Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/889608-0f40-4a64-b526-1a26b9d8fede/1/8NvpqRLvz8fKUYAug0d8cPKVDAo.roa
File: 8NvpqRLvz8fKUYAug0d8cPKVDAo.roa (raw, json)
Hash identifier: it1H5SjrFzaSNTkZuPCt7DpXnNbgKwu2RsPaWqIKNQE=
Subject key identifier: F0:DB:E9:A9:12:EF:CF:C7:CA:51:80:2E:83:47:7C:70:F2:95:0C:0A
Certificate issuer: /CN=4e2b6a6943d3338d0075036d969ec01c3dcefca9
Certificate serial: 01856D53C5557C8F537DCC1848475DE2A25F
Authority key identifier: 4E:2B:6A:69:43:D3:33:8D:00:75:03:6D:96:9E:C0:1C:3D:CE:FC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TitqaUPTM40AdQNtlp7AHD3O_Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/889608-0f40-4a64-b526-1a26b9d8fede/1/8NvpqRLvz8fKUYAug0d8cPKVDAo.roa
Signing time: Sun 01 Jan 2023 12:34:44 +0000
ROA not before: Sun 01 Jan 2023 12:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202813
IP address blocks: 185.178.136.0/22 maxlen: 24
2a0b:fa80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:c5:55:7c:8f:53:7d:cc:18:48:47:5d:e2:a2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e2b6a6943d3338d0075036d969ec01c3dcefca9
Validity
Not Before: Jan 1 12:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0dbe9a912efcfc7ca51802e83477c70f2950c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:20:b9:f7:65:e0:f6:63:3d:eb:25:e0:97:6e:
0d:f6:9a:b9:ea:a0:3f:5c:7e:df:2e:af:21:95:a9:
9a:75:07:bb:0f:95:83:e6:40:9f:70:bf:05:32:19:
f9:88:ae:a7:43:36:cf:f8:e2:20:4f:f6:ec:67:05:
c4:b6:2f:3c:4f:1c:dd:7b:2f:d3:b3:93:12:7a:f0:
3e:82:3c:2a:4f:13:36:98:38:a6:95:83:bf:61:2d:
90:30:ec:eb:48:ec:49:d4:95:6b:37:96:99:fd:8b:
f1:a6:97:11:75:c5:ea:de:50:53:77:f4:c0:e0:d8:
e6:85:ce:a2:74:49:f7:3d:26:97:8c:40:02:65:3b:
cb:ea:bb:ae:48:2b:5d:c7:e3:54:4a:eb:30:2d:ed:
32:04:29:25:89:c3:b3:78:76:71:50:b3:dc:d7:f5:
e1:b1:14:87:7d:ba:25:f3:9d:65:d6:85:5b:77:39:
d4:6f:f1:76:55:42:5b:72:06:45:4e:90:e5:6f:20:
7a:9e:a5:23:6e:40:cd:c6:b6:00:68:00:63:1a:1b:
f5:0a:9c:6e:65:7a:64:f9:6d:a7:58:65:6e:f2:d1:
4d:66:af:ab:8a:ba:20:23:78:b4:21:1e:44:4a:8f:
fc:7d:9f:39:fd:4f:c7:a2:49:61:08:6e:6c:82:43:
5d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DB:E9:A9:12:EF:CF:C7:CA:51:80:2E:83:47:7C:70:F2:95:0C:0A
X509v3 Authority Key Identifier:
keyid:4E:2B:6A:69:43:D3:33:8D:00:75:03:6D:96:9E:C0:1C:3D:CE:FC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TitqaUPTM40AdQNtlp7AHD3O_Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/889608-0f40-4a64-b526-1a26b9d8fede/1/8NvpqRLvz8fKUYAug0d8cPKVDAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/889608-0f40-4a64-b526-1a26b9d8fede/1/TitqaUPTM40AdQNtlp7AHD3O_Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.136.0/22
