Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7bab97-48a3-4ae7-a151-151bf34f468b/1/0h8q0RmLdXckr9F0a1fY9jbB1u0.roa
File: 0h8q0RmLdXckr9F0a1fY9jbB1u0.roa (raw, json)
Hash identifier: gwbMJQIvYm+bDp27bHAC5KmLgByKr+8K1xOVLdnLrA4=
Subject key identifier: D2:1F:2A:D1:19:8B:75:77:24:AF:D1:74:6B:57:D8:F6:36:C1:D6:ED
Certificate issuer: /CN=77dfcf0982486869b71dbdb7cc613c4b381367c4
Certificate serial: 0103B7
Authority key identifier: 77:DF:CF:09:82:48:68:69:B7:1D:BD:B7:CC:61:3C:4B:38:13:67:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9_PCYJIaGm3Hb23zGE8SzgTZ8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7bab97-48a3-4ae7-a151-151bf34f468b/1/0h8q0RmLdXckr9F0a1fY9jbB1u0.roa
Signing time: Sun 06 Mar 2022 23:09:47 +0000
ROA not before: Sun 06 Mar 2022 23:09:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211111
IP address blocks: 185.159.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66487 (0x103b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77dfcf0982486869b71dbdb7cc613c4b381367c4
Validity
Not Before: Mar 6 23:09:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d21f2ad1198b757724afd1746b57d8f636c1d6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f0:e9:66:cc:3c:be:52:fa:93:84:9e:6c:98:
01:62:fd:e0:ae:f8:f0:ba:55:b7:8c:39:5d:b6:29:
e3:c2:d8:d5:45:24:98:b4:e9:f2:7a:1a:45:2d:da:
b2:87:0c:08:91:e5:7e:7a:7d:c1:f6:eb:7d:d4:fa:
99:c0:f8:7b:d3:75:9a:1d:6b:94:2f:21:69:76:3e:
04:24:1f:d5:7b:73:9b:64:bb:88:0c:96:0a:24:20:
53:58:d6:1a:ac:5f:98:2e:44:5a:21:75:30:4b:1d:
2d:49:61:aa:9a:d6:24:9e:81:a9:1a:e0:17:00:9e:
82:6a:ba:c0:fe:07:9d:71:c3:7d:8a:1d:08:48:dc:
fd:95:3e:aa:b2:d6:79:57:e3:2a:a7:90:09:d2:0c:
54:63:92:54:da:6d:81:e1:b2:66:c5:2d:0b:1a:20:
c8:13:0d:31:70:16:61:ac:70:6a:86:15:63:62:92:
84:b7:63:c9:1e:29:79:f3:b6:a7:2a:de:47:f7:fb:
bd:cf:d9:70:68:c1:1f:64:d6:eb:54:60:7f:a8:b5:
0a:9c:15:58:ff:6b:0e:14:37:9d:75:77:6f:40:0f:
d6:8b:73:c5:78:40:a9:91:14:54:89:21:41:dd:fa:
19:17:d5:42:d8:0d:c7:dd:01:a6:12:48:a5:8c:43:
33:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1F:2A:D1:19:8B:75:77:24:AF:D1:74:6B:57:D8:F6:36:C1:D6:ED
X509v3 Authority Key Identifier:
keyid:77:DF:CF:09:82:48:68:69:B7:1D:BD:B7:CC:61:3C:4B:38:13:67:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9_PCYJIaGm3Hb23zGE8SzgTZ8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7bab97-48a3-4ae7-a151-151bf34f468b/1/0h8q0RmLdXckr9F0a1fY9jbB1u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7bab97-48a3-4ae7-a151-151bf34f468b/1/d9_PCYJIaGm3Hb23zGE8SzgTZ8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.87.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:d6:7f:bf:a7:54:69:d3:7b:5d:e5:a5:c3:71:10:0d:0d:13:
