Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/K8Ug1mXFW6id7LIciHs7wvyNLtg.roa
File: K8Ug1mXFW6id7LIciHs7wvyNLtg.roa (raw, json)
Hash identifier: SNTyXSJ6jq53e30wEPQeIYzHiteGo1pBGxQc5b48uuU=
Subject key identifier: 2B:C5:20:D6:65:C5:5B:A8:9D:EC:B2:1C:88:7B:3B:C2:FC:8D:2E:D8
Certificate issuer: /CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Certificate serial: 01856E78C598D372AA0F6E149EED279B159C
Authority key identifier: 01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/K8Ug1mXFW6id7LIciHs7wvyNLtg.roa
Signing time: Sun 01 Jan 2023 17:54:46 +0000
ROA not before: Sun 01 Jan 2023 17:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56801
IP address blocks: 94.135.124.200/30 maxlen: 30
82.207.191.220/32 maxlen: 32
82.207.191.33/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:c5:98:d3:72:aa:0f:6e:14:9e:ed:27:9b:15:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Validity
Not Before: Jan 1 17:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bc520d665c55ba89decb21c887b3bc2fc8d2ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:35:0a:80:8c:8c:02:08:5c:ce:9a:6b:f9:74:
4e:ea:32:4b:79:04:59:df:ce:13:b9:72:3e:14:26:
e6:59:94:d5:a0:d2:68:01:1c:72:29:15:fa:2a:98:
28:62:97:00:ff:66:c4:cb:fc:9d:70:d5:62:b3:da:
77:63:a3:fe:83:54:b2:f5:db:22:f6:d9:f7:39:c3:
26:c0:f7:48:64:9e:28:56:48:9b:6b:8d:fb:e5:da:
21:45:95:ce:0c:2e:70:6f:d9:a2:f5:c5:7c:72:44:
9a:84:77:ef:c6:a5:13:d5:88:39:32:c1:e2:b7:27:
e5:58:18:bf:69:94:6a:4f:35:0c:fc:a0:2f:b4:c7:
68:61:f0:da:43:6b:6f:6c:74:21:d5:f9:16:8e:96:
8b:cd:48:3c:f0:6a:e5:73:61:28:c0:f6:2b:c8:66:
e6:cb:6e:0b:df:db:22:33:6e:ac:9d:78:3b:c9:96:
82:c1:df:f3:4d:be:aa:b0:7e:56:df:1e:91:e1:76:
bc:e6:06:c3:fb:e4:69:1f:f0:87:6c:73:29:3b:2d:
e7:1a:47:99:d2:94:8d:42:4d:b5:ad:02:bf:94:40:
de:16:9d:6c:90:00:20:b5:dd:cb:a7:e8:0c:41:dd:
61:71:d3:b1:94:01:ab:e0:79:44:e2:a5:8f:9b:36:
ae:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C5:20:D6:65:C5:5B:A8:9D:EC:B2:1C:88:7B:3B:C2:FC:8D:2E:D8
X509v3 Authority Key Identifier:
keyid:01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/K8Ug1mXFW6id7LIciHs7wvyNLtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.207.191.33/32
82.207.191.220/32
94.135.124.200/30
Signature Algorithm: sha256WithRSAEncryption
26:50:92:45:20:b2:56:89:63:94:f2:61:69:06:47:eb:94:29:
44:c3:45:80:35:90:64:a1:77:45:27:23:29:11:c5:c1:41:b1:
32:89:c1:4a:75:06:8c:c7:5a:7b:75:c9:3e:0a:07:54:e0:21:
a9:dc:61:20:4b:d8:77:cb:44:49:59:5b:47:b1:11:86:77:af:
88:87:87:ef:4a:3c:37:92:6f:cb:ba:a2:cd:a5:59:68:a4:de:
32:4f:8a:7f:00:dd:ed:7c:4c:af:4f:af:bd:23:7b:c0:3a:62:
06:84:e9:05:6a:1b:f8:7f:98:28:98:e9:ab:21:56:e5:9f:65:
45:ce:d0:c9:5a:db:c7:54:18:14:ec:33:20:99:5b:c9:01:ed:
22:96:68:08:d0:de:f7:c2:91:d3:59:de:57:ab:c4:5e:5d:c8:
c3:46:74:f6:4c:0e:d2:b2:7c:f9:e1:56:50:3e:55:4f:29:55:
04:73:af:a4:1b:bf:3a:72:ec:42:f7:d0:06:a1:66:1f:19:2b:
f5:b6:87:b8:6c:1a:ec:4c:dd:07:98:66:a5:72:62:b3:7c:ba:
b1:8b:f2:25:40:c4:79:ad:e1:e5:a1:a8:53:be:64:44:c4:f1:
0e:ba:07:0b:2e:d7:56:9a:51:ec:21:fd:6e:00:e4:d4:4c:f5:
86:18:19:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVueMWY03KqD24Unu0nmxWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDFhMTM1M2Y3ZjhiNTA1ZmM5ODc1MGU4Njc4N2Y0ZTA0
NjQzMmUwHhcNMjMwMTAxMTc1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM1MjBkNjY1YzU1YmE4OWRlY2IyMWM4ODdiM2JjMmZjOGQyZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDUKgIyMAghczppr+XRO6jJLeQRZ
384TuXI+FCbmWZTVoNJoARxyKRX6KpgoYpcA/2bEy/ydcNVis9p3Y6P+g1Sy9dsi
9tn3OcMmwPdIZJ4oVkiba4375dohRZXODC5wb9mi9cV8ckSahHfvxqUT1Yg5MsHi
tyflWBi/aZRqTzUM/KAvtMdoYfDaQ2tvbHQh1fkWjpaLzUg88Grlc2EowPYryGbm
y24L39siM26snXg7yZaCwd/zTb6qsH5W3x6R4Xa85gbD++RpH/CHbHMpOy3nGkeZ
0pSNQk21rQK/lEDeFp1skAAgtd3Lp+gMQd1hcdOxlAGr4HlE4qWPmzauUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCvFINZlxVuoneyyHIh7O8L8jS7YMB8GA1UdIwQY
MBaAFAHRoTU/f4tQX8mHUOhnh/TgRkMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEt
NjQzYTQxNTlhYjQ2LzEvSzhVZzFtWEZXNmlkN0xJY2lIczd3dnlOTHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEtNjQzYTQxNTlhYjQ2
LzEvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAATAVAwUAUs+/IQMF
AFLPv9wDBQJeh3zIMA0GCSqGSIb3DQEBCwUAA4IBAQAmUJJFILJWiWOU8mFpBkfr
lClEw0WANZBkoXdFJyMpEcXBQbEyicFKdQaMx1p7dck+CgdU4CGp3GEgS9h3y0RJ
WVtHsRGGd6+Ih4fvSjw3km/LuqLNpVlopN4yT4p/AN3tfEyvT6+9I3vAOmIGhOkF
ahv4f5gomOmrIVbln2VFztDJWtvHVBgU7DMgmVvJAe0ilmgI0N73wpHTWd5Xq8Re
XcjDRnT2TA7Ssnz54VZQPlVPKVUEc6+kG786cuxC99AGoWYfGSv1toe4bBrsTN0H
mGalcmKzfLqxi/IlQMR5reHloahTvmRExPEOugcLLtdWmlHsIf1uAOTUTPWGGBlY
-----END CERTIFICATE-----
Generated at Thu Feb 20 15:06:33 2025 by rpki-client