Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/810ceb-dc1f-43bd-a6a6-77d0b23ef36e/1/8rlOcXRIybkmeL2NNb0H0W6ycNU.roa
File: 8rlOcXRIybkmeL2NNb0H0W6ycNU.roa (raw, json)
Hash identifier: 41/Vub1oNIy2SUSmIiNZMZRoYdongLp4DlsKxxte2KI=
Subject key identifier: F2:B9:4E:71:74:48:C9:B9:26:78:BD:8D:35:BD:07:D1:6E:B2:70:D5
Certificate issuer: /CN=0ecc8ca4bed1955b5155bc090c560efba3f5a9ad
Certificate serial: 01880AB7FA4E34A66AEA3F3F42FA2108FC5B
Authority key identifier: 0E:CC:8C:A4:BE:D1:95:5B:51:55:BC:09:0C:56:0E:FB:A3:F5:A9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DsyMpL7RlVtRVbwJDFYO-6P1qa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/810ceb-dc1f-43bd-a6a6-77d0b23ef36e/1/8rlOcXRIybkmeL2NNb0H0W6ycNU.roa
Signing time: Thu 11 May 2023 12:10:09 +0000
ROA not before: Thu 11 May 2023 12:10:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60543
IP address blocks: 91.238.150.0/23 maxlen: 24
195.78.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:b7:fa:4e:34:a6:6a:ea:3f:3f:42:fa:21:08:fc:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ecc8ca4bed1955b5155bc090c560efba3f5a9ad
Validity
Not Before: May 11 12:10:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2b94e717448c9b92678bd8d35bd07d16eb270d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d2:6f:7b:71:a2:f0:ab:2a:fb:d8:48:d8:16:
f9:fc:88:44:b5:4b:9c:05:85:8b:17:ed:45:76:36:
1b:af:fd:cf:da:24:a7:79:cd:eb:cc:f4:26:30:d1:
63:ed:f8:87:01:66:34:b9:94:6f:82:27:f4:95:de:
67:9f:0a:8f:49:3b:3b:42:27:82:31:eb:0f:3d:84:
12:34:1d:33:ba:c7:0c:bb:6f:00:f0:62:79:8f:25:
fb:c5:f0:fe:f8:2f:4c:79:09:a3:94:c1:bb:23:93:
ff:43:3f:f5:72:ae:e4:99:4d:25:fa:3a:aa:c1:82:
7d:b7:c5:a6:e6:31:34:26:31:8c:e1:83:fe:5d:d1:
47:d4:d2:31:ed:5a:0e:7f:63:aa:43:20:6f:c3:c8:
d7:25:05:40:9d:c7:24:7a:6f:db:dd:f9:ec:2e:aa:
5c:98:36:5f:dd:dc:55:ca:39:d5:84:4b:3d:ba:7e:
19:8b:63:8e:8c:3c:83:c9:b9:f8:35:41:ef:d2:a5:
3a:b8:1a:bc:ba:af:ac:1d:5c:67:17:b0:60:03:27:
09:fa:29:3a:b0:09:d1:f5:a3:b6:79:11:cf:c2:52:
6e:8f:19:dd:d7:d0:b4:2e:67:23:74:a3:cd:de:df:
1e:41:22:f5:06:cf:58:92:83:11:dc:3e:3d:1e:12:
47:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B9:4E:71:74:48:C9:B9:26:78:BD:8D:35:BD:07:D1:6E:B2:70:D5
X509v3 Authority Key Identifier:
keyid:0E:CC:8C:A4:BE:D1:95:5B:51:55:BC:09:0C:56:0E:FB:A3:F5:A9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DsyMpL7RlVtRVbwJDFYO-6P1qa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/810ceb-dc1f-43bd-a6a6-77d0b23ef36e/1/8rlOcXRIybkmeL2NNb0H0W6ycNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/810ceb-dc1f-43bd-a6a6-77d0b23ef36e/1/DsyMpL7RlVtRVbwJDFYO-6P1qa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.150.0/23
