Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gOlg3QL17f-H6fDEFDz8kNEbGBM.roa
File: gOlg3QL17f-H6fDEFDz8kNEbGBM.roa (raw, json)
Hash identifier: LSrge+0ltbblvWzVRzBvTJDn1+kfea4dMXTwqKL0eGo=
Subject key identifier: 80:E9:60:DD:02:F5:ED:FF:87:E9:F0:C4:14:3C:FC:90:D1:1B:18:13
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018B70AD6DB72AC6E082544A777B13226DDC
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gOlg3QL17f-H6fDEFDz8kNEbGBM.roa
Signing time: Fri 27 Oct 2023 10:28:15 +0000
ROA not before: Fri 27 Oct 2023 10:28:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 85.239.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:ad:6d:b7:2a:c6:e0:82:54:4a:77:7b:13:22:6d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Oct 27 10:28:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80e960dd02f5edff87e9f0c4143cfc90d11b1813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d6:8b:28:e0:7e:f5:5b:ec:bb:e6:62:eb:ac:
f9:cb:04:15:c7:45:3c:f7:1d:e7:43:75:ff:73:26:
e4:83:3a:6b:96:6d:31:51:61:8e:2d:b2:7b:12:5f:
4e:fe:51:e9:f0:0c:01:c4:a0:ff:f2:55:aa:9b:9c:
11:8c:a2:5e:f5:a4:d3:51:96:0c:23:b9:40:d5:47:
12:04:2f:08:97:4b:a2:43:18:2a:f5:ad:ca:66:fd:
2b:3a:f8:83:88:96:c7:f4:17:98:b1:a3:0e:6e:68:
d2:64:35:43:fa:3e:a0:8e:24:81:3f:0d:46:c6:55:
67:c6:e1:a3:c9:3e:99:2a:a2:30:91:48:47:cf:64:
44:4e:6c:f1:ce:9d:b5:1a:16:82:85:3f:b4:14:10:
00:16:b4:87:60:ab:95:da:f7:74:16:d4:4f:7f:f2:
e6:91:2c:6d:78:43:ee:97:3e:af:f0:5a:eb:48:d6:
54:8c:96:06:0b:2e:f6:b1:d9:b3:ad:a9:e9:7d:e5:
4e:87:5b:72:33:35:d2:40:14:e4:95:aa:5f:97:a6:
e3:c3:d3:4c:84:ee:0f:ba:8c:1d:9b:21:0b:aa:b1:
4b:e3:c9:80:6f:e0:47:95:42:b0:90:ea:5e:81:26:
c1:25:29:47:0a:02:28:70:bb:63:22:ef:64:fb:fa:
15:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E9:60:DD:02:F5:ED:FF:87:E9:F0:C4:14:3C:FC:90:D1:1B:18:13
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gOlg3QL17f-H6fDEFDz8kNEbGBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:69:54:20:c8:8b:02:f8:96:51:38:cb:59:2e:9f:5e:69:a6:
55:e1:aa:42:ee:0e:3b:e0:3d:87:5a:f0:09:26:85:8d:14:58:
26:f1:5f:ce:71:0d:69:31:fc:a5:07:f0:b5:8e:14:c4:f7:32:
21:c2:b3:20:1e:75:b4:e3:ad:2a:81:59:5d:7c:4a:58:c2:cf:
8e:ec:51:e6:70:d7:f3:dc:99:74:86:48:64:f8:ef:ab:e4:35:
06:89:7e:42:3a:bc:e4:85:f1:fa:31:db:de:ca:72:a2:6c:62:
62:e4:0f:15:2c:1e:66:de:32:d5:49:78:43:5b:d9:41:72:5d:
87:44:ac:9f:dc:03:eb:d5:be:37:5b:79:26:15:44:44:e1:ea:
27:b6:f0:f9:0f:87:c8:64:a5:bf:12:0e:57:72:c1:7f:b7:39:
83:0a:88:8b:b9:4f:59:d5:fa:54:a7:1c:52:e3:d4:de:48:75:
77:17:a1:fd:4b:b4:c8:9f:4d:0f:7f:fa:ff:3a:3a:b9:1f:d1:
5f:9d:b6:40:ce:89:4c:f6:8c:4e:01:d8:aa:d0:f2:c8:b1:ce:
50:b9:dd:9c:a9:43:f2:18:22:2f:c3:44:a3:cc:dc:0c:10:dd:
70:71:f3:98:aa:19:32:ab:f0:a4:85:eb:08:08:7b:b6:f0:6d:
0f:6d:4b:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtwrW23KsbgglRKd3sTIm3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMxMDI3MTAyODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGU5NjBkZDAyZjVlZGZmODdlOWYwYzQxNDNjZmM5MGQxMWIxODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltaLKOB+9Vvsu+Zi66z5ywQVx0U8
9x3nQ3X/cybkgzprlm0xUWGOLbJ7El9O/lHp8AwBxKD/8lWqm5wRjKJe9aTTUZYM
I7lA1UcSBC8Il0uiQxgq9a3KZv0rOviDiJbH9BeYsaMObmjSZDVD+j6gjiSBPw1G
xlVnxuGjyT6ZKqIwkUhHz2RETmzxzp21GhaChT+0FBAAFrSHYKuV2vd0FtRPf/Lm
kSxteEPulz6v8FrrSNZUjJYGCy72sdmzranpfeVOh1tyMzXSQBTklapfl6bjw9NM
hO4PuowdmyELqrFL48mAb+BHlUKwkOpegSbBJSlHCgIocLtjIu9k+/oVJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDpYN0C9e3/h+nwxBQ8/JDRGxgTMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZ09sZzNRTDE3Zi1INmZERUZEejhrTkViR0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe+WMA0G
CSqGSIb3DQEBCwUAA4IBAQC1aVQgyIsC+JZROMtZLp9eaaZV4apC7g474D2HWvAJ
JoWNFFgm8V/OcQ1pMfylB/C1jhTE9zIhwrMgHnW0460qgVldfEpYws+O7FHmcNfz
3Jl0hkhk+O+r5DUGiX5COrzkhfH6MdveynKibGJi5A8VLB5m3jLVSXhDW9lBcl2H
RKyf3APr1b43W3kmFURE4eontvD5D4fIZKW/Eg5XcsF/tzmDCoiLuU9Z1fpUpxxS
49TeSHV3F6H9S7TIn00Pf/r/Ojq5H9FfnbZAzolM9oxOAdiq0PLIsc5Qud2cqUPy
GCIvw0SjzNwMEN1wcfOYqhkyq/CkhesICHu28G0PbUt8
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:35 2025 by rpki-client