Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/8kgcPjG4tb_SH3r5vZbYVJXkpnk.roa
File: 8kgcPjG4tb_SH3r5vZbYVJXkpnk.roa (raw, json)
Hash identifier: 26JsKmhFTM8kA+Zg+ZUyJaArPD2camhnnlG3CP2lBOQ=
Subject key identifier: F2:48:1C:3E:31:B8:B5:BF:D2:1F:7A:F9:BD:96:D8:54:95:E4:A6:79
Certificate issuer: /CN=5cb7939ed70c8aea31be493e78e88f4861f53121
Certificate serial: 01BEFB
Authority key identifier: 5C:B7:93:9E:D7:0C:8A:EA:31:BE:49:3E:78:E8:8F:48:61:F5:31:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLeTntcMiuoxvkk-eOiPSGH1MSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/8kgcPjG4tb_SH3r5vZbYVJXkpnk.roa
Signing time: Wed 27 Apr 2022 13:23:10 +0000
ROA not before: Wed 27 Apr 2022 13:23:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24660
IP address blocks: 91.195.44.0/23 maxlen: 23
2001:67c:17a8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114427 (0x1befb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cb7939ed70c8aea31be493e78e88f4861f53121
Validity
Not Before: Apr 27 13:23:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2481c3e31b8b5bfd21f7af9bd96d85495e4a679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:98:d8:fc:7e:b0:85:c4:67:ea:35:65:39:ba:
13:70:23:e7:19:14:c8:b1:59:f2:bc:4f:05:bb:e7:
91:ea:8c:da:81:d3:4f:68:f7:96:55:e1:ff:28:1f:
94:c9:61:08:79:c4:00:7d:31:92:86:9f:b0:6f:bf:
82:47:b9:06:25:8e:62:02:86:eb:70:6d:e6:7a:4b:
5e:83:a8:3e:f2:fd:91:d9:ea:95:87:57:5c:5a:d4:
65:e8:2a:cf:1d:d5:22:45:d0:2f:72:34:74:5b:7f:
d4:0c:37:f9:69:2b:ad:f9:7b:2e:4a:c5:0e:96:36:
da:a0:cf:21:0b:13:18:4b:c8:9d:f9:08:1e:c9:7a:
3b:b2:a0:18:d5:98:f5:e3:3e:3c:35:34:0b:15:c8:
6b:90:0b:8e:b0:75:ba:f4:49:36:28:3e:ba:a3:e4:
54:0f:d9:f3:0e:23:e9:bc:26:67:ba:b6:f5:46:c7:
f5:ae:20:98:b8:99:7f:8e:fa:40:9a:72:9a:7a:17:
4a:da:2d:a9:fb:fd:41:25:a6:d4:ba:96:b0:ce:28:
18:c3:55:d4:cd:26:7b:b3:ab:c7:ed:51:89:e7:c8:
aa:43:fd:1d:8a:42:66:a0:58:f8:b8:4d:55:fe:3d:
72:46:9b:f1:bd:20:39:67:19:6f:2f:b8:f0:f3:c2:
f7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:48:1C:3E:31:B8:B5:BF:D2:1F:7A:F9:BD:96:D8:54:95:E4:A6:79
X509v3 Authority Key Identifier:
keyid:5C:B7:93:9E:D7:0C:8A:EA:31:BE:49:3E:78:E8:8F:48:61:F5:31:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLeTntcMiuoxvkk-eOiPSGH1MSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/8kgcPjG4tb_SH3r5vZbYVJXkpnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/XLeTntcMiuoxvkk-eOiPSGH1MSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.44.0/23
IPv6:
2001:67c:17a8::/48
Signature Algorithm: sha256WithRSAEncryption
