Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/5832f4-e4e2-498b-a06a-9febf8c3e33f/1/977IEcT__KzTdKPo_Bmm0mm3QmM.roa
File: 977IEcT__KzTdKPo_Bmm0mm3QmM.roa (raw, json)
Hash identifier: sitr1kfEGL9wUEa47BDJtV/jG+gJqfNkA0hzh5d+4XA=
Subject key identifier: F7:BE:C8:11:C4:FF:FC:AC:D3:74:A3:E8:FC:19:A6:D2:69:B7:42:63
Certificate issuer: /CN=8a01ab6cd44a7a3ea4002c106a96c427b52c81d5
Certificate serial: 01856BD3450278431757F137DAA4BF43A67C
Authority key identifier: 8A:01:AB:6C:D4:4A:7A:3E:A4:00:2C:10:6A:96:C4:27:B5:2C:81:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/igGrbNRKej6kACwQapbEJ7UsgdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/5832f4-e4e2-498b-a06a-9febf8c3e33f/1/977IEcT__KzTdKPo_Bmm0mm3QmM.roa
Signing time: Sun 01 Jan 2023 05:34:45 +0000
ROA not before: Sun 01 Jan 2023 05:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6886
IP address blocks: 141.98.148.0/22 maxlen: 24
212.66.48.0/21 maxlen: 24
185.29.252.0/22 maxlen: 24
2a09:10c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:45:02:78:43:17:57:f1:37:da:a4:bf:43:a6:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a01ab6cd44a7a3ea4002c106a96c427b52c81d5
Validity
Not Before: Jan 1 05:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7bec811c4fffcacd374a3e8fc19a6d269b74263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ab:4c:fd:40:6f:8d:8e:d2:e8:d0:79:54:96:
e8:be:7e:b8:81:17:0f:28:a4:f7:a9:6f:22:a3:84:
0e:15:4e:6c:a8:7e:5d:90:2b:a8:fb:14:80:d9:ee:
2d:7e:60:e1:ec:56:74:55:0f:b0:ce:91:4e:ac:50:
3d:92:65:d5:0e:da:0d:0a:fd:85:01:59:e0:63:5a:
f4:b9:0a:44:fb:0c:3b:5a:a7:35:89:88:14:a6:5f:
f5:6e:79:74:08:27:d3:fc:ad:1a:74:0a:91:c0:7f:
15:3d:66:34:aa:2f:e7:73:3d:16:f0:dd:22:7d:ad:
f9:de:e1:60:ae:50:72:92:c1:32:d9:ec:5c:e8:4d:
15:cc:73:56:e8:f9:a0:1c:7e:6d:67:36:de:fb:39:
3f:e1:e8:7a:5f:c4:b3:d1:f1:d5:ad:40:12:49:09:
d0:8b:4d:47:59:a3:5f:3f:61:5a:0b:8f:a5:e7:08:
36:35:c3:14:86:ce:83:ae:bc:a3:da:31:a8:03:c6:
81:d5:51:8a:ac:46:e2:85:90:cf:d3:d1:9c:2b:a4:
66:e3:49:45:d5:dc:52:78:d0:93:9c:15:bc:ac:86:
32:f2:bb:45:c3:d8:33:b9:e1:52:30:8a:8d:2c:d7:
6d:f3:3f:16:24:96:a9:c7:3f:77:b8:b1:8e:25:43:
eb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:BE:C8:11:C4:FF:FC:AC:D3:74:A3:E8:FC:19:A6:D2:69:B7:42:63
X509v3 Authority Key Identifier:
keyid:8A:01:AB:6C:D4:4A:7A:3E:A4:00:2C:10:6A:96:C4:27:B5:2C:81:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/igGrbNRKej6kACwQapbEJ7UsgdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/5832f4-e4e2-498b-a06a-9febf8c3e33f/1/977IEcT__KzTdKPo_Bmm0mm3QmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/5832f4-e4e2-498b-a06a-9febf8c3e33f/1/igGrbNRKej6kACwQapbEJ7UsgdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.148.0/22
