not before: Mon 03 Jul 2023 16:00:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.5.189.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.246.0/24 maxlen: 24
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.152.108.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:7b:9f:70:a6:d4:36:6f:a8:99:30:96:2f:b4:aa:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 3 16:00:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10befe33cd3a1f4e031722081d8b81cfb883d211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:93:13:f4:0e:dc:b1:03:cb:72:d7:8a:99:22:
ed:cd:b1:04:5e:7e:4d:35:c4:d8:37:b6:7e:28:0c:
7c:fb:e9:0f:a6:88:8c:4e:d4:d0:62:65:8e:c7:cf:
80:97:f2:d5:c8:a9:cd:ee:2e:91:0a:f5:7d:ac:60:
5b:79:ad:b9:4c:db:0e:9f:c3:08:15:12:a2:d4:a5:
56:fe:43:dc:ac:bd:30:e5:78:e3:fe:cb:99:69:d1:
cf:77:c1:72:93:8a:be:f7:23:0d:f4:05:40:02:27:
11:29:49:77:7e:dc:5e:58:89:9a:b1:91:d2:75:94:
32:4a:e7:d8:f8:d3:ac:9f:65:e7:93:79:c5:55:12:
fb:d3:fe:aa:e5:3a:f3:71:2f:a6:00:61:7d:63:83:
3c:99:a0:97:af:57:a1:de:f8:76:73:1e:f8:22:66:
46:0f:7b:a5:29:8e:ff:98:52:39:14:4e:1c:7f:8c:
0b:4d:5f:b0:9c:04:f4:49:2a:0f:37:68:2a:61:4b:
e9:28:7c:09:49:88:3e:20:fe:0b:3b:04:13:e5:31:
bd:e5:b9:5e:ab:3e:08:55:d6:1b:1c:27:30:9c:c8:
d1:26:73:f4:81:12:1a:1d:e3:cd:aa:ae:75:62:72:
00:9d:48:6c:c5:c4:c1:bf:a3:e9:48:e3:b6:04:a3:
c8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:BE:FE:33:CD:3A:1F:4E:03:17:22:08:1D:8B:81:CF:B8:83:D2:11
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EL7-M806H04DFyIIHYuBz7iD0hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.119.0/24
81.168.123.0/24
82.152.108.0/24
82.152.111.0/24
82.152.253.0/24
82.153.73.0/24
82.153.136.0/22
82.153.223.0/24
82.153.246.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
68:fe:50:aa:69:15:6c:16:35:fd:07:3d:21:22:33:52:10:44:
90:1b:ca:01:61:12:3c:4f:38:94:f5:5b:1e:43:b5:d8:8c:34:
f6:f1:73:9d:94:e1:f0:84:d6:ce:69:cb:f4:92:ae:b3:4e:de:
3d:d1:3f:32:73:cd:1b:a4:36:8a:e5:4f:cc:00:a7:b3:8d:34:
59:23:9d:ca:56:a4:ab:d8:37:ab:d1:c8:15:97:66:c5:f4:63:
3a:ca:4c:1b:92:a6:74:08:9a:41:1a:cd:2a:10:4a:70:b4:3c:
72:d1:4f:09:a7:49:55:12:03:92:b3:54:d4:e3:44:9c:7b:fe:
69:1f:3e:c3:8b:46:0d:47:7b:2b:90:07:a0:12:19:51:71:44:
eb:fa:5e:b7:3a:be:7a:71:03:41:7c:6e:6e:30:df:fb:49:c2:
a4:dd:5f:38:e8:4b:10:2a:30:13:48:8b:db:45:98:8c:a4:48:
95:48:b7:81:cd:d6:3a:e9:a7:92:5c:f5:c3:cf:8a:33:0b:02:
e3:a9:73:52:cc:6a:24:2d:4f:be:3e:ba:a8:df:0f:4b:75:d1:
9e:24:f1:ea:61:98:8c:7f:32:de:58:ad:fe:99:f6:35:e4:58:
11:95:77:eb:e9:a4:93:f2:92:d2:77:1c:20:23:37:5c:be:83:
19:7a:01:2f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYkce59wptQ2b6iZMJYvtKq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzAzMTYwMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGJlZmUzM2NkM2ExZjRlMDMxNzIyMDgxZDhiODFjZmI4ODNkMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJMT9A7csQPLcteKmSLtzbEEXn5N
NcTYN7Z+KAx8++kPpoiMTtTQYmWOx8+Al/LVyKnN7i6RCvV9rGBbea25TNsOn8MI
FRKi1KVW/kPcrL0w5Xjj/suZadHPd8Fyk4q+9yMN9AVAAicRKUl3ftxeWImasZHS
dZQySufY+NOsn2Xnk3nFVRL70/6q5TrzcS+mAGF9Y4M8maCXr1eh3vh2cx74ImZG
D3ulKY7/mFI5FE4cf4wLTV+wnAT0SSoPN2gqYUvpKHwJSYg+IP4LOwQT5TG95ble
qz4IVdYbHCcwnMjRJnP0gRIaHePNqq51YnIAnUhsxcTBv6PpSOO2BKPIuwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBC+/jPNOh9OAxciCB2Lgc+4g9IRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRUw3LU04MDZIMDRERnlJSUhZdUJ6N2lEMGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUQW9AwQA
Uah3AwQAUah7AwQAUphsAwQAUphvAwQAUpj9AwQAUplJAwQCUpmIAwQAUpnfAwQA
Upn2AwQBUpn4MA0GCSqGSIb3DQEBCwUAA4IBAQBo/lCqaRVsFjX9Bz0hIjNSEESQ
G8oBYRI8TziU9VseQ7XYjDT28XOdlOHwhNbOacv0kq6zTt490T8yc80bpDaK5U/M
AKezjTRZI53KVqSr2Der0cgVl2bF9GM6ykwbkqZ0CJpBGs0qEEpwtDxy0U8Jp0lV
EgOSs1TU40Sce/5pHz7Di0YNR3srkAegEhlRcUTr+l63Or56cQNBfG5uMN/7ScKk
3V846EsQKjATSIvbRZiMpEiVSLeBzdY66aeSXPXDz4ozCwLjqXNSzGokLU++Prqo
3w9LddGeJPHqYZiMfzLeWK3+mfY15FgRlXfr6aST8pLSdxwgIzdcvoMZegEv
-----END CERTIFICATE-----
Generated at Sat May 17 02:19:15 2025 by rpki-client