ea:09:2b:db:5e:1b:a6:ff:3a:e7:fe:3e:5a:fc:ca:5a:ca:13:
4d:8d:aa:a4:c2:9c:62:6d:9c:bc:07:12:06:e1:75:8c:bb:10:
6e:19:05:5c:d9:c2:a4:fe:ab:ae:43:7e:61:d2:bf:c0:7f:9d:
63:22:8f:f1:36:02:63:f6:36:54:35:bc:35:7d:86:3d:fa:8c:
7a:d7:cf:d2:7e:8d:6a:a3:b0:8e:36:f5:aa:4a:f6:ca:9f:69:
79:44:75:b1:ae:8c:ba:af:10:c7:e7:43:bb:2b:b2:f4:4f:6b:
98:5c:fd:78:0c:4c:ee:3d:b2:bc:c7:70:38:d1:2e:93:7c:25:
55:c3:70:bc:4b:90:ec:9e:59:33:2d:ed:92:2a:66:eb:8a:dc:
b5:d4:c3:a5:1b:b1:eb:bf:49:cc:ca:e1:db:81:f8:56:ef:22:
8a:36:71:cc:44:b5:89:03:07:d0:18:59:9d:ef:0e:8f:3a:f5:
c1:80:5c:13:dd:d6:f7:a4:55:f4:40:c8:1d:a8:db:02:37:de:
9d:cc:e8:0b:b0:7c:5f:cf:10:4f:48:a9:f5:b5:76:ca:8a:69:
07:ce:4f:e4:b9:18:d5:fc:a0:e0:af:dc:3e:0d:3e:02:76:db:
62:17:33:1a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAQO3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc3
ZGZjZjA5ODI0ODY4NjliNzFkYmRiN2NjNjEzYzRiMzgxMzY3YzQwHhcNMjIwMzA2
MjMwOTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMjFmMmFkMTE5OGI3
NTc3MjRhZmQxNzQ2YjU3ZDhmNjM2YzFkNmVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA9fDpZsw8vlL6k4SebJgBYv3grvjwulW3jDldtinjwtjVRSSY
tOnyehpFLdqyhwwIkeV+en3B9ut91PqZwPh703WaHWuULyFpdj4EJB/Ve3ObZLuI
DJYKJCBTWNYarF+YLkRaIXUwSx0tSWGqmtYknoGpGuAXAJ6CarrA/gedccN9ih0I
SNz9lT6qstZ5V+Mqp5AJ0gxUY5JU2m2B4bJmxS0LGiDIEw0xcBZhrHBqhhVjYpKE
t2PJHil587anKt5H9/u9z9lwaMEfZNbrVGB/qLUKnBVY/2sOFDeddXdvQA/Wi3PF
eECpkRRUiSFB3foZF9VC2A3H3QGmEkiljEMzBwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNIfKtEZi3V3JK/RdGtX2PY2wdbtMB8GA1UdIwQYMBaAFHffzwmCSGhptx29
t8xhPEs4E2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZDlfUENZSklhR20zSGIyM3pHRThTemdUWjhRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMS83YmFiOTctNDhhMy00YWU3LWExNTEtMTUxYmYzNGY0NjhiLzEv
MGg4cTBSbUxkWGNrcjlGMGExZlk5amJCMXUwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83
YmFiOTctNDhhMy00YWU3LWExNTEtMTUxYmYzNGY0NjhiLzEvZDlfUENZSklhR20z
SGIyM3pHRThTemdUWjhRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ9XMA0GCSqGSIb3DQEBCwUAA4IB
AQCO1n+/p1Rp03td5aXDcRANDRPqCSvbXhum/zrn/j5a/MpayhNNjaqkwpxibZy8
BxIG4XWMuxBuGQVc2cKk/quuQ35h0r/Af51jIo/xNgJj9jZUNbw1fYY9+ox618/S
fo1qo7CONvWqSvbKn2l5RHWxroy6rxDH50O7K7L0T2uYXP14DEzuPbK8x3A40S6T
fCVVw3C8S5DsnlkzLe2SKmbrity11MOlG7Hrv0nMyuHbgfhW7yKKNnHMRLWJAwfQ
GFmd7w6POvXBgFwT3db3pFX0QMgdqNsCN96dzOgLsHxfzxBPSKn1tXbKimkHzk/k
uRjV/KDgr9w+DT4CdttiFzMa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:42 2025 by rpki-client