Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/3wDlYn4WuC7Z1USQaQb79C-PGSw.roa
File: 3wDlYn4WuC7Z1USQaQb79C-PGSw.roa (raw, json)
Hash identifier: WXodLl6uuvvnPZk2RH6rfyu0dbQmSiUa+i5xhtvoGa0=
Subject key identifier: DF:00:E5:62:7E:16:B8:2E:D9:D5:44:90:69:06:FB:F4:2F:8F:19:2C
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 01856FA6F37CC2DE386DFAD3A9D4F0A61938
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/3wDlYn4WuC7Z1USQaQb79C-PGSw.roa
Signing time: Sun 01 Jan 2023 23:24:50 +0000
ROA not before: Sun 01 Jan 2023 23:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203912
IP address blocks: 178.175.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:f3:7c:c2:de:38:6d:fa:d3:a9:d4:f0:a6:19:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jan 1 23:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df00e5627e16b82ed9d544906906fbf42f8f192c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:87:03:17:39:f8:f8:ff:8d:22:9b:00:48:66:
5d:5e:5c:85:48:75:3e:51:e1:7b:d2:cf:20:59:59:
e4:c0:59:b2:f9:66:5c:ef:09:19:5b:7a:0c:52:49:
0c:7e:32:d3:f5:5b:2d:df:ed:6b:00:d4:24:a9:c4:
e9:b9:3f:0a:61:2c:23:5f:0e:79:3a:9e:ea:91:01:
70:2e:8c:e2:09:45:48:d4:a4:00:1b:4e:e8:96:02:
d5:3e:12:81:ec:2c:3a:9c:50:52:25:ad:97:9b:5e:
f1:ca:aa:28:35:a5:58:c5:4e:0c:03:db:fe:70:1b:
2a:8f:ed:28:81:d1:63:0b:d9:0f:79:11:c0:df:ec:
f4:af:29:04:64:4d:06:ba:55:a7:a3:5d:9c:f7:37:
ea:00:04:fd:42:9a:7a:a1:5a:c7:b1:82:8e:9a:ce:
14:17:fb:e2:67:fe:e9:f9:7a:21:b1:44:da:8f:01:
a4:4f:6f:03:9e:87:3e:bf:0b:97:db:0b:1b:af:09:
a9:14:46:1e:2c:25:3b:76:f7:9e:a4:bf:b8:64:35:
fb:c3:88:f5:10:f8:85:ab:bf:53:71:fe:09:9a:56:
02:a6:89:d3:4c:c8:02:99:c3:67:d3:26:c6:9d:69:
85:5d:70:df:de:32:95:e1:d9:17:44:a7:c1:97:f8:
6c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:00:E5:62:7E:16:B8:2E:D9:D5:44:90:69:06:FB:F4:2F:8F:19:2C
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/3wDlYn4WuC7Z1USQaQb79C-PGSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.153.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:80:4f:af:51:2b:2f:67:7e:0f:42:eb:d4:15:d4:e7:ef:24:
07:20:eb:62:89:48:38:e7:a5:14:e0:25:1c:b5:e1:e9:23:26:
9b:b7:2b:31:d9:0b:9f:6a:11:5c:38:b0:ff:0a:f1:7f:bd:62:
7c:63:71:66:ba:de:4e:d5:01:20:63:a0:3e:52:02:7c:bf:ef:
28:f1:93:ca:59:3c:ca:a5:e0:1c:ba:bf:37:48:a6:2d:3b:b6:
e7:58:e0:5d:90:01:e2:2a:60:6a:b1:be:07:1c:e8:21:a4:35:
01:f1:68:01:cf:33:cd:72:31:1e:29:e1:d2:e1:28:58:09:30:
a9:e0:dd:e3:0b:7c:b4:2b:39:f5:aa:07:ac:4b:db:7a:2c:a1:
a0:53:07:90:db:f6:46:f1:19:17:0b:f9:45:d3:b9:f8:b6:4e:
4b:11:b0:4c:2b:85:76:54:37:5e:58:7f:d9:1f:ba:39:c8:a1:
1e:dd:fe:0e:9c:dc:54:09:9b:fa:71:aa:e2:85:24:b6:db:f5:
d0:52:46:ab:69:08:8d:51:e1:c5:d9:43:c9:70:65:e6:74:7b:
44:f5:5c:f8:dd:08:90:66:dd:c3:e1:d7:92:90:a4:9b:ba:94:
17:cb:62:0d:a7:31:a9:26:b2:b6:c2:7b:7f:47:18:d1:19:e9:
1c:94:4f:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpvN8wt44bfrTqdTwphk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjMwMTAxMjMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjAwZTU2MjdlMTZiODJlZDlkNTQ0OTA2OTA2ZmJmNDJmOGYxOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYcDFzn4+P+NIpsASGZdXlyFSHU+
UeF70s8gWVnkwFmy+WZc7wkZW3oMUkkMfjLT9Vst3+1rANQkqcTpuT8KYSwjXw55
Op7qkQFwLoziCUVI1KQAG07olgLVPhKB7Cw6nFBSJa2Xm17xyqooNaVYxU4MA9v+
cBsqj+0ogdFjC9kPeRHA3+z0rykEZE0GulWno12c9zfqAAT9Qpp6oVrHsYKOms4U
F/viZ/7p+XohsUTajwGkT28Dnoc+vwuX2wsbrwmpFEYeLCU7dveepL+4ZDX7w4j1
EPiFq79Tcf4JmlYCponTTMgCmcNn0ybGnWmFXXDf3jKV4dkXRKfBl/hsXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8A5WJ+Frgu2dVEkGkG+/QvjxksMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvM3dEbFluNFd1QzdaMVVTUWFRYjc5Qy1QR1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsq+ZMA0G
CSqGSIb3DQEBCwUAA4IBAQB+gE+vUSsvZ34PQuvUFdTn7yQHIOtiiUg456UU4CUc
teHpIyabtysx2QufahFcOLD/CvF/vWJ8Y3Fmut5O1QEgY6A+UgJ8v+8o8ZPKWTzK
peAcur83SKYtO7bnWOBdkAHiKmBqsb4HHOghpDUB8WgBzzPNcjEeKeHS4ShYCTCp
4N3jC3y0Kzn1qgesS9t6LKGgUweQ2/ZG8RkXC/lF07n4tk5LEbBMK4V2VDdeWH/Z
H7o5yKEe3f4OnNxUCZv6carihSS22/XQUkaraQiNUeHF2UPJcGXmdHtE9Vz43QiQ
Zt3D4deSkKSbupQXy2INpzGpJrK2wnt/RxjRGekclE8t
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:09 2025 by rpki-client