Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/R8YmW8MQ2QAsBcziMGJaIdeNVu4.roa
File: R8YmW8MQ2QAsBcziMGJaIdeNVu4.roa (raw, json)
Hash identifier: bJkWCyC6MQlkr2BEUoPzMRelONHI78rtojAWyGkT0Xw=
Subject key identifier: 47:C6:26:5B:C3:10:D9:00:2C:05:CC:E2:30:62:5A:21:D7:8D:56:EE
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 01856FA6F407C4FE7A720707EF7E5C06F537
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/R8YmW8MQ2QAsBcziMGJaIdeNVu4.roa
Signing time: Sun 01 Jan 2023 23:24:50 +0000
ROA not before: Sun 01 Jan 2023 23:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211279
IP address blocks: 178.175.162.0/23 maxlen: 24
178.175.160.0/23 maxlen: 24
178.175.175.0/24 maxlen: 24
178.175.174.0/23 maxlen: 23
178.175.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:f4:07:c4:fe:7a:72:07:07:ef:7e:5c:06:f5:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jan 1 23:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47c6265bc310d9002c05cce230625a21d78d56ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6f:2d:ee:96:67:44:9f:e1:9c:d1:de:96:8b:
04:80:5f:10:e6:2c:fd:7e:75:c6:19:01:e8:44:f3:
4f:5d:79:8b:6f:05:58:f1:fd:4c:60:86:99:a5:17:
58:b4:11:93:62:6e:79:43:03:7e:79:14:11:52:14:
c3:31:3e:9e:e2:c8:aa:d7:b0:06:a0:80:c2:3a:a2:
c9:b4:10:f0:3b:1b:90:15:db:35:13:07:cc:fb:62:
c8:3f:85:c5:7a:17:32:b2:87:00:1e:b2:ca:00:c9:
4a:24:58:10:c4:d8:c1:f4:66:23:dc:25:a9:4d:50:
9d:15:44:7f:ae:b1:f1:d0:58:c7:74:6c:ed:f4:bd:
0a:b6:41:39:2c:30:b2:bf:4e:bf:73:d0:1a:69:89:
2a:c1:5e:f5:36:ea:89:d2:7c:ef:1a:ae:08:d8:ad:
a5:9a:1e:3e:eb:cb:1b:68:1a:ab:9c:66:2f:b6:ba:
57:d1:91:63:49:70:e7:f9:58:fc:e8:5c:d7:34:7e:
a9:b7:17:15:0f:e2:77:2e:60:29:92:6b:07:ad:68:
9a:fc:8b:da:7e:db:05:b5:02:13:52:45:3a:b0:96:
17:77:4c:cc:43:c3:d0:5f:2c:6f:2a:06:77:8d:d8:
44:c3:04:74:7d:fb:f0:b2:bb:94:c0:4c:70:d1:48:
07:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C6:26:5B:C3:10:D9:00:2C:05:CC:E2:30:62:5A:21:D7:8D:56:EE
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/R8YmW8MQ2QAsBcziMGJaIdeNVu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.160.0/22
178.175.174.0/23
Signature Algorithm: sha256WithRSAEncryption
04:b4:52:ba:4f:43:9e:74:71:c7:f1:51:62:b2:d7:b5:e1:85:
da:79:fe:0b:23:e9:08:cc:22:34:0a:8a:ce:5a:aa:97:36:08:
f5:cd:7a:8b:86:c8:aa:0a:0a:9d:9a:1e:f5:09:a5:30:79:52:
0e:be:24:de:53:ac:29:28:e1:a1:07:2d:fb:b8:ee:8f:c7:ee:
ab:27:55:5f:60:9d:b9:6d:e8:fb:8d:b7:c9:00:b5:c8:f0:79:
01:54:77:ef:72:52:b9:9d:95:5d:5b:29:7b:cb:6b:83:3b:ba:
e2:d9:08:47:e6:a3:46:ef:d6:3c:4c:57:a8:5f:6a:d8:d9:7c:
f2:51:0e:6f:ea:df:55:44:14:04:5d:53:90:53:51:e0:b7:b2:
3d:ec:2a:ea:0e:88:55:67:b4:7b:30:a4:11:d4:56:09:b8:09:
4c:5a:43:f4:b3:82:82:51:6f:c8:ff:a3:17:92:3d:c2:18:1e:
9e:b5:d2:cc:5d:0e:bf:c2:1d:b0:25:92:75:f3:d2:4f:81:2c:
af:09:a5:2d:01:8d:2c:9d:10:b8:ec:54:80:47:44:f9:da:f5:
39:1e:e9:48:41:89:14:b5:0f:d8:eb:9e:ee:d1:fa:5d:04:11:
3f:e2:a8:dc:29:99:a4:f2:24:db:bb:1d:e8:73:ae:fb:ec:27:
cd:7b:c9:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvpvQHxP56cgcH735cBvU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjMwMTAxMjMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2M2MjY1YmMzMTBkOTAwMmMwNWNjZTIzMDYyNWEyMWQ3OGQ1NmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk28t7pZnRJ/hnNHelosEgF8Q5iz9
fnXGGQHoRPNPXXmLbwVY8f1MYIaZpRdYtBGTYm55QwN+eRQRUhTDMT6e4siq17AG
oIDCOqLJtBDwOxuQFds1EwfM+2LIP4XFehcysocAHrLKAMlKJFgQxNjB9GYj3CWp
TVCdFUR/rrHx0FjHdGzt9L0KtkE5LDCyv06/c9AaaYkqwV71NuqJ0nzvGq4I2K2l
mh4+68sbaBqrnGYvtrpX0ZFjSXDn+Vj86FzXNH6ptxcVD+J3LmApkmsHrWia/Iva
ftsFtQITUkU6sJYXd0zMQ8PQXyxvKgZ3jdhEwwR0ffvwsruUwExw0UgHKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEfGJlvDENkALAXM4jBiWiHXjVbuMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvUjhZbVc4TVEyUUFzQmN6aU1HSmFJZGVOVnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsq+gAwQB
sq+uMA0GCSqGSIb3DQEBCwUAA4IBAQAEtFK6T0OedHHH8VFiste14YXaef4LI+kI
zCI0CorOWqqXNgj1zXqLhsiqCgqdmh71CaUweVIOviTeU6wpKOGhBy37uO6Px+6r
J1VfYJ25bej7jbfJALXI8HkBVHfvclK5nZVdWyl7y2uDO7ri2QhH5qNG79Y8TFeo
X2rY2XzyUQ5v6t9VRBQEXVOQU1Hgt7I97CrqDohVZ7R7MKQR1FYJuAlMWkP0s4KC
UW/I/6MXkj3CGB6etdLMXQ6/wh2wJZJ189JPgSyvCaUtAY0snRC47FSAR0T52vU5
HulIQYkUtQ/Y657u0fpdBBE/4qjcKZmk8iTbux3oc6777CfNe8kc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:57 2025 by rpki-client