Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/1-bPs5XZ5l3eyQNzSL9bMr6cSAA.roa
File: 1-bPs5XZ5l3eyQNzSL9bMr6cSAA.roa (raw, json)
Hash identifier: SejQnKG+Sz5ncvcKRhVddwDtKJXtwZCIYrNhKzSO/G0=
Subject key identifier: D7:E6:CF:B3:95:D9:E6:5D:DE:C9:03:73:48:BF:5B:32:BE:9C:48:00
Certificate issuer: /CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Certificate serial: 01852994CB523E0C0705174441F00B1B69D2
Authority key identifier: 09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/1-bPs5XZ5l3eyQNzSL9bMr6cSAA.roa
Signing time: Mon 19 Dec 2022 08:51:35 +0000
ROA not before: Mon 19 Dec 2022 08:51:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136714
IP address blocks: 178.248.112.0/22 maxlen: 24
178.248.118.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:94:cb:52:3e:0c:07:05:17:44:41:f0:0b:1b:69:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Validity
Not Before: Dec 19 08:51:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7e6cfb395d9e65ddec9037348bf5b32be9c4800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f6:91:f2:11:6c:cb:98:7b:9f:b5:89:7d:00:
18:6a:56:59:42:97:8a:38:b1:b1:0a:b4:6f:13:e3:
12:4c:1b:38:16:ad:c3:e4:78:b3:ba:f4:a1:66:d4:
df:b0:c1:63:76:07:00:f9:26:c0:9e:c8:5b:2f:a1:
b0:42:13:e5:a0:e0:9e:57:6c:01:ad:8f:ca:78:f1:
56:74:25:e3:b6:c4:57:59:0f:24:d3:73:b8:2d:b2:
df:3b:4d:74:41:18:68:e0:29:e4:d9:dc:f8:32:00:
1c:5d:b2:47:16:da:3d:d7:fe:da:97:15:3a:af:7c:
0b:80:51:8c:01:55:9b:83:cb:2f:1d:fc:a0:0f:38:
8c:0e:9f:3b:ce:c3:fd:1a:3f:9f:ca:95:18:fb:4a:
22:be:18:4a:91:c3:26:9a:e9:a1:b0:25:08:fd:d1:
79:c2:60:a4:b8:c9:c1:2f:8a:24:2b:02:6e:d3:79:
c6:8d:20:0f:ca:57:03:e4:3e:fc:f9:9b:a2:1f:37:
04:0b:75:61:1b:64:32:b7:37:e3:24:33:6c:c0:1a:
ce:e5:5d:8b:94:56:a1:af:40:38:ab:28:3f:03:b1:
57:50:bd:47:a5:74:49:17:ed:53:76:d8:13:0a:c7:
55:f8:11:6b:9c:38:f7:40:14:15:3c:98:63:aa:9f:
6f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E6:CF:B3:95:D9:E6:5D:DE:C9:03:73:48:BF:5B:32:BE:9C:48:00
X509v3 Authority Key Identifier:
keyid:09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/1-bPs5XZ5l3eyQNzSL9bMr6cSAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.112.0/22
178.248.118.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:76:f0:94:c6:95:2e:86:03:9e:e5:22:4d:20:fe:26:c9:c9:
8d:c4:a8:1c:73:1c:1b:3f:09:a5:40:64:d8:05:3c:26:dd:5a:
f3:7f:29:cd:cf:80:d1:67:28:9e:dc:17:66:e0:f2:02:7d:fa:
e1:5b:63:69:49:74:06:09:83:0d:5a:d2:01:76:75:1e:e8:ac:
de:d2:99:63:2a:59:e7:7b:c1:40:8b:9e:aa:72:0a:ec:08:7b:
c5:4e:31:c8:ad:d3:4c:59:de:cb:e1:0a:fa:a2:0d:7c:42:53:
1c:27:a1:a2:3f:94:ed:7d:93:88:e4:9d:44:40:ea:1e:27:ed:
9b:cf:0a:f9:ea:91:38:18:81:97:7d:e9:ef:9a:fb:6e:4a:44:
89:61:68:a9:7d:f0:c5:a0:2f:00:3e:7d:06:1b:76:54:07:6b:
32:56:92:85:e8:6b:f1:bf:c8:9a:f3:05:dc:87:d9:1a:5e:c3:
82:2a:c1:f7:92:f6:47:45:8e:da:08:0f:da:a5:e8:62:ca:35:
63:44:00:ba:9c:5a:a1:72:84:e6:82:5b:1d:1c:a6:c0:c9:34:
87:0f:b8:0d:46:6e:44:70:5a:92:9c:15:aa:5a:39:22:35:09:
0c:d8:07:63:d0:3a:06:fe:a3:79:b5:2f:6f:21:89:cc:2d:18:
bf:60:c0:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUplMtSPgwHBRdEQfALG2nSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjBkY2NlYjc0ZjExODVhY2Q5N2FlZWFhYzI1ZGRhNWU5
YjA5MzYwHhcNMjIxMjE5MDg1MTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U2Y2ZiMzk1ZDllNjVkZGVjOTAzNzM0OGJmNWIzMmJlOWM0ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPaR8hFsy5h7n7WJfQAYalZZQpeK
OLGxCrRvE+MSTBs4Fq3D5HizuvShZtTfsMFjdgcA+SbAnshbL6GwQhPloOCeV2wB
rY/KePFWdCXjtsRXWQ8k03O4LbLfO010QRho4Cnk2dz4MgAcXbJHFto91/7alxU6
r3wLgFGMAVWbg8svHfygDziMDp87zsP9Gj+fypUY+0oivhhKkcMmmumhsCUI/dF5
wmCkuMnBL4okKwJu03nGjSAPylcD5D78+ZuiHzcEC3VhG2QytzfjJDNswBrO5V2L
lFahr0A4qyg/A7FXUL1HpXRJF+1TdtgTCsdV+BFrnDj3QBQVPJhjqp9vFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNfmz7OV2eZd3skDc0i/WzK+nEgAMB8GA1UdIwQY
MBaAFAnw3M63TxGFrNl67qrCXdpemwk2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgt
OTk2MTg5ZjljZTE0LzEvMS1iUHM1WFo1bDNleVFOelNMOWJNcjZjU0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgtOTk2MTg5ZjljZTE0
LzEvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsvhwAwQB
svh2MA0GCSqGSIb3DQEBCwUAA4IBAQAedvCUxpUuhgOe5SJNIP4mycmNxKgccxwb
PwmlQGTYBTwm3VrzfynNz4DRZyie3Bdm4PICffrhW2NpSXQGCYMNWtIBdnUe6Kze
0pljKlnne8FAi56qcgrsCHvFTjHIrdNMWd7L4Qr6og18QlMcJ6GiP5TtfZOI5J1E
QOoeJ+2bzwr56pE4GIGXfenvmvtuSkSJYWipffDFoC8APn0GG3ZUB2syVpKF6Gvx
v8ia8wXch9kaXsOCKsH3kvZHRY7aCA/apehiyjVjRAC6nFqhcoTmglsdHKbAyTSH
D7gNRm5EcFqSnBWqWjkiNQkM2Adj0DoG/qN5tS9vIYnMLRi/YMBc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:38 2025 by rpki-client