Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/791a4e-1be9-4976-bd95-6561c849057f/1/US9K8ozrB0MfBEQS131s_dCysY4.roa
File: US9K8ozrB0MfBEQS131s_dCysY4.roa (raw, json)
Hash identifier: L0Cc2Yxvfulc8XwhrW+E0Y5ioIcnSITwMaIeXQ5Ios4=
Subject key identifier: 51:2F:4A:F2:8C:EB:07:43:1F:04:44:12:D7:7D:6C:FD:D0:B2:B1:8E
Certificate issuer: /CN=779d815db3226b7a848961262ad74ffc15557fa1
Certificate serial: 01856C4A4BFBA019557C20DAA82FB1DCB7C2
Authority key identifier: 77:9D:81:5D:B3:22:6B:7A:84:89:61:26:2A:D7:4F:FC:15:55:7F:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d52BXbMia3qEiWEmKtdP_BVVf6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/791a4e-1be9-4976-bd95-6561c849057f/1/US9K8ozrB0MfBEQS131s_dCysY4.roa
Signing time: Sun 01 Jan 2023 07:44:46 +0000
ROA not before: Sun 01 Jan 2023 07:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51210
IP address blocks: 178.217.240.0/21 maxlen: 21
2001:67c:48::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:4b:fb:a0:19:55:7c:20:da:a8:2f:b1:dc:b7:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=779d815db3226b7a848961262ad74ffc15557fa1
Validity
Not Before: Jan 1 07:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=512f4af28ceb07431f044412d77d6cfdd0b2b18e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dd:66:c1:02:aa:3d:94:de:81:78:56:a3:44:
39:3a:d0:fa:88:bd:32:c1:4d:f2:12:af:2c:b8:0f:
e4:8b:ac:52:3a:ce:9d:b3:7a:fd:b3:51:b1:5b:30:
f0:db:82:0e:0a:df:fb:db:76:c0:f8:e6:3a:1f:8b:
c9:e1:4f:26:e8:10:49:17:0b:c3:b3:5c:68:53:8d:
c2:fb:46:f1:06:50:12:e3:d8:2d:42:18:4a:cb:bb:
aa:87:cf:c8:05:6a:9d:b8:31:65:73:a3:ea:9c:aa:
8e:76:69:83:ba:a4:91:4d:a4:2e:9e:86:3a:4b:4f:
6d:96:b9:16:51:5c:d1:f9:cf:fb:47:cf:5f:c6:06:
eb:4d:5f:c3:20:22:cd:6d:33:df:9c:d4:0c:4f:0f:
bc:7b:08:83:6c:90:6a:15:74:ee:e0:ba:17:96:73:
a1:69:04:a4:96:ce:75:42:ec:0d:81:05:a1:b1:c3:
19:86:40:bc:dc:3c:6f:06:ff:f0:8f:5e:0f:ec:50:
04:c6:8d:d0:01:d9:b0:4a:8f:54:f1:a1:a1:cf:af:
fe:91:c9:6e:b4:11:ae:45:e5:9c:dd:f1:1b:fc:ba:
75:26:ee:0b:2e:62:40:91:0e:47:84:c5:c1:5a:c3:
15:34:b9:fe:d6:41:c4:97:85:47:0c:84:4f:62:ab:
af:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2F:4A:F2:8C:EB:07:43:1F:04:44:12:D7:7D:6C:FD:D0:B2:B1:8E
X509v3 Authority Key Identifier:
keyid:77:9D:81:5D:B3:22:6B:7A:84:89:61:26:2A:D7:4F:FC:15:55:7F:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d52BXbMia3qEiWEmKtdP_BVVf6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/791a4e-1be9-4976-bd95-6561c849057f/1/US9K8ozrB0MfBEQS131s_dCysY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/791a4e-1be9-4976-bd95-6561c849057f/1/d52BXbMia3qEiWEmKtdP_BVVf6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.240.0/21
