Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/7OkG3DTQXcijiVtIlXHMo8btvL8.roa
File: 7OkG3DTQXcijiVtIlXHMo8btvL8.roa (raw, json)
Hash identifier: jPxsfIVFuhFsMOImfbiavseBpBvTkd4rykfWp4CUtD0=
Subject key identifier: EC:E9:06:DC:34:D0:5D:C8:A3:89:5B:48:95:71:CC:A3:C6:ED:BC:BF
Certificate issuer: /CN=a7967d76c2d46720d4cfac0459fa3c3d22005044
Certificate serial: 018A9A7149F38E50A9611C00592EF1F863CD
Authority key identifier: A7:96:7D:76:C2:D4:67:20:D4:CF:AC:04:59:FA:3C:3D:22:00:50:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/7OkG3DTQXcijiVtIlXHMo8btvL8.roa
Signing time: Fri 15 Sep 2023 20:03:50 +0000
ROA not before: Fri 15 Sep 2023 20:03:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39422
IP address blocks: 176.108.232.0/21 maxlen: 21
176.108.232.0/22 maxlen: 22
176.108.238.0/23 maxlen: 23
176.108.236.0/22 maxlen: 22
176.108.236.0/24 maxlen: 24
195.182.203.0/24 maxlen: 24
195.182.202.0/24 maxlen: 24
195.182.202.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:71:49:f3:8e:50:a9:61:1c:00:59:2e:f1:f8:63:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7967d76c2d46720d4cfac0459fa3c3d22005044
Validity
Not Before: Sep 15 20:03:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece906dc34d05dc8a3895b489571cca3c6edbcbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:94:0f:f7:54:d0:5f:e7:f8:11:68:f8:7b:44:
91:db:0d:78:35:be:fb:9a:5b:de:b8:48:7e:eb:8f:
6a:3b:79:6e:8d:e1:5d:a7:58:93:77:b6:26:7b:b6:
d9:54:f8:eb:c0:ca:e4:ca:3a:f9:64:b0:ee:ce:6b:
6d:ac:08:65:e4:ab:62:28:2a:9b:a7:14:ca:9e:53:
c2:7a:ce:d8:d9:a9:63:6e:5a:f8:bb:6f:3b:d3:91:
1a:66:6c:1e:83:af:b3:b7:16:03:c1:46:a6:c5:04:
19:44:e3:6a:65:8b:a9:9f:23:17:df:82:86:e1:ee:
b2:6f:97:fc:3e:7e:06:e0:9e:46:ac:5e:c4:0f:4e:
c2:5c:22:d2:5d:a6:f5:6a:28:ff:f7:d8:d0:44:41:
02:ab:84:40:f4:2e:b3:ff:13:9e:9e:00:3d:0a:46:
9d:e3:d7:76:0a:c0:91:e4:95:f7:5f:72:98:70:dc:
42:1a:2c:8f:76:29:59:2a:ff:8c:57:4f:67:c6:c4:
b2:3d:41:58:4a:f6:19:b8:4f:47:4e:17:4e:4f:63:
c5:26:c1:b4:95:d7:b0:52:c0:97:57:ff:f6:2c:42:
fd:12:be:b8:bc:04:5a:70:28:59:5a:4b:3c:32:3a:
40:ee:db:66:d8:9f:a7:f4:6b:35:ea:98:bb:08:5a:
5b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E9:06:DC:34:D0:5D:C8:A3:89:5B:48:95:71:CC:A3:C6:ED:BC:BF
X509v3 Authority Key Identifier:
keyid:A7:96:7D:76:C2:D4:67:20:D4:CF:AC:04:59:FA:3C:3D:22:00:50:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/7OkG3DTQXcijiVtIlXHMo8btvL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.232.0/21
