Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/pE39EnT1DQsgM46nu1RIRX9tzOg.roa
File: pE39EnT1DQsgM46nu1RIRX9tzOg.roa (raw, json)
Hash identifier: BieAolg/RMt+nvtByH8LduWZBTC+1jxKAKkePP+sRt0=
Subject key identifier: A4:4D:FD:12:74:F5:0D:0B:20:33:8E:A7:BB:54:48:45:7F:6D:CC:E8
Certificate issuer: /CN=35135b81b6c1edd2f6f5bc1c608a5fc9fe926474
Certificate serial: 01856C00FDC2452B09726FEDFCD211FC8BB7
Authority key identifier: 35:13:5B:81:B6:C1:ED:D2:F6:F5:BC:1C:60:8A:5F:C9:FE:92:64:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRNbgbbB7dL29bwcYIpfyf6SZHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/pE39EnT1DQsgM46nu1RIRX9tzOg.roa
Signing time: Sun 01 Jan 2023 06:24:42 +0000
ROA not before: Sun 01 Jan 2023 06:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58161
IP address blocks: 178.215.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:00:fd:c2:45:2b:09:72:6f:ed:fc:d2:11:fc:8b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35135b81b6c1edd2f6f5bc1c608a5fc9fe926474
Validity
Not Before: Jan 1 06:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a44dfd1274f50d0b20338ea7bb5448457f6dcce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7c:94:d9:64:58:b6:84:12:77:0a:34:a0:ad:
11:92:d9:26:e3:c5:91:80:37:bb:81:e5:62:8e:97:
da:8f:d9:84:dd:b3:50:fe:7c:74:a7:c9:16:35:3d:
90:a4:64:44:70:fd:c4:12:6d:8d:4d:08:95:4d:8a:
39:e8:6a:fc:ff:7c:ab:5f:1e:70:9a:5e:c1:71:80:
1f:9a:49:c4:1e:6b:28:ca:f9:2c:70:3e:ee:aa:84:
13:53:43:c6:10:c5:63:ae:98:f6:79:4b:9f:cd:b8:
68:b3:92:bc:2a:89:e9:f5:ff:44:e8:0a:a1:84:20:
27:7a:4c:80:f1:03:30:6e:8e:05:58:de:2e:87:ad:
ee:c9:f2:2e:8f:d0:ae:2d:41:c3:fb:28:cf:21:b9:
85:83:33:00:97:02:c3:b4:d4:2d:0e:34:81:59:91:
a5:ff:59:5e:f0:ad:0b:9b:d0:4f:35:53:21:93:1f:
99:80:b9:30:3a:51:a9:f7:97:db:89:e9:ef:58:de:
51:a6:cb:18:cd:0c:3d:f9:aa:a0:b4:9d:f5:90:2d:
32:c5:1d:78:69:13:90:7e:ee:2e:0e:98:dc:39:69:
90:84:5c:c9:fb:dd:d5:0b:c9:07:bb:ab:5f:b3:64:
60:14:2d:c0:de:08:bb:9f:a7:ca:93:41:85:0a:ad:
ad:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4D:FD:12:74:F5:0D:0B:20:33:8E:A7:BB:54:48:45:7F:6D:CC:E8
X509v3 Authority Key Identifier:
keyid:35:13:5B:81:B6:C1:ED:D2:F6:F5:BC:1C:60:8A:5F:C9:FE:92:64:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRNbgbbB7dL29bwcYIpfyf6SZHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/pE39EnT1DQsgM46nu1RIRX9tzOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d0a0a0-d25a-4746-9139-a71456df9997/1/NRNbgbbB7dL29bwcYIpfyf6SZHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.215.6.0/24
