Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/8XmO8zCl3YTniwRVPS6cHe136Aw.roa
File: 8XmO8zCl3YTniwRVPS6cHe136Aw.roa (raw, json)
Hash identifier: a+T6FBgvi5KMMzierfMGiwPyVZCDg+k1H6d8E+lA5k0=
Subject key identifier: F1:79:8E:F3:30:A5:DD:84:E7:8B:04:55:3D:2E:9C:1D:ED:77:E8:0C
Certificate issuer: /CN=ff4f06bff3a5b85151b65705b4308e9afb1fd8f7
Certificate serial: 0F93AF8C
Authority key identifier: FF:4F:06:BF:F3:A5:B8:51:51:B6:57:05:B4:30:8E:9A:FB:1F:D8:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_08Gv_OluFFRtlcFtDCOmvsf2Pc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/8XmO8zCl3YTniwRVPS6cHe136Aw.roa
Signing time: Sat 01 Jan 2022 13:54:39 +0000
ROA not before: Sat 01 Jan 2022 13:54:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136162
IP address blocks: 185.175.100.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261336972 (0xf93af8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4f06bff3a5b85151b65705b4308e9afb1fd8f7
Validity
Not Before: Jan 1 13:54:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1798ef330a5dd84e78b04553d2e9c1ded77e80c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dd:04:49:99:fe:69:45:c6:9b:10:c0:e2:b2:
4d:af:02:c4:cf:3a:e2:13:a7:18:90:82:ed:36:34:
80:75:24:0f:df:05:63:0d:db:1a:8f:c2:18:6e:0d:
77:59:ad:12:7b:87:be:05:17:f7:ec:56:e6:0b:cf:
ea:80:4e:ac:a2:96:38:5e:ca:39:c0:1b:23:7d:51:
25:5b:2c:c0:e2:dd:28:16:f6:db:81:fb:5c:a7:ca:
d4:6d:fe:37:12:93:68:9c:e6:d6:16:7a:eb:b6:94:
49:72:41:3e:14:4e:ec:ca:9c:3b:9f:5e:94:b5:87:
f6:9d:3c:3d:59:3f:ac:e0:ee:32:e7:3b:56:57:a9:
00:a5:44:9d:0b:5f:b1:eb:3f:9d:82:c6:4c:36:ea:
fd:b6:a1:63:15:05:49:e5:17:bd:48:f4:64:60:35:
38:88:65:9d:8e:9d:69:c6:c7:46:6d:19:12:6a:c4:
6f:3e:4f:78:19:89:02:1c:14:21:7b:90:dc:ca:ff:
b4:c3:30:39:aa:73:20:f4:7a:46:de:9f:f1:e1:e5:
ac:dd:24:18:71:37:61:5e:81:16:b7:5e:24:39:25:
9b:f5:f8:5e:d4:65:31:d3:0a:07:60:22:ab:02:06:
ab:7d:ae:d0:fd:e0:c6:79:08:f7:ac:81:c0:af:48:
eb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:79:8E:F3:30:A5:DD:84:E7:8B:04:55:3D:2E:9C:1D:ED:77:E8:0C
X509v3 Authority Key Identifier:
keyid:FF:4F:06:BF:F3:A5:B8:51:51:B6:57:05:B4:30:8E:9A:FB:1F:D8:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_08Gv_OluFFRtlcFtDCOmvsf2Pc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/8XmO8zCl3YTniwRVPS6cHe136Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/_08Gv_OluFFRtlcFtDCOmvsf2Pc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.100.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:24:d4:55:63:15:a9:cf:ea:59:d6:c4:23:f7:bd:25:7f:a1:
