Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/8hBg5dsKcIck8QrAnAl0WUsh7Tw.roa
File: 8hBg5dsKcIck8QrAnAl0WUsh7Tw.roa (raw, json)
Hash identifier: 9D1mtTT8X0KTZAMfY5hWYulY1aKcIEvJUDlDuAQ3BCg=
Subject key identifier: F2:10:60:E5:DB:0A:70:87:24:F1:0A:C0:9C:09:74:59:4B:21:ED:3C
Certificate issuer: /CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Certificate serial: 0187E699E6D6740ADC4AA68E31E82158E31A
Authority key identifier: A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/8hBg5dsKcIck8QrAnAl0WUsh7Tw.roa
Signing time: Thu 04 May 2023 11:50:58 +0000
ROA not before: Thu 04 May 2023 11:50:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5610
IP address blocks: 151.236.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:99:e6:d6:74:0a:dc:4a:a6:8e:31:e8:21:58:e3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Validity
Not Before: May 4 11:50:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f21060e5db0a708724f10ac09c0974594b21ed3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:2c:a4:0d:fd:b0:02:be:b1:3d:3f:54:4c:
d1:68:4f:0d:61:b1:07:9e:85:3c:45:7c:15:4a:f8:
5b:09:8e:04:4d:f1:79:3d:0a:f8:6d:a6:6a:8b:56:
d5:59:e1:bd:e4:46:97:bb:dd:d0:18:e1:16:dc:52:
4b:9d:95:08:6f:f9:78:62:f9:f3:b6:a4:8f:f8:7b:
57:cc:0c:f7:cd:f9:98:61:36:e3:23:de:2c:ab:a7:
bd:a4:ff:a4:52:dd:93:a7:15:5c:a8:bf:ec:4d:00:
3f:95:e3:77:67:c9:41:c6:43:e6:9c:7e:d3:e1:71:
ff:3a:ba:da:1b:97:b3:da:aa:72:b9:53:db:8f:a2:
74:55:cc:f1:65:b8:a5:aa:f7:fe:95:50:13:f6:72:
53:e6:89:ad:53:49:67:32:38:7c:40:d6:3e:55:11:
31:f5:c5:a9:f7:e3:9c:1a:49:ca:33:76:62:2b:b5:
0b:69:c8:75:a9:a3:ca:29:60:1c:22:9b:1f:69:ab:
d3:eb:cb:f9:06:9b:81:75:51:63:10:6f:1b:9a:20:
6e:9f:94:65:62:66:df:c1:60:20:a8:fe:37:a1:35:
c6:c9:44:92:7d:39:29:55:77:20:54:78:f3:4b:50:
50:90:f5:89:c8:6c:41:5e:84:7e:e5:35:a0:7b:b9:
b5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:10:60:E5:DB:0A:70:87:24:F1:0A:C0:9C:09:74:59:4B:21:ED:3C
X509v3 Authority Key Identifier:
keyid:A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/8hBg5dsKcIck8QrAnAl0WUsh7Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/pX1M_mD4owpND_lLlOut_IjJrBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.236.224.0/20
Signature Algorithm: sha256WithRSAEncryption
39:e0:9b:fe:11:48:a1:a2:ee:38:7a:ab:8c:25:31:2f:c0:12:
dc:27:d0:25:93:98:d1:62:b1:d4:7a:14:32:b4:89:00:4a:1b:
ea:cc:d3:fd:a3:16:a6:5c:2d:77:7f:96:9b:8b:b5:38:d5:2d:
20:82:81:11:c4:32:e1:39:8b:21:05:46:e1:7c:20:46:6a:f6:
ef:b8:0c:d6:dc:dd:67:d8:ea:2c:47:64:c9:bc:49:c3:21:bd:
27:54:4d:8e:fa:5d:45:36:5b:a1:66:92:5b:96:11:9a:97:e3:
4a:99:67:7b:91:79:1d:f1:ec:1a:3a:26:29:00:fb:4c:1c:bf:
48:c0:40:06:9b:8a:47:98:d2:7f:39:42:0b:34:3b:5a:b6:aa:
e7:0e:76:19:32:76:1d:11:5b:42:82:29:3d:b0:a2:d4:66:4f:
12:69:11:33:c1:95:db:5a:81:86:93:97:33:58:49:95:31:b7:
ba:a2:4b:27:fb:f8:a0:cf:93:1f:58:28:f8:4e:d9:e8:51:ee:
05:6e:a0:b7:6a:c6:7e:78:d7:cb:63:11:7b:f4:49:d6:26:da:
b6:57:87:5d:ca:e0:04:81:0c:d4:a9:77:91:08:c3:78:9a:4c:
54:37:c9:e1:12:f9:22:fa:d3:61:91:76:e9:93:74:63:9a:70:
70:57:b6:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfmmebWdArcSqaOMeghWOMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1N2Q0Y2ZlNjBmOGEzMGE0ZDBmZjk0Yjk0ZWJhZGZjODhj
OWFjMTEwHhcNMjMwNTA0MTE1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjEwNjBlNWRiMGE3MDg3MjRmMTBhYzA5YzA5NzQ1OTRiMjFlZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbsspA39sAK+sT0/VEzRaE8NYbEH
noU8RXwVSvhbCY4ETfF5PQr4baZqi1bVWeG95EaXu93QGOEW3FJLnZUIb/l4Yvnz
tqSP+HtXzAz3zfmYYTbjI94sq6e9pP+kUt2TpxVcqL/sTQA/leN3Z8lBxkPmnH7T
4XH/OrraG5ez2qpyuVPbj6J0VczxZbilqvf+lVAT9nJT5omtU0lnMjh8QNY+VREx
9cWp9+OcGknKM3ZiK7ULach1qaPKKWAcIpsfaavT68v5BpuBdVFjEG8bmiBun5Rl
YmbfwWAgqP43oTXGyUSSfTkpVXcgVHjzS1BQkPWJyGxBXoR+5TWge7m1UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIQYOXbCnCHJPEKwJwJdFlLIe08MB8GA1UdIwQY
MBaAFKV9TP5g+KMKTQ/5S5TrrfyIyawRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFgxTV9tRDRvd3BORF9sTGxPdXRfSWpKckJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGMwNzItMjJkZS00NGQ3LWJlZDgt
ZTgwZjMyMDczZjNkLzEvOGhCZzVkc0tjSWNrOFFyQW5BbDBXVXNoN1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGMwNzItMjJkZS00NGQ3LWJlZDgtZTgwZjMyMDczZjNk
LzEvcFgxTV9tRDRvd3BORF9sTGxPdXRfSWpKckJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEl+zgMA0G
CSqGSIb3DQEBCwUAA4IBAQA54Jv+EUihou44equMJTEvwBLcJ9Alk5jRYrHUehQy
tIkAShvqzNP9oxamXC13f5abi7U41S0ggoERxDLhOYshBUbhfCBGavbvuAzW3N1n
2OosR2TJvEnDIb0nVE2O+l1FNluhZpJblhGal+NKmWd7kXkd8ewaOiYpAPtMHL9I
wEAGm4pHmNJ/OUILNDtatqrnDnYZMnYdEVtCgik9sKLUZk8SaREzwZXbWoGGk5cz
WEmVMbe6oksn+/igz5MfWCj4TtnoUe4FbqC3asZ+eNfLYxF79EnWJtq2V4ddyuAE
gQzUqXeRCMN4mkxUN8nhEvki+tNhkXbpk3RjmnBwV7Za
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:42 2025 by rpki-client