Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KTae2wFMCCVKsgLMwfVf8_dxp-8.roa
File: KTae2wFMCCVKsgLMwfVf8_dxp-8.roa (raw, json)
Hash identifier: x8RqvhVmxxXVp9KZPrIIQ4BkxGGEQh83HEYGWJkfqwc=
Subject key identifier: 29:36:9E:DB:01:4C:08:25:4A:B2:02:CC:C1:F5:5F:F3:F7:71:A7:EF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189012E974CB3B603126725ECC69B721F31
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KTae2wFMCCVKsgLMwfVf8_dxp-8.roa
Signing time: Wed 28 Jun 2023 08:46:17 +0000
ROA not before: Wed 28 Jun 2023 08:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 213.152.61.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.209.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:01:2e:97:4c:b3:b6:03:12:67:25:ec:c6:9b:72:1f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 28 08:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29369edb014c08254ab202ccc1f55ff3f771a7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fa:36:03:da:a1:ca:16:9d:a9:61:bf:4c:a5:
b5:9b:4d:4b:78:05:44:cd:28:3b:73:97:13:5f:c4:
df:01:87:86:b2:6e:24:e2:72:0f:bf:5b:38:62:76:
44:c1:d7:26:4d:5c:82:f3:08:6a:12:86:dc:19:80:
7d:93:9f:e0:24:8e:d6:03:83:02:fd:4a:98:9d:5b:
fb:65:d8:e8:b4:c1:65:5d:f9:aa:25:c9:7d:fb:54:
ac:95:a1:99:bd:f9:ed:5d:bb:81:c3:17:37:08:f6:
d5:58:8e:14:36:2c:f4:6f:3a:85:68:6f:9e:ff:77:
f6:74:a1:ca:24:26:e6:cb:ce:07:d4:58:ec:bc:ee:
87:de:67:cd:59:12:dc:94:c5:32:45:bc:3f:53:c6:
58:4f:a0:3b:26:96:2b:1c:91:ae:5f:e3:0b:01:ef:
d9:53:8c:14:8a:48:2a:f4:6e:c9:51:19:ce:2d:a8:
af:cb:0b:d1:f4:7c:a8:ae:cf:22:b2:fa:da:61:4e:
64:21:b1:29:10:6d:96:e1:eb:80:94:9f:f7:99:e8:
92:c4:ec:3c:39:51:06:37:bc:f9:c5:fa:3a:ee:ef:
37:b7:3a:ca:5c:57:fd:09:51:fa:c9:ad:f3:61:51:
2c:d4:c2:d9:d7:3f:35:14:83:f4:45:89:78:b7:c2:
9d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:36:9E:DB:01:4C:08:25:4A:B2:02:CC:C1:F5:5F:F3:F7:71:A7:EF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KTae2wFMCCVKsgLMwfVf8_dxp-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.78.0/24
109.176.208.0/23
109.176.211.0/24
109.176.219.0/24
109.176.221.0/24
109.176.223.0/24
213.152.61.0/24
Signature Algorithm: sha256WithRSAEncryption
47:6b:6f:77:db:6e:fe:bf:7f:ce:f2:ca:ae:d5:a4:57:fe:76:
d5:38:4b:3d:48:8a:c5:ec:2e:d6:87:09:f3:20:0f:44:75:3f:
72:1f:01:e8:cf:ab:b3:3e:f2:a7:e5:50:c2:e2:d4:0f:68:73:
be:41:f8:7a:a7:fa:d8:af:ad:d0:6e:6e:21:34:71:49:0d:36:
58:d2:5a:21:cc:bf:ef:da:7a:00:c8:f1:a7:a3:74:9a:6e:70:
f6:78:73:e4:58:46:9e:7c:d9:43:78:70:09:96:00:03:23:fd:
e6:17:b5:7d:05:73:45:02:f8:93:d4:86:64:3f:2d:40:cd:4c:
f8:0a:4f:7c:22:24:18:a7:6a:2d:5b:6e:60:bd:a7:a1:e1:96:
f9:7b:41:ad:84:e9:9d:94:c5:39:fd:e5:c4:c6:bd:29:bc:51:
59:6a:f7:b6:ca:66:a5:7f:82:fb:74:1c:35:64:fe:8d:17:e4:
25:f9:28:89:62:62:6d:f1:0e:45:c9:00:ec:d2:73:09:c1:05:
aa:4d:97:69:58:1f:05:7a:09:b4:af:99:c4:3f:a7:a4:36:75:
7e:98:38:f6:e8:1c:af:d2:3a:78:2e:01:bf:e9:02:4b:0a:ce:
77:3f:48:2c:ef:e1:a9:a2:84:d9:09:93:26:f1:7a:68:ba:69:
47:35:62:0e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYkBLpdMs7YDEmcl7Mabch8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjI4MDg0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM2OWVkYjAxNGMwODI1NGFiMjAyY2NjMWY1NWZmM2Y3NzFhN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/o2A9qhyhadqWG/TKW1m01LeAVE
zSg7c5cTX8TfAYeGsm4k4nIPv1s4YnZEwdcmTVyC8whqEobcGYB9k5/gJI7WA4MC
/UqYnVv7ZdjotMFlXfmqJcl9+1SslaGZvfntXbuBwxc3CPbVWI4UNiz0bzqFaG+e
/3f2dKHKJCbmy84H1FjsvO6H3mfNWRLclMUyRbw/U8ZYT6A7JpYrHJGuX+MLAe/Z
U4wUikgq9G7JURnOLaivywvR9Hyors8isvraYU5kIbEpEG2W4euAlJ/3meiSxOw8
OVEGN7z5xfo67u83tzrKXFf9CVH6ya3zYVEs1MLZ1z81FIP0RYl4t8KdOwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCk2ntsBTAglSrICzMH1X/P3cafvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS1RhZTJ3Rk1DQ1ZLc2dMTXdmVmY4X2R4cC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUplOAwQB
bbDQAwQAbbDTAwQAbbDbAwQAbbDdAwQAbbDfAwQA1Zg9MA0GCSqGSIb3DQEBCwUA
A4IBAQBHa293227+v3/O8squ1aRX/nbVOEs9SIrF7C7WhwnzIA9EdT9yHwHoz6uz
PvKn5VDC4tQPaHO+Qfh6p/rYr63Qbm4hNHFJDTZY0lohzL/v2noAyPGno3SabnD2
eHPkWEaefNlDeHAJlgADI/3mF7V9BXNFAviT1IZkPy1AzUz4Ck98IiQYp2otW25g
vaeh4Zb5e0GthOmdlMU5/eXExr0pvFFZave2ymalf4L7dBw1ZP6NF+Ql+SiJYmJt
8Q5FyQDs0nMJwQWqTZdpWB8Fegm0r5nEP6ekNnV+mDj26Byv0jp4LgG/6QJLCs53
P0gs7+GpooTZCZMm8XpoumlHNWIO
-----END CERTIFICATE-----
Generated at Sat May 17 02:24:58 2025 by rpki-client