Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/8qMHIC2u0L7fv3tlGbOlrDqH5qo.roa
File: 8qMHIC2u0L7fv3tlGbOlrDqH5qo.roa (raw, json)
Hash identifier: Ghgpwf2VxRwRp9JYK6s9/G2b/IolE2wLmsL3DHUwvyc=
Subject key identifier: F2:A3:07:20:2D:AE:D0:BE:DF:BF:7B:65:19:B3:A5:AC:3A:87:E6:AA
Certificate issuer: /CN=ef678469574acc03d782e63281ff44faaab3f847
Certificate serial: 01856C0A30FE37789D4A2DC7DA23CF9EDE47
Authority key identifier: EF:67:84:69:57:4A:CC:03:D7:82:E6:32:81:FF:44:FA:AA:B3:F8:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/8qMHIC2u0L7fv3tlGbOlrDqH5qo.roa
Signing time: Sun 01 Jan 2023 06:34:45 +0000
ROA not before: Sun 01 Jan 2023 06:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207440
IP address blocks: 185.251.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:30:fe:37:78:9d:4a:2d:c7:da:23:cf:9e:de:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef678469574acc03d782e63281ff44faaab3f847
Validity
Not Before: Jan 1 06:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2a307202daed0bedfbf7b6519b3a5ac3a87e6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f2:17:d0:d7:f2:3a:70:23:d3:1f:9c:cb:4e:
da:ec:84:06:62:cc:41:ea:02:21:16:6a:45:dc:0b:
63:be:68:d9:32:84:c0:83:36:94:9f:22:31:4c:44:
e1:8a:f9:5b:07:c1:43:82:ed:1c:0e:e3:6b:f6:05:
b8:ae:19:57:d5:f5:aa:f9:bb:22:97:b7:8d:52:5d:
7c:54:a0:53:6d:6d:00:66:63:51:81:bf:bd:61:fb:
ab:31:b9:c8:a9:e0:6c:c4:4e:d1:b5:13:a8:9b:97:
84:cf:02:2d:06:a7:58:16:90:d7:24:b0:67:a2:27:
e5:ef:65:cb:a9:8f:0e:98:a7:37:cc:ae:1f:ce:9a:
33:7a:b2:74:34:1c:fd:f2:94:67:eb:d3:68:82:ca:
2d:87:5b:a7:3b:d1:0e:34:94:c0:1a:74:58:a6:bb:
9d:79:48:c6:2a:db:11:b8:66:d6:66:8e:cf:5e:46:
ab:62:3e:0c:44:ae:29:dd:a8:e7:c8:d8:20:7f:bd:
cf:7e:29:f4:ed:5a:b2:59:ca:ae:14:5a:3f:99:2f:
9e:f3:87:90:ea:29:1f:97:2e:58:48:01:ec:e7:57:
4d:cb:4d:78:b8:bc:7e:9b:71:cb:12:52:9b:36:bc:
ef:7b:da:6f:a4:e8:fb:4a:2f:b7:aa:ed:82:00:1d:
70:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A3:07:20:2D:AE:D0:BE:DF:BF:7B:65:19:B3:A5:AC:3A:87:E6:AA
X509v3 Authority Key Identifier:
keyid:EF:67:84:69:57:4A:CC:03:D7:82:E6:32:81:FF:44:FA:AA:B3:F8:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/8qMHIC2u0L7fv3tlGbOlrDqH5qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/72eEaVdKzAPXguYygf9E-qqz-Ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.36.0/24
Signature Algorithm: sha256WithRSAEncryption
43:66:ab:57:75:ba:e8:c6:32:ef:c2:3b:48:3a:c3:be:cf:2c:
