Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/f-Poj9swvaFgyaYqrIUvEZxM-PM.roa
File: f-Poj9swvaFgyaYqrIUvEZxM-PM.roa (raw, json)
Hash identifier: XziktmAwp/Y4vm4jeHu+F+eT3iT13IIVt7BSie6EXaA=
Subject key identifier: 7F:E3:E8:8F:DB:30:BD:A1:60:C9:A6:2A:AC:85:2F:11:9C:4C:F8:F3
Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial: 018312D4DC99B024178D9A0F811CA0DC193B
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/f-Poj9swvaFgyaYqrIUvEZxM-PM.roa
Signing time: Tue 06 Sep 2022 12:44:43 +0000
ROA not before: Tue 06 Sep 2022 12:44:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29180
IP address blocks: 82.132.128.0/22 maxlen: 24
185.238.16.0/23 maxlen: 24
185.238.18.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:d4:dc:99:b0:24:17:8d:9a:0f:81:1c:a0:dc:19:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Validity
Not Before: Sep 6 12:44:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fe3e88fdb30bda160c9a62aac852f119c4cf8f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:67:ed:f9:e3:91:5c:3b:36:a6:ab:43:0b:a3:
c8:1a:7f:b4:ce:85:ab:07:75:2f:b1:80:dc:18:3c:
02:71:00:6c:a4:9d:31:55:92:59:da:27:7d:98:8d:
fe:e3:22:77:60:a0:28:d2:8c:9b:8a:5f:8b:40:92:
35:f2:27:1f:a1:25:78:e4:48:90:30:c1:a3:7c:df:
e4:9a:2e:b9:fe:07:a1:15:03:6a:a5:c5:a3:60:9a:
ba:3c:b2:21:d2:0b:d5:fe:bc:aa:f0:ea:e7:e2:89:
30:0e:a6:f7:2f:2b:48:f6:65:ef:bd:c6:6e:2f:34:
38:f7:bd:5a:5a:1a:36:17:75:c9:93:fe:09:cf:70:
8b:58:25:74:3f:04:74:7e:cd:66:5f:d9:93:65:ba:
23:73:3a:11:b4:c9:57:e9:78:e1:fe:80:dd:c5:7f:
40:96:1e:60:1d:2e:ac:6b:89:5d:8e:0b:16:dd:9f:
a0:41:b7:1f:e9:33:68:84:87:4d:72:78:36:0e:93:
76:10:85:73:de:56:5e:3f:24:fa:26:6e:74:f5:df:
63:a8:72:8e:19:c6:5a:34:e3:4b:ad:cb:9e:e8:21:
05:65:ee:42:04:54:59:f2:9e:2c:b2:60:28:12:42:
08:6c:49:88:eb:30:32:7e:47:24:d1:9f:58:12:1f:
23:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E3:E8:8F:DB:30:BD:A1:60:C9:A6:2A:AC:85:2F:11:9C:4C:F8:F3
X509v3 Authority Key Identifier:
keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/f-Poj9swvaFgyaYqrIUvEZxM-PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.132.128.0/22
185.238.16.0/22
Signature Algorithm: sha256WithRSAEncryption
06:94:05:83:a0:ac:4e:78:f1:7a:d4:59:55:8e:fb:f1:f9:8d:
f5:8e:2a:f5:d1:76:1c:34:ea:c0:80:e2:70:06:4f:d1:52:87:
bb:1c:3a:7c:31:d9:14:ad:4c:5e:d7:f1:97:0e:ae:c0:ff:d9:
60:94:0e:44:85:7d:d7:a8:46:67:66:c7:c5:c5:94:e0:19:06:
5b:51:04:60:84:9f:62:83:46:b1:f3:fe:f9:7c:cb:6f:42:f9:
57:ea:68:39:5e:b9:91:1a:eb:b1:91:d1:24:b7:3a:eb:7c:b8:
ed:51:2f:f7:ef:8c:b1:e0:01:59:41:68:97:ef:55:e8:e1:45:
c9:56:77:f3:15:9f:25:97:bc:a6:5c:7b:14:39:17:c8:07:31:
29:9d:9a:20:22:a4:99:4b:2d:55:3b:95:2e:46:0a:29:ff:05:
6a:e0:ff:e6:39:56:ea:3e:95:35:40:f5:c6:21:bd:db:ca:7b:
43:78:47:eb:94:bd:f5:00:d5:9b:b4:e6:7f:bf:1f:cb:f4:de:
1a:d2:90:64:8c:6d:44:7d:03:59:01:fb:29:98:aa:2d:a7:c2:
15:3c:40:80:d2:67:85:a8:95:3a:6a:30:76:c5:5e:f4:fc:46:
18:6e:e4:c6:3f:b7:b7:0e:9c:ca:e1:c2:b9:73:e9:33:cd:9b:
46:9d:a8:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMS1NyZsCQXjZoPgRyg3Bk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjIwOTA2MTI0NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmUzZTg4ZmRiMzBiZGExNjBjOWE2MmFhYzg1MmYxMTljNGNmOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWft+eORXDs2pqtDC6PIGn+0zoWr
B3UvsYDcGDwCcQBspJ0xVZJZ2id9mI3+4yJ3YKAo0oybil+LQJI18icfoSV45EiQ
MMGjfN/kmi65/gehFQNqpcWjYJq6PLIh0gvV/ryq8Orn4okwDqb3LytI9mXvvcZu
LzQ4971aWho2F3XJk/4Jz3CLWCV0PwR0fs1mX9mTZbojczoRtMlX6Xjh/oDdxX9A
lh5gHS6sa4ldjgsW3Z+gQbcf6TNohIdNcng2DpN2EIVz3lZePyT6Jm509d9jqHKO
GcZaNONLrcue6CEFZe5CBFRZ8p4ssmAoEkIIbEmI6zAyfkck0Z9YEh8j1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH/j6I/bML2hYMmmKqyFLxGcTPjzMB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvZi1Qb2o5c3d2YUZneWFZcXJJVXZFWnhNLVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUoSAAwQC
ue4QMA0GCSqGSIb3DQEBCwUAA4IBAQAGlAWDoKxOePF61FlVjvvx+Y31jir10XYc
NOrAgOJwBk/RUoe7HDp8MdkUrUxe1/GXDq7A/9lglA5EhX3XqEZnZsfFxZTgGQZb
UQRghJ9ig0ax8/75fMtvQvlX6mg5XrmRGuuxkdEktzrrfLjtUS/374yx4AFZQWiX
71Xo4UXJVnfzFZ8ll7ymXHsUORfIBzEpnZogIqSZSy1VO5UuRgop/wVq4P/mOVbq
PpU1QPXGIb3byntDeEfrlL31ANWbtOZ/vx/L9N4a0pBkjG1EfQNZAfspmKotp8IV
PECA0meFqJU6ajB2xV70/EYYbuTGP7e3DpzK4cK5c+kzzZtGnaj4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:14 2025 by rpki-client