Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/4fQPJ2fc2onLcz6fkDE2JW7ApcM.roa
File: 4fQPJ2fc2onLcz6fkDE2JW7ApcM.roa (raw, json)
Hash identifier: qyaxO77yLfk9dfLnll2hULdR3+KvrIJM9qqHgkoxz3c=
Subject key identifier: E1:F4:0F:27:67:DC:DA:89:CB:73:3E:9F:90:31:36:25:6E:C0:A5:C3
Certificate issuer: /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial: 018CA7B668253609F898F825BD18C4F90E8E
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/4fQPJ2fc2onLcz6fkDE2JW7ApcM.roa
Signing time: Tue 26 Dec 2023 19:59:58 +0000
ROA not before: Tue 26 Dec 2023 19:59:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 82.146.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a7:b6:68:25:36:09:f8:98:f8:25:bd:18:c4:f9:0e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Validity
Not Before: Dec 26 19:59:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1f40f2767dcda89cb733e9f903136256ec0a5c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c0:a2:6a:bd:e5:d9:f7:88:f3:36:15:88:eb:
da:59:fe:9e:7d:17:06:f5:7d:97:b2:c5:77:97:93:
65:4c:9d:c8:5e:c0:21:8a:9f:45:68:d2:63:95:49:
c2:59:ad:bf:b1:49:5c:d2:f8:f8:0e:c5:c7:5a:31:
ca:96:05:7c:d4:59:59:7b:7d:92:46:14:7f:76:11:
7b:62:c9:e3:69:b4:b1:22:b0:58:f4:fa:68:a0:9d:
d0:07:02:4f:3d:69:c8:56:a2:d5:a3:56:34:aa:38:
1c:0f:3c:7f:fa:81:f6:11:45:ee:c3:01:b1:33:59:
d4:0f:e6:01:13:fb:13:88:2c:d1:a5:53:33:be:ea:
b1:59:8b:7c:9e:50:ae:d4:b3:5b:8f:d2:e8:89:ff:
62:ff:b1:df:4f:ba:1f:69:b1:29:89:8b:60:bc:07:
05:12:c9:af:26:9f:e1:f9:d3:74:34:65:b3:68:85:
f6:4d:94:ef:96:25:88:c7:c6:6c:05:02:8e:83:35:
13:06:9c:d1:a3:5c:02:e5:04:ec:fb:ba:ff:6b:86:
bb:39:e1:ff:a1:33:ec:f7:66:ba:90:fb:21:c2:8c:
06:22:a9:77:0f:45:3d:b1:72:f5:91:ae:9b:55:b7:
4e:53:cb:95:7a:ef:82:74:51:45:f9:31:01:fd:4e:
04:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F4:0F:27:67:DC:DA:89:CB:73:3E:9F:90:31:36:25:6E:C0:A5:C3
X509v3 Authority Key Identifier:
keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/4fQPJ2fc2onLcz6fkDE2JW7ApcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.16.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:4d:3d:b0:63:5e:88:d5:31:3d:09:ef:68:f1:e1:ae:f7:3f:
15:f4:c3:be:b5:f7:b6:4e:31:68:ed:86:53:ec:6a:22:ea:89:
ae:02:f9:ce:c4:f4:40:82:e3:7e:c0:6d:00:ab:b1:24:4b:c3:
e2:d1:c2:e2:ae:d7:4e:4a:59:59:34:0a:e1:e2:4d:ba:05:6f:
c3:75:54:62:1d:0a:c7:b3:c3:9a:03:00:d7:cb:e1:6e:cc:1d:
20:45:b9:41:5f:2d:76:a7:15:f4:b4:61:41:57:3b:84:92:51:
50:2f:68:99:c0:21:be:16:a6:5e:cc:34:22:f3:07:1d:26:85:
ea:d3:2b:36:5d:8d:51:bd:92:14:77:f5:6f:16:f3:68:4a:ac:
42:72:2e:f0:8d:4e:37:e0:7f:18:2b:b0:5f:87:de:1f:d8:4d:
3c:4c:5d:a1:8c:6b:f0:de:a6:c1:6a:85:50:c9:21:ab:e6:95:
a1:cd:fb:69:50:40:33:ca:10:ee:3d:3e:33:c3:88:f5:30:86:
02:39:01:e5:ae:c6:c8:5c:04:a8:d1:94:5f:35:64:33:2b:e2:
08:1d:36:93:cc:8a:7a:f2:47:00:ce:f7:25:84:a8:38:09:bc:
17:99:3b:da:dd:ca:48:ea:7d:89:f8:02:b2:14:40:5e:d5:6e:
92:1b:12:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyntmglNgn4mPglvRjE+Q6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjMxMjI2MTk1OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY0MGYyNzY3ZGNkYTg5Y2I3MzNlOWY5MDMxMzYyNTZlYzBhNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcCiar3l2feI8zYViOvaWf6efRcG
9X2XssV3l5NlTJ3IXsAhip9FaNJjlUnCWa2/sUlc0vj4DsXHWjHKlgV81FlZe32S
RhR/dhF7YsnjabSxIrBY9PpooJ3QBwJPPWnIVqLVo1Y0qjgcDzx/+oH2EUXuwwGx
M1nUD+YBE/sTiCzRpVMzvuqxWYt8nlCu1LNbj9Loif9i/7HfT7ofabEpiYtgvAcF
EsmvJp/h+dN0NGWzaIX2TZTvliWIx8ZsBQKOgzUTBpzRo1wC5QTs+7r/a4a7OeH/
oTPs92a6kPshwowGIql3D0U9sXL1ka6bVbdOU8uVeu+CdFFF+TEB/U4EQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOH0Dydn3NqJy3M+n5AxNiVuwKXDMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvNGZRUEoyZmMyb25MY3o2ZmtERTJKVzdBcGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUpIQMA0G
CSqGSIb3DQEBCwUAA4IBAQALTT2wY16I1TE9Ce9o8eGu9z8V9MO+tfe2TjFo7YZT
7Goi6omuAvnOxPRAguN+wG0Aq7EkS8Pi0cLirtdOSllZNArh4k26BW/DdVRiHQrH
s8OaAwDXy+FuzB0gRblBXy12pxX0tGFBVzuEklFQL2iZwCG+FqZezDQi8wcdJoXq
0ys2XY1RvZIUd/VvFvNoSqxCci7wjU434H8YK7Bfh94f2E08TF2hjGvw3qbBaoVQ
ySGr5pWhzftpUEAzyhDuPT4zw4j1MIYCOQHlrsbIXASo0ZRfNWQzK+IIHTaTzIp6
8kcAzvclhKg4CbwXmTva3cpI6n2J+AKyFEBe1W6SGxI5
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:24:28 2025 by rpki-client