195.78.82.0/24
Signature Algorithm: sha256WithRSAEncryption
63:79:54:cd:c6:9c:54:f8:a7:24:66:8c:ab:e8:72:3e:43:96:
12:1f:76:31:11:80:60:a8:7d:e3:e3:22:94:30:01:33:c5:53:
d2:42:5e:92:9c:78:e0:44:6f:01:9d:c1:47:d9:98:9a:7d:c4:
d3:c2:4f:ce:fc:f6:0d:b2:6a:fa:fe:b3:ad:f9:d5:84:bc:24:
de:42:ce:4e:ca:71:d4:cc:fc:55:0a:3c:07:80:fc:87:49:c7:
31:c4:6a:6f:b8:b9:bc:fa:0b:91:5b:3e:97:e8:bd:20:4e:e7:
2d:54:52:6d:b5:6f:16:62:10:4a:ad:e8:33:6f:b2:36:91:15:
62:fd:25:2f:50:64:1d:58:fb:fb:25:da:0f:a5:80:bd:38:58:
61:b5:2b:13:75:86:01:96:99:d6:4a:13:4d:71:1f:83:17:cf:
67:01:5d:20:a4:b7:e7:5a:61:58:81:bd:f4:75:85:d5:ae:59:
d7:2c:1c:ac:46:3a:e4:77:42:71:d7:f2:d3:3e:a2:f3:75:b1:
66:52:bd:86:a6:9d:79:6f:ac:eb:76:31:b9:e1:f8:59:22:ca:
13:b5:f3:60:43:2d:46:1e:d8:27:57:5b:b2:09:17:45:ef:d7:
52:e8:23:ac:d7:6c:8b:63:23:23:e7:e8:94:18:ae:ad:e6:34:
26:93:5c:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgKt/pONKZq6j8/QvohCPxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlY2M4Y2E0YmVkMTk1NWI1MTU1YmMwOTBjNTYwZWZiYTNm
NWE5YWQwHhcNMjMwNTExMTIxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmI5NGU3MTc0NDhjOWI5MjY3OGJkOGQzNWJkMDdkMTZlYjI3MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dJve3Gi8Ksq+9hI2Bb5/IhEtUuc
BYWLF+1FdjYbr/3P2iSnec3rzPQmMNFj7fiHAWY0uZRvgif0ld5nnwqPSTs7QieC
MesPPYQSNB0zuscMu28A8GJ5jyX7xfD++C9MeQmjlMG7I5P/Qz/1cq7kmU0l+jqq
wYJ9t8Wm5jE0JjGM4YP+XdFH1NIx7VoOf2OqQyBvw8jXJQVAncckem/b3fnsLqpc
mDZf3dxVyjnVhEs9un4Zi2OOjDyDybn4NUHv0qU6uBq8uq+sHVxnF7BgAycJ+ik6
sAnR9aO2eRHPwlJujxnd19C0LmcjdKPN3t8eQSL1Bs9YkoMR3D49HhJHUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPK5TnF0SMm5Jni9jTW9B9FusnDVMB8GA1UdIwQY
MBaAFA7MjKS+0ZVbUVW8CQxWDvuj9amtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHN5TXBMN1JsVnRSVmJ3SkRGWU8tNlAxcWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84MTBjZWItZGMxZi00M2JkLWE2YTYt
NzdkMGIyM2VmMzZlLzEvOHJsT2NYUkl5YmttZUwyTk5iMEgwVzZ5Y05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC84MTBjZWItZGMxZi00M2JkLWE2YTYtNzdkMGIyM2VmMzZl
LzEvRHN5TXBMN1JsVnRSVmJ3SkRGWU8tNlAxcWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+6WAwQA
w05SMA0GCSqGSIb3DQEBCwUAA4IBAQBjeVTNxpxU+KckZoyr6HI+Q5YSH3YxEYBg
qH3j4yKUMAEzxVPSQl6SnHjgRG8BncFH2ZiafcTTwk/O/PYNsmr6/rOt+dWEvCTe
Qs5OynHUzPxVCjwHgPyHSccxxGpvuLm8+guRWz6X6L0gTuctVFJttW8WYhBKregz
b7I2kRVi/SUvUGQdWPv7JdoPpYC9OFhhtSsTdYYBlpnWShNNcR+DF89nAV0gpLfn
WmFYgb30dYXVrlnXLBysRjrkd0Jx1/LTPqLzdbFmUr2Gpp15b6zrdjG54fhZIsoT
tfNgQy1GHtgnV1uyCRdF79dS6COs12yLYyMj5+iUGK6t5jQmk1w9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:37 2025 by rpki-client