Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/o4Aspc7vxt7qrbzgJy9DynbEKCY.roa
File: o4Aspc7vxt7qrbzgJy9DynbEKCY.roa (raw, json)
Hash identifier: VhXp4R1J3cFUHyW1pr5+GFcVHe1/trJDN9xJAcg353c=
Subject key identifier: A3:80:2C:A5:CE:EF:C6:DE:EA:AD:BC:E0:27:2F:43:CA:76:C4:28:26
Certificate issuer: /CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Certificate serial: 0188AE6C47FE9B89EC02D17B2C006F4BE633
Authority key identifier: D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/o4Aspc7vxt7qrbzgJy9DynbEKCY.roa
Signing time: Mon 12 Jun 2023 07:05:11 +0000
ROA not before: Mon 12 Jun 2023 07:05:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 178.20.208.0/24 maxlen: 24
178.20.209.0/24 maxlen: 24
178.20.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:6c:47:fe:9b:89:ec:02:d1:7b:2c:00:6f:4b:e6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Validity
Not Before: Jun 12 07:05:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3802ca5ceefc6deeaadbce0272f43ca76c42826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:76:5f:14:f9:66:67:cc:f9:7f:3d:3f:a1:5c:
ab:3b:b6:aa:79:c4:8a:86:a4:45:8c:76:25:81:2d:
57:98:14:5c:17:c0:f3:69:f9:aa:56:71:0e:e6:53:
a5:b2:0a:fe:34:dd:a5:f9:d0:af:58:04:ae:d7:2d:
33:b8:6e:b3:ab:ea:a3:71:d2:f9:fc:e7:e8:0d:11:
4a:19:4f:33:01:e9:d9:9a:7a:fa:4f:dd:24:2a:54:
98:e2:b0:ec:e8:21:eb:b6:64:b4:ee:c0:0d:49:a2:
bd:26:b2:e2:93:fc:42:81:f3:32:c8:8a:5c:33:62:
e6:65:b5:f7:fb:93:5a:9b:40:4c:4b:b4:d8:24:75:
eb:94:92:27:7f:0e:cf:bf:57:b1:a3:c0:a3:f6:28:
67:1b:32:08:b8:fe:9c:89:a8:c8:c6:2b:6b:67:38:
73:f9:e0:e0:de:b8:50:3e:99:95:bd:fe:d4:57:b7:
b3:41:82:5a:0d:be:1f:fc:b7:f6:10:05:4f:b2:a4:
21:4d:1a:3e:4c:07:1d:1b:f2:04:bd:40:c0:2e:43:
d5:ca:17:72:c8:fb:09:62:8c:de:ef:90:bb:fc:90:
c8:65:8e:b2:8f:d3:99:3e:05:e0:7d:9a:6a:de:49:
47:51:0e:fc:a5:94:23:42:82:89:02:c6:d0:b3:1c:
1c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:80:2C:A5:CE:EF:C6:DE:EA:AD:BC:E0:27:2F:43:CA:76:C4:28:26
X509v3 Authority Key Identifier:
keyid:D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/o4Aspc7vxt7qrbzgJy9DynbEKCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/2TpU8C9J9FrV1z5VUdCWGBvOP24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.208.0/22
Signature Algorithm: sha256WithRSAEncryption
83:b1:50:fd:cb:42:43:de:f0:9e:bf:66:68:9c:38:fd:0f:c4:
5e:89:f2:5a:4b:27:57:94:a8:89:7c:ac:ff:60:82:02:7b:94:
7b:5b:be:17:53:a8:7f:8f:0f:67:0d:57:70:95:96:8b:33:54:
4c:67:7c:fc:45:b3:c3:ed:2b:1a:49:63:fe:91:e2:73:4b:08:
aa:77:1d:13:8a:fc:9c:00:45:2a:43:2f:b4:5b:31:7d:41:43:
24:90:9c:32:6f:b6:36:bd:9d:f4:ce:0f:b7:69:d5:9a:a3:fa:
df:24:d2:03:f3:5c:21:d3:0a:36:19:be:a9:d3:59:57:a5:4c:
03:2e:74:e1:fe:97:e4:6a:4f:64:02:50:98:35:f0:07:ec:18:
4a:5b:b2:38:48:70:f5:9d:98:6c:08:07:7a:8c:a9:de:60:57:
0c:52:8d:3c:4f:fb:7b:d4:a5:32:1c:52:a3:d0:cf:10:85:48:
4a:e9:3b:ba:64:87:74:14:03:8f:ae:86:cd:55:16:83:6c:e9:
cb:9c:1f:28:23:b3:e0:e9:d7:36:7b:16:ea:7f:48:4a:35:e5:
ff:3d:9e:4c:f0:40:3b:a6:c0:65:b6:f8:5b:b0:03:8d:c4:c1:
90:c8:11:55:73:6f:64:61:00:57:0a:3e:82:8c:6d:ce:26:78:
f3:07:9e:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiubEf+m4nsAtF7LABvS+YzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2E1NGYwMmY0OWY0NWFkNWQ3M2U1NTUxZDA5NjE4MWJj
ZTNmNmUwHhcNMjMwNjEyMDcwNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzgwMmNhNWNlZWZjNmRlZWFhZGJjZTAyNzJmNDNjYTc2YzQyODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXZfFPlmZ8z5fz0/oVyrO7aqecSK
hqRFjHYlgS1XmBRcF8DzafmqVnEO5lOlsgr+NN2l+dCvWASu1y0zuG6zq+qjcdL5
/OfoDRFKGU8zAenZmnr6T90kKlSY4rDs6CHrtmS07sANSaK9JrLik/xCgfMyyIpc
M2LmZbX3+5Nam0BMS7TYJHXrlJInfw7Pv1exo8Cj9ihnGzIIuP6ciajIxitrZzhz
+eDg3rhQPpmVvf7UV7ezQYJaDb4f/Lf2EAVPsqQhTRo+TAcdG/IEvUDALkPVyhdy
yPsJYoze75C7/JDIZY6yj9OZPgXgfZpq3klHUQ78pZQjQoKJAsbQsxwc8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOALKXO78be6q284CcvQ8p2xCgmMB8GA1UdIwQY
MBaAFNk6VPAvSfRa1dc+VVHQlhgbzj9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMt
MDVkNThmMGNiODhjLzEvbzRBc3BjN3Z4dDdxcmJ6Z0p5OUR5bmJFS0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMtMDVkNThmMGNiODhj
LzEvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCshTQMA0G
CSqGSIb3DQEBCwUAA4IBAQCDsVD9y0JD3vCev2ZonDj9D8ReifJaSydXlKiJfKz/
YIICe5R7W74XU6h/jw9nDVdwlZaLM1RMZ3z8RbPD7SsaSWP+keJzSwiqdx0Tivyc
AEUqQy+0WzF9QUMkkJwyb7Y2vZ30zg+3adWao/rfJNID81wh0wo2Gb6p01lXpUwD
LnTh/pfkak9kAlCYNfAH7BhKW7I4SHD1nZhsCAd6jKneYFcMUo08T/t71KUyHFKj
0M8QhUhK6Tu6ZId0FAOProbNVRaDbOnLnB8oI7Pg6dc2exbqf0hKNeX/PZ5M8EA7
psBltvhbsAONxMGQyBFVc29kYQBXCj6CjG3OJnjzB57d
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:35 2025 by rpki-client