185.29.252.0/22
212.66.48.0/21
IPv6:
2a09:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:4d:a0:d9:61:b3:43:50:df:b8:06:cb:2b:39:e8:f1:28:e1:
4c:79:45:6e:a2:92:89:85:44:da:26:7f:b9:40:8a:32:4f:32:
12:3c:bf:a8:0c:88:b0:1d:ed:b4:a9:c9:e0:48:2f:ff:5b:42:
c3:ef:f2:68:15:34:15:4b:ff:dc:e2:a3:0b:02:07:68:55:48:
b5:84:0c:9e:bf:07:c3:6e:42:0e:e6:b9:6f:7a:70:f6:87:03:
f8:61:f0:38:26:08:fc:15:e4:72:04:62:8b:7b:c4:42:c5:84:
bd:b2:d6:f1:29:84:cb:5d:93:da:2f:11:f0:ac:5b:7c:c3:55:
1c:6e:2a:a7:cb:28:b0:9d:df:3e:ba:3f:83:d8:fc:a6:0e:2c:
ee:45:30:30:7b:8a:df:43:42:11:e7:59:9d:67:c6:ac:f6:41:
8c:90:c7:e0:19:a5:21:53:be:18:3d:e4:0c:97:83:36:ec:e1:
ee:52:36:8e:08:56:55:ce:1a:43:d5:2a:52:7b:44:85:ea:f8:
ba:eb:7d:ee:9c:dc:e8:d7:dc:fe:ca:29:16:29:e2:47:62:cd:
1b:d5:20:7d:70:ad:f5:bf:98:45:3f:83:39:02:a6:79:3f:12:
0b:ad:e4:87:4b:f7:93:27:04:5d:12:2f:51:93:35:54:27:9f:
a9:f7:f9:6b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVr00UCeEMXV/E32qS/Q6Z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMDFhYjZjZDQ0YTdhM2VhNDAwMmMxMDZhOTZjNDI3YjUy
YzgxZDUwHhcNMjMwMTAxMDUzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2JlYzgxMWM0ZmZmY2FjZDM3NGEzZThmYzE5YTZkMjY5Yjc0MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqtM/UBvjY7S6NB5VJbovn64gRcP
KKT3qW8io4QOFU5sqH5dkCuo+xSA2e4tfmDh7FZ0VQ+wzpFOrFA9kmXVDtoNCv2F
AVngY1r0uQpE+ww7Wqc1iYgUpl/1bnl0CCfT/K0adAqRwH8VPWY0qi/ncz0W8N0i
fa353uFgrlByksEy2exc6E0VzHNW6PmgHH5tZzbe+zk/4eh6X8Sz0fHVrUASSQnQ
i01HWaNfP2FaC4+l5wg2NcMUhs6Drryj2jGoA8aB1VGKrEbihZDP09GcK6Rm40lF
1dxSeNCTnBW8rIYy8rtFw9gzueFSMIqNLNdt8z8WJJapxz93uLGOJUPr0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPe+yBHE//ys03Sj6PwZptJpt0JjMB8GA1UdIwQY
MBaAFIoBq2zUSno+pAAsEGqWxCe1LIHVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWdHcmJOUktlajZrQUN3UWFwYkVKN1VzZ2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81ODMyZjQtZTRlMi00OThiLWEwNmEt
OWZlYmY4YzNlMzNmLzEvOTc3SUVjVF9fS3pUZEtQb19CbW0wbW0zUW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81ODMyZjQtZTRlMi00OThiLWEwNmEtOWZlYmY4YzNlMzNm
LzEvaWdHcmJOUktlajZrQUN3UWFwYkVKN1VzZ2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCjWKUAwQC
uR38AwQD1EIwMA0EAgACMAcDBQMqCRDAMA0GCSqGSIb3DQEBCwUAA4IBAQB8TaDZ
YbNDUN+4BssrOejxKOFMeUVuopKJhUTaJn+5QIoyTzISPL+oDIiwHe20qcngSC//
W0LD7/JoFTQVS//c4qMLAgdoVUi1hAyevwfDbkIO5rlvenD2hwP4YfA4Jgj8FeRy
BGKLe8RCxYS9stbxKYTLXZPaLxHwrFt8w1Ucbiqnyyiwnd8+uj+D2PymDizuRTAw
e4rfQ0IR51mdZ8as9kGMkMfgGaUhU74YPeQMl4M27OHuUjaOCFZVzhpD1SpSe0SF
6vi6633unNzo19z+yikWKeJHYs0b1SB9cK31v5hFP4M5AqZ5PxILreSHS/eTJwRd
Ei9RkzVUJ5+p9/lr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:45 2025 by rpki-client