Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvTMZLEwNvCWX8zpw4s0lstAjOU.roa
File: pvTMZLEwNvCWX8zpw4s0lstAjOU.roa (raw, json)
Hash identifier: ZxL+YUoVMokL8sG15cYDDcGRmx88d3hmZO+9KtEB5PM=
Subject key identifier: A6:F4:CC:64:B1:30:36:F0:96:5F:CC:E9:C3:8B:34:96:CB:40:8C:E5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01891C82F06A12043E4DF611162DA36D781D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvTMZLEwNvCWX8zpw4s0lstAjOU.roa
Signing time: Mon 03 Jul 2023 16:08:10 +0000
ROA not before: Mon 03 Jul 2023 16:08:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:82:f0:6a:12:04:3e:4d:f6:11:16:2d:a3:6d:78:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 3 16:08:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6f4cc64b13036f0965fcce9c38b3496cb408ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e6:24:09:c7:11:58:88:1d:09:79:41:4b:e5:
6e:a2:b8:dd:4f:95:66:44:b4:c6:9b:06:0f:35:f2:
4f:7b:2f:ae:7b:12:be:b8:d5:79:98:de:a1:90:75:
a4:18:16:44:59:0c:54:fa:2f:ba:3b:53:08:54:dc:
14:7f:f0:15:32:4d:52:2b:35:c8:7e:f8:16:5b:6a:
78:55:e9:12:25:00:f4:0c:26:e8:3e:23:aa:06:76:
08:4f:dc:51:2d:4e:18:cf:84:78:23:8e:f6:37:9a:
68:46:4a:47:40:85:71:b0:6c:2e:37:4e:39:4c:5e:
d6:9d:96:78:da:6f:33:4d:12:32:25:ca:14:4d:fd:
69:8c:cc:a7:70:56:c8:4a:0e:00:b9:d9:b8:bf:40:
1a:33:4f:19:9f:12:a5:c2:3a:17:19:dd:0c:de:57:
f8:2b:74:7a:3b:b0:24:a3:a4:3f:99:fe:6e:29:d7:
88:a0:1e:27:02:42:75:31:a6:86:15:a5:c7:76:ff:
67:5d:62:50:8b:d6:0f:bb:47:9f:95:52:55:66:48:
52:ff:8b:c5:ac:15:5b:e9:61:4a:b6:02:54:71:68:
2b:26:02:3f:5a:05:17:f4:04:64:69:c8:40:6f:38:
b7:29:60:21:3a:04:c0:8f:c7:ee:f5:ba:bc:92:47:
39:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F4:CC:64:B1:30:36:F0:96:5F:CC:E9:C3:8B:34:96:CB:40:8C:E5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pvTMZLEwNvCWX8zpw4s0lstAjOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/23
82.153.1.0/24
82.153.68.0/23
82.153.71.0-82.153.72.255
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
85:af:0d:39:4b:2a:d2:0b:c1:54:09:83:17:1a:6c:7b:ad:4c:
f0:e1:ff:52:a6:47:3a:b9:ad:2c:79:26:cd:a1:3f:a9:f9:21:
fa:f0:b7:67:74:f3:58:ee:69:00:60:3a:0d:2d:48:05:dc:b5:
0d:8f:9c:d8:51:6d:f7:ee:cb:7c:d9:9f:b1:42:59:c6:e3:ab:
b9:dd:9d:20:91:09:cf:f7:ac:a0:72:1e:44:da:fb:0f:c8:04:
a3:cf:1c:41:a5:1e:d4:07:1d:58:1a:67:47:81:1e:d3:ee:68:
23:60:61:1a:ec:53:0e:ac:dc:1e:30:2b:95:b1:f7:59:b0:77:
2b:d4:40:fb:02:73:4d:0a:f7:b4:87:4e:72:74:e5:84:6d:98:
9a:cb:dc:41:4a:87:18:5e:2d:bb:f7:96:35:37:34:23:2b:e3:
f6:43:ea:60:1a:4a:23:b2:4a:73:6e:1b:e6:0b:39:fd:9b:e8:
4c:bf:04:c4:ec:b1:d6:e8:d6:d8:d4:51:b7:cf:95:52:5a:70:
7e:c2:6e:d7:e5:7e:43:4f:64:e5:df:01:ab:1f:b4:c6:ce:b9:
b0:95:b6:7c:76:33:bf:43:17:c9:e2:eb:26:c4:a1:78:d9:12:
5b:c6:5d:a6:d3:26:65:21:91:c3:d6:ce:7b:48:a4:6a:61:75:
72:e9:80:84
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYkcgvBqEgQ+TfYRFi2jbXgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzAzMTYwODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY0Y2M2NGIxMzAzNmYwOTY1ZmNjZTljMzhiMzQ5NmNiNDA4Y2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOYkCccRWIgdCXlBS+VuorjdT5Vm
RLTGmwYPNfJPey+uexK+uNV5mN6hkHWkGBZEWQxU+i+6O1MIVNwUf/AVMk1SKzXI
fvgWW2p4VekSJQD0DCboPiOqBnYIT9xRLU4Yz4R4I472N5poRkpHQIVxsGwuN045
TF7WnZZ42m8zTRIyJcoUTf1pjMyncFbISg4Audm4v0AaM08ZnxKlwjoXGd0M3lf4
K3R6O7Ako6Q/mf5uKdeIoB4nAkJ1MaaGFaXHdv9nXWJQi9YPu0eflVJVZkhS/4vF
rBVb6WFKtgJUcWgrJgI/WgUX9ARkachAbzi3KWAhOgTAj8fu9bq8kkc5AwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFKb0zGSxMDbwll/M6cOLNJbLQIzlMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcHZUTVpMRXdOdkNXWDh6cHc0czBsc3RBak9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAFEFvQME
AFGoIzAMAwQAUah3AwQAUah4AwQAUah7AwQAUah+AwQAUpj4AwQAUpj7AwQBUpj+
AwQAUpkBAwQBUplEMAwDBABSmUcDBABSmUgDBABSmU8DBABSmYQDBABSmeADBAC5
MXwwDQYJKoZIhvcNAQELBQADggEBAIWvDTlLKtILwVQJgxcabHutTPDh/1KmRzq5
rSx5Js2hP6n5Ifrwt2d081juaQBgOg0tSAXctQ2PnNhRbffuy3zZn7FCWcbjq7nd
nSCRCc/3rKByHkTa+w/IBKPPHEGlHtQHHVgaZ0eBHtPuaCNgYRrsUw6s3B4wK5Wx
91mwdyvUQPsCc00K97SHTnJ05YRtmJrL3EFKhxheLbv3ljU3NCMr4/ZD6mAaSiOy
SnNuG+YLOf2b6Ey/BMTssdbo1tjUUbfPlVJacH7CbtflfkNPZOXfAasftMbOubCV
tnx2M79DF8ni6ybEoXjZElvGXabTJmUhkcPWzntIpGphdXLpgIQ=
-----END CERTIFICATE-----
Generated at Sat May 17 02:17:16 2025 by rpki-client