Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/RF02fV2EcqrgUNNTQzqt-gnLC4Y.roa
File: RF02fV2EcqrgUNNTQzqt-gnLC4Y.roa (raw, json)
Hash identifier: beJqld1oTDJ01FWil+yawvMBl1hxX+8OV60EyQ9VVgE=
Subject key identifier: 44:5D:36:7D:5D:84:72:AA:E0:50:D3:53:43:3A:AD:FA:09:CB:0B:86
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCADE4BB31A75BB4BE2CEC76D0F5BEE
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/RF02fV2EcqrgUNNTQzqt-gnLC4Y.roa
Signing time: Sun 01 Jan 2023 14:44:49 +0000
ROA not before: Sun 01 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41403
IP address blocks: 78.136.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:de:4b:b3:1a:75:bb:4b:e2:ce:c7:6d:0f:5b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=445d367d5d8472aae050d353433aadfa09cb0b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fc:64:4d:fc:14:c7:f1:97:31:ea:32:36:33:
5c:4c:1b:8c:51:c9:d8:20:9a:a2:f2:a7:b0:ee:33:
9e:e5:9c:bf:6c:1f:7f:b4:d0:4e:9a:50:bc:82:66:
c1:c8:c2:c4:fb:d7:97:2b:ee:17:ce:b2:4d:6f:fe:
d7:91:07:a0:77:a6:a8:fd:67:98:43:93:64:29:55:
ab:4b:39:c1:c6:53:da:f5:0f:3d:30:5a:8f:34:a9:
9a:1d:ac:97:0c:20:55:bb:0a:f7:fd:f5:8a:20:dd:
67:0b:84:01:ba:72:9a:e3:58:9f:63:e2:01:68:1e:
0f:eb:59:19:10:54:f6:d8:80:e3:40:51:9e:fe:b1:
21:94:b4:69:06:eb:cb:51:ce:72:81:03:d4:18:76:
f7:8f:a0:7e:e9:07:4e:9d:94:5e:a2:de:ec:a4:5f:
11:31:95:80:b1:42:8f:84:9a:c5:d7:2d:da:28:d0:
eb:49:1e:f6:a6:06:9f:4b:92:d9:9b:be:94:00:f3:
57:4a:fd:c4:00:f8:8f:a5:97:86:9c:b7:9b:17:d4:
56:cc:c7:8b:fe:c3:69:f7:43:2f:5f:06:4b:c6:b5:
4b:c1:06:70:43:08:a5:23:59:6b:81:9d:82:5d:0f:
45:8f:b3:4d:d6:89:fd:da:0f:56:fa:3e:fc:71:45:
a7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:5D:36:7D:5D:84:72:AA:E0:50:D3:53:43:3A:AD:FA:09:CB:0B:86
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/RF02fV2EcqrgUNNTQzqt-gnLC4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.232.0/21
Signature Algorithm: sha256WithRSAEncryption
0a:2b:7c:05:d2:89:bd:e9:d2:3c:60:c0:49:9a:33:22:59:12:
37:89:27:71:09:ae:ce:f7:d8:9a:b7:13:59:3f:17:26:35:55:
05:ff:4c:83:c8:13:54:a0:c8:c7:07:96:ab:73:39:ef:0f:e8:
fd:2d:27:ce:7c:9d:5c:f4:02:7e:4d:28:67:83:f1:c4:eb:4c:
23:17:bb:50:2e:4a:13:e9:f4:62:00:0b:e4:c7:62:09:72:ea:
0b:c4:13:78:3a:f8:56:bb:69:f9:c8:e9:cd:fb:2b:3a:14:62:
12:ca:f9:2e:65:14:de:0c:fd:16:7f:c9:e5:59:4d:6f:c2:c8:
1e:e7:8b:c7:0a:f5:56:5a:1f:9a:2b:cf:2e:33:8e:41:2a:ca:
cd:6c:8d:a1:09:84:45:c9:6a:d0:d6:a2:b5:a5:b0:77:40:34:
f0:30:e2:c7:65:a3:8d:20:be:9e:2f:24:76:31:3a:f6:2e:31:
fe:59:c7:f1:4f:22:32:ce:4f:68:e8:e4:35:6e:51:a4:cb:1e:
51:01:69:2d:10:3f:77:b7:90:32:f9:14:26:c4:58:7c:cf:c6:
5c:e7:09:00:db:7b:4b:09:71:77:87:f7:56:92:a6:9f:29:81:
00:bb:bf:c6:bb:40:a2:04:cb:b3:fe:0b:07:ef:bd:9c:d4:79:
a8:fd:36:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyt5Lsxp1u0vizsdtD1vuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDVkMzY3ZDVkODQ3MmFhZTA1MGQzNTM0MzNhYWRmYTA5Y2IwYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfxkTfwUx/GXMeoyNjNcTBuMUcnY
IJqi8qew7jOe5Zy/bB9/tNBOmlC8gmbByMLE+9eXK+4XzrJNb/7XkQegd6ao/WeY
Q5NkKVWrSznBxlPa9Q89MFqPNKmaHayXDCBVuwr3/fWKIN1nC4QBunKa41ifY+IB
aB4P61kZEFT22IDjQFGe/rEhlLRpBuvLUc5ygQPUGHb3j6B+6QdOnZReot7spF8R
MZWAsUKPhJrF1y3aKNDrSR72pgafS5LZm76UAPNXSv3EAPiPpZeGnLebF9RWzMeL
/sNp90MvXwZLxrVLwQZwQwilI1lrgZ2CXQ9Fj7NN1on92g9W+j78cUWnYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERdNn1dhHKq4FDTU0M6rfoJywuGMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvUkYwMmZWMkVjcXJnVU5OVFF6cXQtZ25MQzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTojoMA0G
CSqGSIb3DQEBCwUAA4IBAQAKK3wF0om96dI8YMBJmjMiWRI3iSdxCa7O99iatxNZ
PxcmNVUF/0yDyBNUoMjHB5arcznvD+j9LSfOfJ1c9AJ+TShng/HE60wjF7tQLkoT
6fRiAAvkx2IJcuoLxBN4OvhWu2n5yOnN+ys6FGISyvkuZRTeDP0Wf8nlWU1vwsge
54vHCvVWWh+aK88uM45BKsrNbI2hCYRFyWrQ1qK1pbB3QDTwMOLHZaONIL6eLyR2
MTr2LjH+WcfxTyIyzk9o6OQ1blGkyx5RAWktED93t5Ay+RQmxFh8z8Zc5wkA23tL
CXF3h/dWkqafKYEAu7/Gu0CiBMuz/gsH772c1Hmo/Tbu
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:58 2025 by rpki-client