Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M5OwoXOBxLiZZVmM6vJXrFGFoh8.roa
File: M5OwoXOBxLiZZVmM6vJXrFGFoh8.roa (raw, json)
Hash identifier: xxkFQJKRnmaNrq04igeDeXnjSJ8cx+yMTxztLBXTkIQ=
Subject key identifier: 33:93:B0:A1:73:81:C4:B8:99:65:59:8C:EA:F2:57:AC:51:85:A2:1F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01891C811BE1F449C74B64D805176A07A96F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M5OwoXOBxLiZZVmM6vJXrFGFoh8.roa
Signing time: Mon 03 Jul 2023 16:06:10 +0000
ROA not before: Mon 03 Jul 2023 16:06:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140155
IP address blocks: 89.213.174.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
109.176.252.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:81:1b:e1:f4:49:c7:4b:64:d8:05:17:6a:07:a9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 3 16:06:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3393b0a17381c4b89965598ceaf257ac5185a21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:93:c4:e7:8f:e5:b6:92:8c:0a:65:21:0d:62:
89:94:86:10:22:35:75:a7:e2:50:bf:c7:99:ab:cd:
1b:1a:9b:6b:5b:6a:b9:ab:69:c7:c1:49:fd:d6:4c:
31:52:e7:ca:f2:63:c3:db:a3:46:42:7c:0b:5d:19:
5c:95:ef:d8:5a:14:f2:f8:b3:f9:a5:7b:5d:11:15:
6d:ba:c9:c0:1d:87:f3:a1:44:c3:8a:9e:5d:37:05:
18:3a:00:42:7b:97:5a:1e:b1:6e:e4:55:fb:ec:e7:
16:70:f2:54:c8:08:0a:f9:50:07:54:bb:4e:77:f5:
93:66:1b:27:b6:d2:74:5b:1b:6d:bd:4d:74:91:be:
45:dd:d1:96:ac:ac:f9:c3:a9:25:16:56:40:56:87:
88:c7:ad:5c:ac:c8:60:81:b0:f4:c9:6f:b1:20:d4:
03:ea:da:5f:94:2f:77:1a:4b:c9:27:b3:f9:bf:cd:
0e:dc:a1:a6:b2:a9:78:bc:6d:d8:86:64:08:ba:5a:
43:55:d5:56:46:f9:c5:d6:2d:1e:92:24:ef:2f:be:
69:19:be:69:f1:db:43:33:35:c3:17:e3:94:3f:39:
87:37:67:dc:38:25:77:05:25:ca:1e:a1:92:9b:76:
de:b6:70:43:8a:de:95:c1:93:a7:88:1d:bc:be:c3:
54:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:93:B0:A1:73:81:C4:B8:99:65:59:8C:EA:F2:57:AC:51:85:A2:1F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M5OwoXOBxLiZZVmM6vJXrFGFoh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.225.0/24
82.153.227.0/24
89.213.141.0/24
89.213.146.0/24
89.213.154.0/24
89.213.174.0/24
89.213.188.0/23
109.176.252.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:ea:05:40:8c:95:2e:de:9e:ee:51:0a:a1:00:bd:6e:97:b2:
a4:56:7a:d1:45:ef:80:af:35:6c:5c:ca:07:a3:49:8b:3b:0e:
56:3a:c4:be:9a:33:90:84:7b:cc:7a:df:f7:2f:21:08:26:be:
47:2b:eb:c0:2e:74:85:7d:e0:b2:1a:0f:a2:bf:ae:16:7f:87:
30:bf:5b:10:18:04:a3:ee:7c:9b:db:33:f2:ac:e2:ce:9c:e8:
79:e9:b8:03:77:3f:8e:8a:89:1f:4e:c2:04:dd:07:02:b7:71:
fb:a7:45:5d:49:28:22:a4:82:eb:9d:63:a4:71:de:ef:de:db:
13:fb:92:70:2c:77:a8:34:d2:de:57:ce:16:01:b5:aa:1c:43:
0a:01:e8:04:88:11:d1:b6:14:37:50:e0:39:91:c7:5f:bf:6b:
35:92:c0:73:d5:c9:a6:81:22:24:76:d8:2f:4b:b5:90:f0:90:
91:7d:78:b0:af:ff:88:70:da:33:07:e8:a0:f7:14:33:ac:ed:
fb:6d:e4:a9:90:e8:f0:de:f1:93:ea:d4:cb:df:c1:16:31:11:
30:fc:4a:39:e0:75:72:0c:55:9a:34:64:7f:af:32:f7:d0:53:
3a:3d:43:b8:20:78:36:fb:5b:8b:df:ab:6e:fb:f1:78:20:25:
37:49:56:69
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYkcgRvh9EnHS2TYBRdqB6lvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzAzMTYwNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzkzYjBhMTczODFjNGI4OTk2NTU5OGNlYWYyNTdhYzUxODVhMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJPE54/ltpKMCmUhDWKJlIYQIjV1
p+JQv8eZq80bGptrW2q5q2nHwUn91kwxUufK8mPD26NGQnwLXRlcle/YWhTy+LP5
pXtdERVtusnAHYfzoUTDip5dNwUYOgBCe5daHrFu5FX77OcWcPJUyAgK+VAHVLtO
d/WTZhsnttJ0WxttvU10kb5F3dGWrKz5w6klFlZAVoeIx61crMhggbD0yW+xINQD
6tpflC93GkvJJ7P5v80O3KGmsql4vG3YhmQIulpDVdVWRvnF1i0ekiTvL75pGb5p
8dtDMzXDF+OUPzmHN2fcOCV3BSXKHqGSm3betnBDit6VwZOniB28vsNU5wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDOTsKFzgcS4mWVZjOryV6xRhaIfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTTVPd29YT0J4TGlaWlZtTTZ2SlhyRkdGb2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUpnhAwQA
UpnjAwQAWdWNAwQAWdWSAwQAWdWaAwQAWdWuAwQBWdW8AwQBbbD8MA0GCSqGSIb3
DQEBCwUAA4IBAQCN6gVAjJUu3p7uUQqhAL1ul7KkVnrRRe+ArzVsXMoHo0mLOw5W
OsS+mjOQhHvMet/3LyEIJr5HK+vALnSFfeCyGg+iv64Wf4cwv1sQGASj7nyb2zPy
rOLOnOh56bgDdz+OiokfTsIE3QcCt3H7p0VdSSgipILrnWOkcd7v3tsT+5JwLHeo
NNLeV84WAbWqHEMKAegEiBHRthQ3UOA5kcdfv2s1ksBz1cmmgSIkdtgvS7WQ8JCR
fXiwr/+IcNozB+ig9xQzrO37beSpkOjw3vGT6tTL38EWMREw/Eo54HVyDFWaNGR/
rzL30FM6PUO4IHg2+1uL36tu+/F4ICU3SVZp
-----END CERTIFICATE-----
Generated at Sat May 17 02:27:04 2025 by rpki-client