IPv6:
2001:67c:48::/48
Signature Algorithm: sha256WithRSAEncryption
23:78:47:6c:a8:6c:25:b5:bd:0e:eb:82:6a:2f:8a:ec:06:ad:
3f:b5:46:bf:6b:95:68:27:02:6a:12:21:6e:59:10:59:8b:d3:
64:fb:a8:04:e6:28:b8:1f:87:f7:55:52:a4:5b:ce:a9:8b:85:
f8:cf:84:4a:28:76:c2:01:72:7e:9b:62:f0:88:2b:f9:64:e7:
a2:f9:60:22:5d:60:ec:63:1d:e4:48:51:dd:b7:8f:90:51:64:
f5:13:d5:66:d0:5c:2e:5f:27:1d:1e:1a:c9:83:75:8f:86:24:
31:e8:52:2f:94:bc:8c:b1:f2:90:8a:11:01:09:92:68:78:a4:
7b:e2:f1:88:08:2c:c1:c5:b3:86:a7:04:de:0e:77:83:68:d1:
47:4f:b9:06:55:88:3b:df:dc:be:2d:d6:12:bc:60:02:fe:7b:
4c:c7:9b:65:7d:bc:5b:4d:c1:69:3f:78:dc:e8:44:c5:07:16:
2d:41:eb:63:7b:51:8f:51:28:91:1a:6a:4a:ca:02:f7:c0:fb:
57:2e:af:8c:1e:70:87:97:3c:fb:30:01:e7:90:f2:b5:31:3c:
4f:b1:88:ac:83:d0:9e:f7:27:b6:97:d0:cc:62:29:13:da:14:
cc:32:51:ba:db:1a:87:9a:ee:e5:92:21:a3:c9:ff:50:95:bf:
13:c3:bb:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsSkv7oBlVfCDaqC+x3LfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3OWQ4MTVkYjMyMjZiN2E4NDg5NjEyNjJhZDc0ZmZjMTU1
NTdmYTEwHhcNMjMwMTAxMDc0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJmNGFmMjhjZWIwNzQzMWYwNDQ0MTJkNzdkNmNmZGQwYjJiMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp91mwQKqPZTegXhWo0Q5OtD6iL0y
wU3yEq8suA/ki6xSOs6ds3r9s1GxWzDw24IOCt/723bA+OY6H4vJ4U8m6BBJFwvD
s1xoU43C+0bxBlAS49gtQhhKy7uqh8/IBWqduDFlc6PqnKqOdmmDuqSRTaQunoY6
S09tlrkWUVzR+c/7R89fxgbrTV/DICLNbTPfnNQMTw+8ewiDbJBqFXTu4LoXlnOh
aQSkls51QuwNgQWhscMZhkC83DxvBv/wj14P7FAExo3QAdmwSo9U8aGhz6/+kclu
tBGuReWc3fEb/Lp1Ju4LLmJAkQ5HhMXBWsMVNLn+1kHEl4VHDIRPYquvLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFEvSvKM6wdDHwREEtd9bP3QsrGOMB8GA1UdIwQY
MBaAFHedgV2zImt6hIlhJirXT/wVVX+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDUyQlhiTWlhM3FFaVdFbUt0ZFBfQlZWZjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83OTFhNGUtMWJlOS00OTc2LWJkOTUt
NjU2MWM4NDkwNTdmLzEvVVM5SzhvenJCME1mQkVRUzEzMXNfZEN5c1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83OTFhNGUtMWJlOS00OTc2LWJkOTUtNjU2MWM4NDkwNTdm
LzEvZDUyQlhiTWlhM3FFaVdFbUt0ZFBfQlZWZjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDstnwMA8E
AgACMAkDBwAgAQZ8AEgwDQYJKoZIhvcNAQELBQADggEBACN4R2yobCW1vQ7rgmov
iuwGrT+1Rr9rlWgnAmoSIW5ZEFmL02T7qATmKLgfh/dVUqRbzqmLhfjPhEoodsIB
cn6bYvCIK/lk56L5YCJdYOxjHeRIUd23j5BRZPUT1WbQXC5fJx0eGsmDdY+GJDHo
Ui+UvIyx8pCKEQEJkmh4pHvi8YgILMHFs4anBN4Od4No0UdPuQZViDvf3L4t1hK8
YAL+e0zHm2V9vFtNwWk/eNzoRMUHFi1B62N7UY9RKJEaakrKAvfA+1cur4wecIeX
PPswAeeQ8rUxPE+xiKyD0J73J7aX0MxiKRPaFMwyUbrbGoea7uWSIaPJ/1CVvxPD
u0k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:27 2025 by rpki-client