Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/d3ZKpVR3xSICBTUsqrOutc6CB3U.roa
File: d3ZKpVR3xSICBTUsqrOutc6CB3U.roa (raw, json)
Hash identifier: wBo1dEEkAeMs00UZGIhii98DJPdWSzDzwVQMSM4b3b8=
Subject key identifier: 77:76:4A:A5:54:77:C5:22:02:05:35:2C:AA:B3:AE:B5:CE:82:07:75
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 09390CF3
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/d3ZKpVR3xSICBTUsqrOutc6CB3U.roa
Signing time: Sat 01 Jan 2022 12:58:52 +0000
ROA not before: Sat 01 Jan 2022 12:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47911
IP address blocks: 188.186.128.0/21 maxlen: 24
2a02:2698:b000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154733811 (0x9390cf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77764aa55477c5220205352caab3aeb5ce820775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:92:ce:b5:69:8c:0c:de:af:e1:55:4e:a0:bf:
f0:96:60:05:00:ed:d0:af:21:6f:6b:3a:96:70:22:
b6:78:58:98:39:8f:19:b7:b3:f5:46:9c:3a:0f:34:
f0:b4:69:df:e2:08:f8:0e:07:26:b2:ee:d8:6a:38:
f8:64:9e:1e:41:29:77:41:91:37:80:b7:83:ee:7f:
40:16:af:92:90:35:8d:fe:ae:0e:b6:90:b9:b8:7d:
09:28:2d:6b:7a:67:96:be:87:3b:53:e2:16:f4:f9:
4e:f7:25:92:47:2e:24:47:05:8a:e2:2e:55:af:ca:
ee:c9:32:ad:1d:2a:c1:b2:98:1b:5f:62:a7:b0:cc:
30:dc:aa:4d:2c:41:e7:5e:cc:d3:c7:fe:07:34:b4:
6b:24:30:5d:0c:52:39:a1:f9:6e:98:20:0d:c2:33:
d1:9b:74:9e:23:c0:d7:9a:1d:8e:ae:b8:dd:df:a4:
8b:6d:34:87:f1:f5:da:14:54:ff:86:96:65:ff:1b:
b6:da:8f:d0:27:b4:35:00:ab:82:d1:4a:9a:60:fa:
91:29:02:ff:c8:bf:98:a0:d1:6a:de:c6:6a:af:2d:
f3:7a:64:04:cc:39:e7:ba:51:0c:b7:37:5e:aa:a0:
c2:a8:66:49:9d:96:de:fe:23:45:6f:82:48:96:8a:
b6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:76:4A:A5:54:77:C5:22:02:05:35:2C:AA:B3:AE:B5:CE:82:07:75
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/d3ZKpVR3xSICBTUsqrOutc6CB3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.186.128.0/21
IPv6:
2a02:2698:b000::/36
Signature Algorithm: sha256WithRSAEncryption
49:5a:2e:70:33:cc:15:97:10:fd:84:f4:df:93:5d:c8:b1:2b:
bb:67:5c:71:4c:cc:74:39:a0:64:ad:71:e4:34:72:b6:1d:f1:
7e:ec:1b:35:3a:da:5e:56:e4:a3:0d:f7:6b:ae:f4:3c:a5:a0:
13:aa:e3:f5:04:5d:b2:26:df:d7:ce:e1:61:0c:b8:7e:7e:a3:
9e:99:86:34:70:9b:49:44:eb:5b:35:eb:12:87:78:2f:84:3a:
34:ac:72:64:24:36:19:cf:d6:49:25:10:f9:54:80:38:9a:8d:
24:4a:e8:8a:6b:15:22:a4:e3:12:df:d3:ce:87:40:9b:f1:3f:
a3:6c:f2:0f:15:9c:a2:ef:17:b6:14:fe:d3:97:aa:b4:64:f3:
e9:ae:25:f4:ec:30:af:9c:6c:ff:6d:19:2e:fe:54:2b:47:c3:
a2:74:c9:18:f5:03:3f:be:ad:06:f3:89:00:ed:53:dc:ed:38:
36:34:ae:43:15:47:38:c7:dd:e0:5f:72:92:bb:59:d3:34:82:
db:dd:20:be:42:87:0c:dc:f9:3e:3b:8a:b1:5c:d1:ee:ff:2c:
80:fb:05:ff:42:b0:c8:3e:f0:ed:17:98:f9:3d:89:d9:d9:36:
84:01:da:0e:ed:3a:ee:08:29:1c:ff:37:c1:2b:fc:28:8b:1f:
2e:2d:58:d2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIECTkM8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc3NjRhYTU1NDc3
YzUyMjAyMDUzNTJjYWFiM2FlYjVjZTgyMDc3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6SzrVpjAzer+FVTqC/8JZgBQDt0K8hb2s6lnAitnhYmDmP
Gbez9UacOg808LRp3+II+A4HJrLu2Go4+GSeHkEpd0GRN4C3g+5/QBavkpA1jf6u
DraQubh9CSgta3pnlr6HO1PiFvT5TvclkkcuJEcFiuIuVa/K7skyrR0qwbKYG19i
p7DMMNyqTSxB517M08f+BzS0ayQwXQxSOaH5bpggDcIz0Zt0niPA15odjq643d+k
i200h/H12hRU/4aWZf8bttqP0Ce0NQCrgtFKmmD6kSkC/8i/mKDRat7Gaq8t83pk
BMw557pRDLc3XqqgwqhmSZ2W3v4jRW+CSJaKtqkCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBR3dkqlVHfFIgIFNSyqs661zoIHdTAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L2QzWktwVlIzeFNJQ0JUVXNxck91dGM2Q0IzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEA7y6gDAOBAIAAjAIAwYEKgImmLAw
DQYJKoZIhvcNAQELBQADggEBAElaLnAzzBWXEP2E9N+TXcixK7tnXHFMzHQ5oGSt
ceQ0crYd8X7sGzU62l5W5KMN92uu9DyloBOq4/UEXbIm39fO4WEMuH5+o56ZhjRw
m0lE61s16xKHeC+EOjSscmQkNhnP1kklEPlUgDiajSRK6IprFSKk4xLf086HQJvx
P6Ns8g8VnKLvF7YU/tOXqrRk8+muJfTsMK+cbP9tGS7+VCtHw6J0yRj1Az++rQbz
iQDtU9ztODY0rkMVRzjH3eBfcpK7WdM0gtvdIL5Chwzc+T47irFc0e7/LID7Bf9C
sMg+8O0XmPk9idnZNoQB2g7tOu4IKRz/N8Er/CiLHy4tWNI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:47 2025 by rpki-client