Signature Algorithm: sha256WithRSAEncryption
df:04:57:8b:77:2d:61:fe:6f:d6:fa:39:9b:25:4a:b3:c8:22:
46:c5:d6:45:7d:a4:cc:7d:32:d6:55:4c:bf:7f:7b:35:28:5e:
31:c1:48:5f:8d:b4:8a:b6:a3:30:49:ad:35:28:c8:8b:83:45:
bf:b4:4b:ae:8f:78:23:19:e0:ae:d9:6f:99:34:71:29:44:2f:
41:e9:95:99:a7:28:ff:c5:db:36:19:c9:08:47:f1:47:b1:da:
11:61:9d:e1:fc:18:b4:79:97:77:4a:c2:cc:01:f0:92:46:35:
e4:49:a5:33:df:4b:02:f5:0f:14:2a:55:a8:10:8f:b1:ec:9a:
32:0a:0d:71:bc:9e:04:72:dd:b4:46:68:98:06:d9:b2:e6:59:
3a:ac:e0:17:d5:4a:ba:3b:03:ec:18:6a:5d:91:99:aa:14:05:
40:1e:61:48:91:81:ea:1a:c4:bf:13:a5:f3:39:48:40:aa:0f:
be:62:56:6e:97:c9:f7:0f:98:71:50:c2:21:bf:fe:57:a2:d4:
ea:af:28:02:95:04:5c:91:f6:a4:d8:e6:1e:ff:7b:ce:f9:4f:
c7:85:08:da:14:24:9f:e4:b1:80:57:6b:cb:ac:3a:88:1d:99:
dd:01:b6:d4:4e:14:57:f0:11:28:a8:38:02:87:df:f6:33:6c:
6b:7e:9b:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAP3CRSsJcm/t/NIR/Iu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTM1YjgxYjZjMWVkZDJmNmY1YmMxYzYwOGE1ZmM5ZmU5
MjY0NzQwHhcNMjMwMTAxMDYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDRkZmQxMjc0ZjUwZDBiMjAzMzhlYTdiYjU0NDg0NTdmNmRjY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHyU2WRYtoQSdwo0oK0Rktkm48WR
gDe7geVijpfaj9mE3bNQ/nx0p8kWNT2QpGREcP3EEm2NTQiVTYo56Gr8/3yrXx5w
ml7BcYAfmknEHmsoyvkscD7uqoQTU0PGEMVjrpj2eUufzbhos5K8Konp9f9E6Aqh
hCAnekyA8QMwbo4FWN4uh63uyfIuj9CuLUHD+yjPIbmFgzMAlwLDtNQtDjSBWZGl
/1le8K0Lm9BPNVMhkx+ZgLkwOlGp95fbienvWN5RpssYzQw9+aqgtJ31kC0yxR14
aROQfu4uDpjcOWmQhFzJ+93VC8kHu6tfs2RgFC3A3gi7n6fKk0GFCq2t3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRN/RJ09Q0LIDOOp7tUSEV/bczoMB8GA1UdIwQY
MBaAFDUTW4G2we3S9vW8HGCKX8n+kmR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJOYmdiYkI3ZEwyOWJ3Y1lJcGZ5ZjZTWkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kMGEwYTAtZDI1YS00NzQ2LTkxMzkt
YTcxNDU2ZGY5OTk3LzEvcEUzOUVuVDFEUXNnTTQ2bnUxUklSWDl0ek9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kMGEwYTAtZDI1YS00NzQ2LTkxMzktYTcxNDU2ZGY5OTk3
LzEvTlJOYmdiYkI3ZEwyOWJ3Y1lJcGZ5ZjZTWkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstcGMA0G
CSqGSIb3DQEBCwUAA4IBAQDfBFeLdy1h/m/W+jmbJUqzyCJGxdZFfaTMfTLWVUy/
f3s1KF4xwUhfjbSKtqMwSa01KMiLg0W/tEuuj3gjGeCu2W+ZNHEpRC9B6ZWZpyj/
xds2GckIR/FHsdoRYZ3h/Bi0eZd3SsLMAfCSRjXkSaUz30sC9Q8UKlWoEI+x7Joy
Cg1xvJ4Ect20RmiYBtmy5lk6rOAX1Uq6OwPsGGpdkZmqFAVAHmFIkYHqGsS/E6Xz
OUhAqg++YlZul8n3D5hxUMIhv/5XotTqrygClQRckfak2OYe/3vO+U/HhQjaFCSf
5LGAV2vLrDqIHZndAbbUThRX8BEoqDgCh9/2M2xrfpuB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:34 2025 by rpki-client