c7:dc:90:3e:35:d1:a4:bd:f7:f6:25:0d:40:3f:39:61:b3:8b:
7b:75:ce:d5:48:84:b0:62:5e:af:85:f5:c9:31:71:67:5e:5f:
2e:35:b9:b1:0b:c4:84:24:7e:e6:81:d4:4a:7b:e0:d9:4b:90:
db:88:47:fd:8a:1f:9d:05:a0:a1:4b:33:b9:01:d7:c9:0c:a2:
79:21:79:d6:d5:bc:f4:e5:76:59:1a:4c:f2:81:e9:34:dd:2b:
f2:5f:c9:3b:70:72:7b:bf:a3:85:9e:41:ec:c7:05:a3:e1:fb:
80:ea:83:89:27:ff:12:63:8f:f9:62:f0:41:34:7f:e6:d0:bc:
14:31:4b:34:d6:44:e0:b3:5f:87:92:5b:7b:bd:1c:45:a0:ba:
e1:4f:bc:8a:7c:3f:15:eb:c6:62:9d:4a:c1:55:92:62:dd:25:
f7:18:70:d3:c4:b5:1c:36:86:25:a3:77:5d:3a:6c:0e:a9:c1:
a2:6c:91:51:b2:bd:1e:2d:cb:15:ca:92:3b:c3:bc:c5:ae:70:
c4:f7:35:57:74:d0:59:a6:c6:02:21:56:dc:4c:a1:46:74:29:
de:28:ba:ef:98:1f:40:1c:c9:a1:82:5e:85:ee:8e:e9:5a:04:
89:38:c1:e6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED5OvjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjRmMDZiZmYzYTViODUxNTFiNjU3MDViNDMwOGU5YWZiMWZkOGY3MB4XDTIyMDEw
MTEzNTQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE3OThlZjMzMGE1
ZGQ4NGU3OGIwNDU1M2QyZTljMWRlZDc3ZTgwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbdBEmZ/mlFxpsQwOKyTa8CxM864hOnGJCC7TY0gHUkD98F
Yw3bGo/CGG4Nd1mtEnuHvgUX9+xW5gvP6oBOrKKWOF7KOcAbI31RJVsswOLdKBb2
24H7XKfK1G3+NxKTaJzm1hZ667aUSXJBPhRO7MqcO59elLWH9p08PVk/rODuMuc7
VlepAKVEnQtfses/nYLGTDbq/bahYxUFSeUXvUj0ZGA1OIhlnY6dacbHRm0ZEmrE
bz5PeBmJAhwUIXuQ3Mr/tMMwOapzIPR6Rt6f8eHlrN0kGHE3YV6BFrdeJDklm/X4
XtRlMdMKB2AiqwIGq32u0P3gxnkI96yBwK9I6y8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTxeY7zMKXdhOeLBFU9Lpwd7XfoDDAfBgNVHSMEGDAWgBT/Twa/86W4UVG2
VwW0MI6a+x/Y9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18wOEd2X09sdUZGUnRsY0Z0RENPbXZzZjJQYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMmZiOGJkLWUxYTAtNDU0Yy04YmNhLTI1ZWZmZGQ3OTZkYy8x
LzhYbU84ekNsM1lUbml3UlZQUzZjSGUxMzZBdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MmZiOGJkLWUxYTAtNDU0Yy04YmNhLTI1ZWZmZGQ3OTZkYy8xL18wOEd2X09sdUZG
UnRsY0Z0RENPbXZzZjJQYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmvZDANBgkqhkiG9w0BAQsFAAOC
AQEAfyTUVWMVqc/qWdbEI/e9JX+hx9yQPjXRpL339iUNQD85YbOLe3XO1UiEsGJe
r4X1yTFxZ15fLjW5sQvEhCR+5oHUSnvg2UuQ24hH/YofnQWgoUszuQHXyQyieSF5
1tW89OV2WRpM8oHpNN0r8l/JO3Bye7+jhZ5B7McFo+H7gOqDiSf/EmOP+WLwQTR/
5tC8FDFLNNZE4LNfh5Jbe70cRaC64U+8inw/FevGYp1KwVWSYt0l9xhw08S1HDaG
JaN3XTpsDqnBomyRUbK9Hi3LFcqSO8O8xa5wxPc1V3TQWabGAiFW3EyhRnQp3ii6
75gfQBzJoYJehe6O6VoEiTjB5g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:13 2025 by rpki-client