IPv6:
2a0b:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
23:e0:bc:67:5d:e8:7c:b5:c1:15:09:36:19:f1:79:75:a5:dc:
e8:5d:a4:8e:f4:a4:63:07:88:5b:f1:bb:92:e6:6f:51:68:bd:
63:b1:13:4d:3d:0b:c5:dd:3f:af:d5:96:6f:b5:46:88:9c:a1:
26:77:a2:9a:b7:ae:40:c2:59:1b:14:c6:e6:42:e6:cf:1b:93:
35:c2:fb:48:b1:d7:e0:45:c0:20:5e:a0:20:b2:c6:15:6f:97:
31:9d:0b:62:8e:84:7d:15:3a:ab:4e:40:d5:3b:78:a3:35:f7:
c2:52:3e:56:67:be:6a:24:3f:be:63:63:2a:cb:80:e6:9c:71:
3a:7c:94:c1:93:65:85:87:a5:2d:10:7f:d3:7e:dc:7c:d8:5c:
5e:c2:2b:da:49:57:36:28:f7:da:1f:c0:e7:53:ba:32:9a:ce:
ad:82:dc:f6:5b:38:87:12:1c:40:8e:3b:49:9d:ea:7f:a1:c4:
30:af:47:71:37:62:da:93:43:c6:b0:90:9b:50:06:f3:18:d9:
6b:cd:a2:76:5a:6b:dc:6d:4a:54:c6:e9:82:91:d8:77:77:e1:
e5:35:68:b6:dc:66:74:d4:d6:6c:4a:66:a8:c1:95:fe:de:f3:
56:eb:82:30:48:8c:d1:ed:35:2c:ce:82:ca:fb:f8:95:91:6d:
6f:eb:7f:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU8VVfI9TfcwYSEdd4qJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMmI2YTY5NDNkMzMzOGQwMDc1MDM2ZDk2OWVjMDFjM2Rj
ZWZjYTkwHhcNMjMwMTAxMTIzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGRiZTlhOTEyZWZjZmM3Y2E1MTgwMmU4MzQ3N2M3MGYyOTUwYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiC592Xg9mM96yXgl24N9pq56qA/
XH7fLq8hlamadQe7D5WD5kCfcL8FMhn5iK6nQzbP+OIgT/bsZwXEti88Txzdey/T
s5MSevA+gjwqTxM2mDimlYO/YS2QMOzrSOxJ1JVrN5aZ/YvxppcRdcXq3lBTd/TA
4Njmhc6idEn3PSaXjEACZTvL6ruuSCtdx+NUSuswLe0yBCklicOzeHZxULPc1/Xh
sRSHfbol851l1oVbdznUb/F2VUJbcgZFTpDlbyB6nqUjbkDNxrYAaABjGhv1Cpxu
ZXpk+W2nWGVu8tFNZq+rirogI3i0IR5ESo/8fZ85/U/HoklhCG5sgkNddwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPDb6akS78/HylGALoNHfHDylQwKMB8GA1UdIwQY
MBaAFE4ramlD0zONAHUDbZaewBw9zvypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGl0cWFVUFRNNDBBZFFOdGxwN0FIRDNPX0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84ODk2MDgtMGY0MC00YTY0LWI1MjYt
MWEyNmI5ZDhmZWRlLzEvOE52cHFSTHZ6OGZLVVlBdWcwZDhjUEtWREFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84ODk2MDgtMGY0MC00YTY0LWI1MjYtMWEyNmI5ZDhmZWRl
LzEvVGl0cWFVUFRNNDBBZFFOdGxwN0FIRDNPX0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubKIMA0E
AgACMAcDBQMqC/qAMA0GCSqGSIb3DQEBCwUAA4IBAQAj4LxnXeh8tcEVCTYZ8Xl1
pdzoXaSO9KRjB4hb8buS5m9RaL1jsRNNPQvF3T+v1ZZvtUaInKEmd6Kat65Awlkb
FMbmQubPG5M1wvtIsdfgRcAgXqAgssYVb5cxnQtijoR9FTqrTkDVO3ijNffCUj5W
Z75qJD++Y2Mqy4DmnHE6fJTBk2WFh6UtEH/Tftx82FxewivaSVc2KPfaH8DnU7oy
ms6tgtz2WziHEhxAjjtJnep/ocQwr0dxN2Lak0PGsJCbUAbzGNlrzaJ2WmvcbUpU
xumCkdh3d+HlNWi23GZ01NZsSmaowZX+3vNW64IwSIzR7TUszoLK+/iVkW1v638J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:21 2025 by rpki-client