3b:87:5b:9c:b0:89:ae:c2:f9:28:b7:ef:e9:a6:2a:e8:d4:06:
4e:96:f2:4f:2f:05:45:b9:b8:a0:de:66:2d:2b:ee:bf:e1:cf:
75:1c:4b:66:7e:95:4b:38:df:55:51:17:d5:f6:f1:53:ec:39:
94:93:18:d0:b9:a7:12:c7:8d:48:9e:dc:49:72:ff:47:5e:8c:
f7:2f:a8:0f:50:a3:70:92:11:f5:5f:66:c2:98:f9:77:2d:d1:
bc:dc:7e:2c:34:d8:a3:c1:64:e8:20:54:ee:3e:b4:96:0e:11:
39:70:dc:19:91:4a:28:39:74:79:ec:ce:8d:45:19:9e:d8:9c:
89:05:00:e3:22:7c:02:5a:01:8b:a9:e3:d6:ad:21:f1:29:85:
a1:a9:49:75:16:c4:17:3b:6a:cc:5b:da:6e:6e:aa:69:8b:da:
28:73:f7:14:ae:89:2e:57:b2:a1:df:4b:47:50:3c:17:01:ca:
64:0f:98:29:d1:bf:32:af:9c:4e:52:8d:25:5f:db:c9:23:79:
68:32:9b:8a:3b:3e:3e:ba:c4:e7:c1:6f:e8:6e:d5:c8:39:7c:
2b:fa:8b:aa:5f:26:af:f1:e6:79:48:16:a4:43:5a:ac:c3:fd:
56:f4:3a:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCjD+N3idSi3H2iPPnt5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNjc4NDY5NTc0YWNjMDNkNzgyZTYzMjgxZmY0NGZhYWFi
M2Y4NDcwHhcNMjMwMTAxMDYzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmEzMDcyMDJkYWVkMGJlZGZiZjdiNjUxOWIzYTVhYzNhODdlNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfIX0NfyOnAj0x+cy07a7IQGYsxB
6gIhFmpF3AtjvmjZMoTAgzaUnyIxTEThivlbB8FDgu0cDuNr9gW4rhlX1fWq+bsi
l7eNUl18VKBTbW0AZmNRgb+9YfurMbnIqeBsxE7RtROom5eEzwItBqdYFpDXJLBn
oifl72XLqY8OmKc3zK4fzpozerJ0NBz98pRn69Nogsoth1unO9EONJTAGnRYprud
eUjGKtsRuGbWZo7PXkarYj4MRK4p3ajnyNggf73Pfin07VqyWcquFFo/mS+e84eQ
6ikfly5YSAHs51dNy014uLx+m3HLElKbNrzve9pvpOj7Si+3qu2CAB1wxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKjByAtrtC+3797ZRmzpaw6h+aqMB8GA1UdIwQY
MBaAFO9nhGlXSswD14LmMoH/RPqqs/hHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzJlRWFWZEt6QVBYZ3VZeWdmOUUtcXF6LUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9iNDY3M2ItMjEwYi00ZTVhLTg3NmEt
ZGMwNTllNjliMWQwLzEvOHFNSElDMnUwTDdmdjN0bEdiT2xyRHFINXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9iNDY3M2ItMjEwYi00ZTVhLTg3NmEtZGMwNTllNjliMWQw
LzEvNzJlRWFWZEt6QVBYZ3VZeWdmOUUtcXF6LUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufskMA0G
CSqGSIb3DQEBCwUAA4IBAQBDZqtXdbroxjLvwjtIOsO+zyw7h1ucsImuwvkot+/p
piro1AZOlvJPLwVFubig3mYtK+6/4c91HEtmfpVLON9VURfV9vFT7DmUkxjQuacS
x41IntxJcv9HXoz3L6gPUKNwkhH1X2bCmPl3LdG83H4sNNijwWToIFTuPrSWDhE5
cNwZkUooOXR57M6NRRme2JyJBQDjInwCWgGLqePWrSHxKYWhqUl1FsQXO2rMW9pu
bqppi9ooc/cUrokuV7Kh30tHUDwXAcpkD5gp0b8yr5xOUo0lX9vJI3loMpuKOz4+
usTnwW/obtXIOXwr+ouqXyav8eZ5SBakQ1qsw/1W9Dou
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:00:03 2025 by rpki-client