07:48:1b:18:18:30:c4:88:3f:ee:fb:fb:ad:da:8e:48:d2:bb:
15:1c:a5:7c:da:22:1f:e4:fb:52:c3:a3:10:8e:3d:e5:d9:2c:
a5:74:6b:c4:d3:e2:c8:c0:4a:80:e6:6e:fd:8c:39:f7:7d:c1:
ab:76:41:b0:c3:26:2d:ec:8f:30:00:f3:89:b9:44:e7:90:10:
88:a1:8d:4f:14:4a:e2:f4:06:78:93:7d:a0:46:da:31:11:cb:
23:7a:43:4c:12:f8:3f:45:47:29:05:c6:a0:ed:01:92:1a:68:
08:e3:f1:57:51:ce:65:34:c1:12:98:e0:e4:14:96:16:aa:bb:
a0:d5:b2:14:cf:55:75:08:42:da:1d:a3:97:56:1d:2b:b9:04:
07:17:89:3a:99:12:31:f7:ad:08:61:8f:91:73:e1:04:30:e3:
c3:e3:cb:f9:bd:0b:5a:53:d7:04:cf:22:08:36:d1:13:a9:ca:
e2:44:54:a5:e4:ab:cb:70:2a:14:f5:45:5f:30:54:ec:ac:b7:
26:ca:0a:57:90:cf:0b:af:a5:1e:b1:8b:a8:ec:29:90:00:a0:
a6:32:af:7b:40:08:f7:12:ff:ec:40:57:eb:3f:4c:d1:98:bd:
96:39:8c:54:2f:a2:14:18:79:b1:8f:70:ee:c8:8e:9e:68:e5:
dc:b3:f2:66
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIDAb77MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVj
Yjc5MzllZDcwYzhhZWEzMWJlNDkzZTc4ZTg4ZjQ4NjFmNTMxMjEwHhcNMjIwNDI3
MTMyMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMjQ4MWMzZTMxYjhi
NWJmZDIxZjdhZjliZDk2ZDg1NDk1ZTRhNjc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArJjY/H6whcRn6jVlOboTcCPnGRTIsVnyvE8Fu+eR6ozagdNP
aPeWVeH/KB+UyWEIecQAfTGShp+wb7+CR7kGJY5iAobrcG3mekteg6g+8v2R2eqV
h1dcWtRl6CrPHdUiRdAvcjR0W3/UDDf5aSut+XsuSsUOljbaoM8hCxMYS8id+Qge
yXo7sqAY1Zj14z48NTQLFchrkAuOsHW69Ek2KD66o+RUD9nzDiPpvCZnurb1Rsf1
riCYuJl/jvpAmnKaehdK2i2p+/1BJabUupawzigYw1XUzSZ7s6vH7VGJ58iqQ/0d
ikJmoFj4uE1V/j1yRpvxvSA5ZxlvL7jw88L3NQIDAQABo4ICGjCCAhYwHQYDVR0O
BBYEFPJIHD4xuLW/0h96+b2W2FSV5KZ5MB8GA1UdIwQYMBaAFFy3k57XDIrqMb5J
Pnjoj0hh9TEhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WExlVG50Y01pdW94dmtrLWVPaVBTR0gxTVNFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xNS9jNDM4NmYtZDFiZS00M2M4LTk5MmYtMmVkYWZjNjBmMmRmLzEv
OGtnY1BqRzR0Yl9TSDNyNXZaYllWSlhrcG5rLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9j
NDM4NmYtZDFiZS00M2M4LTk5MmYtMmVkYWZjNjBmMmRmLzEvWExlVG50Y01pdW94
dmtrLWVPaVBTR0gxTVNFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAG
CCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8MsMA8EAgACMAkDBwAgAQZ8F6gw
DQYJKoZIhvcNAQELBQADggEBAAdIGxgYMMSIP+77+63ajkjSuxUcpXzaIh/k+1LD
oxCOPeXZLKV0a8TT4sjASoDmbv2MOfd9wat2QbDDJi3sjzAA84m5ROeQEIihjU8U
SuL0BniTfaBG2jERyyN6Q0wS+D9FRykFxqDtAZIaaAjj8VdRzmU0wRKY4OQUlhaq
u6DVshTPVXUIQtodo5dWHSu5BAcXiTqZEjH3rQhhj5Fz4QQw48Pjy/m9C1pT1wTP
Igg20ROpyuJEVKXkq8twKhT1RV8wVOystybKCleQzwuvpR6xi6jsKZAAoKYyr3tA
CPcS/+xAV+s/TNGYvZY5jFQvohQYebGPcO7Ijp5o5dyz8mY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:51 2025 by rpki-client