Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/0CcF4KrATj5ikaClcWy7PjqtJrI.roa
File: 0CcF4KrATj5ikaClcWy7PjqtJrI.roa (raw, json)
Hash identifier: 3jOpNvvRSOgqxvbghEXzAwduoncuT8hRjOMmAe8AyEM=
Subject key identifier: D0:27:05:E0:AA:C0:4E:3E:62:91:A0:A5:71:6C:BB:3E:3A:AD:26:B2
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018BAEA73C678A7DE8FEA249CBB3C8165EB0
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/0CcF4KrATj5ikaClcWy7PjqtJrI.roa
Signing time: Wed 08 Nov 2023 11:17:57 +0000
ROA not before: Wed 08 Nov 2023 11:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203872
IP address blocks: 24.235.22.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:a7:3c:67:8a:7d:e8:fe:a2:49:cb:b3:c8:16:5e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Nov 8 11:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d02705e0aac04e3e6291a0a5716cbb3e3aad26b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:42:82:94:5a:76:3f:44:4f:7e:f1:38:01:fd:
c4:2d:03:3d:92:48:4e:42:25:4e:22:bf:e9:f3:b3:
0f:e8:1c:d5:e1:67:6c:25:26:7e:86:6b:5d:4e:7e:
67:fa:f3:b4:c7:9d:8f:f9:9b:ce:36:c7:22:43:ae:
8d:9a:3c:3e:8f:b1:fa:2c:26:5f:c8:68:32:92:ca:
7c:46:c3:0f:2a:89:ea:6e:b4:ea:87:ed:cf:35:95:
1d:9b:e7:f2:11:b8:88:2f:00:41:0b:eb:89:8f:e3:
37:da:76:8a:63:ea:e3:e3:fd:fc:0d:8a:2a:38:db:
2e:07:c0:f8:dc:bc:e0:ae:18:a2:d9:14:ae:2d:96:
56:a1:19:ef:d2:2b:0c:81:6f:9d:7b:59:ca:a8:80:
7f:46:54:c0:75:56:98:49:64:04:eb:3f:0d:81:f7:
b3:25:5a:b5:bd:7e:89:30:7b:6c:90:8c:c9:b9:44:
6b:87:00:65:d8:57:6b:5f:ee:c6:54:29:19:a6:75:
33:25:04:df:f2:ad:4b:33:b2:e5:a8:89:3a:6d:61:
c7:bf:30:aa:cd:23:6e:b6:00:bc:49:3a:a9:c2:e0:
a2:c5:ce:26:bc:58:c2:26:9b:a1:63:92:35:e0:37:
9e:29:a1:9b:f1:ee:f0:d8:72:90:ae:58:c5:88:7d:
71:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:27:05:E0:AA:C0:4E:3E:62:91:A0:A5:71:6C:BB:3E:3A:AD:26:B2
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/0CcF4KrATj5ikaClcWy7PjqtJrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.235.22.0/23
Signature Algorithm: sha256WithRSAEncryption
79:8b:8b:44:d5:13:1b:4c:85:da:89:7f:47:0e:9a:a2:c6:3f:
92:45:f5:1d:0e:72:fa:02:3f:e3:f2:10:d0:66:25:09:aa:5f:
d9:76:ce:9a:64:9d:27:c5:6c:bd:99:2f:37:d7:83:be:48:56:
59:3d:12:56:db:71:9c:81:1b:72:cf:74:8f:42:c0:34:ee:74:
ee:77:52:bd:fb:3d:93:ca:34:90:40:27:fc:4b:e0:49:f9:26:
df:24:e7:74:3a:fe:ff:62:f2:6f:56:f3:a5:53:fb:02:11:f3:
e2:58:91:aa:8d:a4:f0:6c:1e:e5:62:ea:98:97:26:c9:99:bf:
79:d9:28:35:ab:bb:b9:0d:64:b7:94:a2:72:34:d2:56:01:5f:
6c:ad:94:cb:ad:f1:13:ab:6c:74:ee:50:75:7b:71:d0:48:d8:
7e:6b:49:01:2b:10:76:4f:8e:5c:d9:46:11:dd:cf:ea:2c:f6:
59:e2:47:3e:ca:33:e3:2d:d8:18:58:62:e9:b1:1b:ff:1e:23:
7f:2f:9d:c2:04:66:4c:f8:af:e0:f5:bb:d7:8f:d2:63:3b:92:
ad:2e:25:2b:87:72:0d:e6:70:0f:b7:60:a9:41:c8:f8:9e:c7:
e6:44:e4:59:00:b9:77:a1:7f:ea:98:81:eb:fd:ff:29:8f:cd:
37:6b:a9:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuupzxnin3o/qJJy7PIFl6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMxMTA4MTExNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDI3MDVlMGFhYzA0ZTNlNjI5MWEwYTU3MTZjYmIzZTNhYWQyNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkKClFp2P0RPfvE4Af3ELQM9kkhO
QiVOIr/p87MP6BzV4WdsJSZ+hmtdTn5n+vO0x52P+ZvONsciQ66Nmjw+j7H6LCZf
yGgyksp8RsMPKonqbrTqh+3PNZUdm+fyEbiILwBBC+uJj+M32naKY+rj4/38DYoq
ONsuB8D43Lzgrhii2RSuLZZWoRnv0isMgW+de1nKqIB/RlTAdVaYSWQE6z8Ngfez
JVq1vX6JMHtskIzJuURrhwBl2FdrX+7GVCkZpnUzJQTf8q1LM7LlqIk6bWHHvzCq
zSNutgC8STqpwuCixc4mvFjCJpuhY5I14DeeKaGb8e7w2HKQrljFiH1xeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAnBeCqwE4+YpGgpXFsuz46rSayMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvMENjRjRLckFUajVpa2FDbGNXeTdQanF0SnJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBGOsWMA0G
CSqGSIb3DQEBCwUAA4IBAQB5i4tE1RMbTIXaiX9HDpqixj+SRfUdDnL6Aj/j8hDQ
ZiUJql/Zds6aZJ0nxWy9mS8314O+SFZZPRJW23GcgRtyz3SPQsA07nTud1K9+z2T
yjSQQCf8S+BJ+SbfJOd0Ov7/YvJvVvOlU/sCEfPiWJGqjaTwbB7lYuqYlybJmb95
2Sg1q7u5DWS3lKJyNNJWAV9srZTLrfETq2x07lB1e3HQSNh+a0kBKxB2T45c2UYR
3c/qLPZZ4kc+yjPjLdgYWGLpsRv/HiN/L53CBGZM+K/g9bvXj9JjO5KtLiUrh3IN
5nAPt2CpQcj4nsfmRORZALl3oX/qmIHr/f8pj803a6mn
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:48 2025 by rpki-client