195.182.202.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:b0:6f:68:fb:42:fa:4d:7b:0d:b0:85:9a:14:77:bb:d0:d0:
60:92:5c:2b:a7:b5:5d:30:9f:4f:c1:37:14:71:79:59:fb:75:
ae:86:47:61:11:a2:4e:86:5f:ec:32:0e:1a:ed:49:d3:48:9e:
08:9f:a9:8e:3a:cc:38:79:8b:dd:0b:45:a5:a7:1e:20:01:ba:
40:62:b7:d5:f9:1b:3c:18:15:fc:6e:09:da:e6:28:57:a7:83:
ac:0b:f6:2e:9f:d9:17:f5:a3:6f:1b:4f:47:03:99:e7:78:67:
3f:3b:34:b8:a6:c9:41:9b:8d:87:48:a1:41:b6:06:e8:6d:3a:
fd:df:2a:ca:09:ef:f3:54:56:55:cb:dd:3a:4e:87:91:d6:e0:
39:b1:d8:08:57:dd:65:cc:6d:46:6a:72:a5:6f:cb:7a:b6:64:
3c:dc:46:a6:d3:35:32:82:64:de:d5:fb:6c:d0:2f:05:c3:45:
b5:09:87:cd:e1:bd:93:fc:2e:dd:ac:2d:60:62:19:88:31:58:
10:87:72:40:1c:3e:cc:43:2b:dd:95:54:83:b0:f4:af:90:5e:
a1:d5:42:23:54:ee:85:d8:4d:4f:dc:c5:b8:fa:e6:1f:3b:93:
4a:cd:fb:df:e5:45:f4:74:3f:4e:78:8b:c0:be:9e:e9:db:96:
f4:89:01:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqacUnzjlCpYRwAWS7x+GPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OTY3ZDc2YzJkNDY3MjBkNGNmYWMwNDU5ZmEzYzNkMjIw
MDUwNDQwHhcNMjMwOTE1MjAwMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2U5MDZkYzM0ZDA1ZGM4YTM4OTViNDg5NTcxY2NhM2M2ZWRiY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpQP91TQX+f4EWj4e0SR2w14Nb77
mlveuEh+649qO3lujeFdp1iTd7Yme7bZVPjrwMrkyjr5ZLDuzmttrAhl5KtiKCqb
pxTKnlPCes7Y2aljblr4u28705EaZmweg6+ztxYDwUamxQQZRONqZYupnyMX34KG
4e6yb5f8Pn4G4J5GrF7ED07CXCLSXab1aij/99jQREECq4RA9C6z/xOengA9Ckad
49d2CsCR5JX3X3KYcNxCGiyPdilZKv+MV09nxsSyPUFYSvYZuE9HThdOT2PFJsG0
ldewUsCXV//2LEL9Er64vARacChZWks8MjpA7ttm2J+n9Gs16pi7CFpbjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOzpBtw00F3Io4lbSJVxzKPG7by/MB8GA1UdIwQY
MBaAFKeWfXbC1Gcg1M+sBFn6PD0iAFBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDVaOWRzTFVaeURVejZ3RVdmbzhQU0lBVUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84N2I3NjgtMTU0NS00OTRhLTg0Zjkt
MWNmNTBhNTM2MDI2LzEvN09rRzNEVFFYY2lqaVZ0SWxYSE1vOGJ0dkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84N2I3NjgtMTU0NS00OTRhLTg0ZjktMWNmNTBhNTM2MDI2
LzEvcDVaOWRzTFVaeURVejZ3RVdmbzhQU0lBVUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsGzoAwQB
w7bKMA0GCSqGSIb3DQEBCwUAA4IBAQBqsG9o+0L6TXsNsIWaFHe70NBgklwrp7Vd
MJ9PwTcUcXlZ+3WuhkdhEaJOhl/sMg4a7UnTSJ4In6mOOsw4eYvdC0Wlpx4gAbpA
YrfV+Rs8GBX8bgna5ihXp4OsC/Yun9kX9aNvG09HA5nneGc/OzS4pslBm42HSKFB
tgbobTr93yrKCe/zVFZVy906ToeR1uA5sdgIV91lzG1GanKlb8t6tmQ83Eam0zUy
gmTe1fts0C8Fw0W1CYfN4b2T/C7drC1gYhmIMVgQh3JAHD7MQyvdlVSDsPSvkF6h
1UIjVO6F2E1P3MW4+uYfO5NKzfvf5UX0dD9OeIvAvp7p25b0iQE4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:51 2025 by rpki-client