Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/iu61tY_V4cVRUmyMXYOzQ6c1de8.roa
File: iu61tY_V4cVRUmyMXYOzQ6c1de8.roa (raw, json)
Hash identifier: f+coErtBGz+3AM7KuTieDONbdU1jYdP5wN/3cwQUezg=
Subject key identifier: 8A:EE:B5:B5:8F:D5:E1:C5:51:52:6C:8C:5D:83:B3:43:A7:35:75:EF
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 018505A8B641A7B231F700AD0C595CC3161B
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/iu61tY_V4cVRUmyMXYOzQ6c1de8.roa
Signing time: Mon 12 Dec 2022 09:27:00 +0000
ROA not before: Mon 12 Dec 2022 09:27:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 166.108.188.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a8:b6:41:a7:b2:31:f7:00:ad:0c:59:5c:c3:16:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Dec 12 09:27:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8aeeb5b58fd5e1c551526c8c5d83b343a73575ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4c:cd:9a:6b:ff:f6:7c:dc:2d:ef:14:cb:fb:
60:49:a3:dc:b1:37:07:58:41:0a:74:db:6c:1d:39:
2d:8d:02:8d:b8:04:cb:17:a0:ca:a0:79:8d:da:1a:
d2:ff:c8:3d:1a:c7:1f:85:93:49:1e:63:93:bd:e1:
e3:8c:0c:d2:ad:f6:ed:9a:a4:bf:b9:7c:26:bd:c8:
90:89:2b:5a:7c:66:67:a4:fc:84:aa:4b:d5:84:be:
13:49:6c:cd:d8:06:f3:1c:d1:37:5f:a0:fd:4a:61:
c2:c9:99:d9:11:b6:5e:dd:05:b1:30:6a:e2:22:ca:
ce:2c:42:97:99:e2:d0:04:6d:18:55:33:ab:d4:ec:
de:fa:28:8d:6a:fc:12:bc:75:a0:71:ac:66:00:b5:
6f:31:36:b3:6a:b3:2e:de:34:66:fa:2e:e0:8a:de:
83:19:f4:a3:2a:06:09:ce:82:fc:4c:e7:dc:17:f0:
8b:a4:d9:a6:4f:dd:b1:a5:e0:a2:2d:f1:32:22:bd:
d1:aa:47:f8:a0:14:44:f7:08:9f:bd:17:1c:4d:63:
63:60:2e:0b:9c:f9:ee:78:cb:cf:a2:90:20:3a:46:
77:2c:e5:e4:c6:4e:ae:58:1f:be:af:e2:e7:14:67:
1b:7a:5a:41:59:8f:09:bd:cc:7b:2a:b0:8c:70:98:
e2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:EE:B5:B5:8F:D5:E1:C5:51:52:6C:8C:5D:83:B3:43:A7:35:75:EF
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/iu61tY_V4cVRUmyMXYOzQ6c1de8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.188.0/22
Signature Algorithm: sha256WithRSAEncryption
95:94:fd:96:60:0b:9a:10:85:15:1b:bd:82:fa:f9:64:1c:45:
f6:b8:e3:82:4a:6f:22:34:02:85:57:c7:74:e5:1f:a7:56:e1:
f9:e7:cd:ab:87:eb:cf:11:52:84:0f:ee:1a:65:f4:81:ec:ca:
11:d0:05:7d:86:1d:06:ba:e6:6a:e2:f9:40:6b:a9:82:dd:05:
0a:fe:e7:29:73:96:da:22:48:ae:66:62:44:9b:41:e5:24:ad:
16:68:2d:39:c9:8e:41:c7:d6:60:18:6d:1f:c5:d9:17:a7:45:
b8:7a:ac:3a:cd:34:f8:02:73:6e:c4:c0:56:bd:2c:8e:0a:75:
50:63:c3:05:eb:4d:52:b6:f5:7e:36:c4:c8:2a:68:f7:de:d9:
e0:b6:96:ae:6c:b1:12:a6:d1:88:e7:d2:72:da:3e:01:f0:35:
5f:58:50:ff:d0:4f:d1:1a:e5:15:fd:ef:08:5a:34:b0:a0:39:
5f:61:6d:ea:2a:50:01:21:8b:76:77:f4:b1:db:43:6c:d0:f1:
9f:e1:56:c2:03:bf:68:28:12:99:0b:37:2f:46:a2:38:1b:94:
da:aa:34:5e:f7:ed:1e:0e:40:98:8f:65:df:bd:96:1e:9e:c9:
2f:29:71:0e:6e:af:6c:7e:0e:11:de:13:09:dc:91:73:7f:47:
87:8e:16:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUFqLZBp7Ix9wCtDFlcwxYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIxMjEyMDkyNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWVlYjViNThmZDVlMWM1NTE1MjZjOGM1ZDgzYjM0M2E3MzU3NWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokzNmmv/9nzcLe8Uy/tgSaPcsTcH
WEEKdNtsHTktjQKNuATLF6DKoHmN2hrS/8g9GscfhZNJHmOTveHjjAzSrfbtmqS/
uXwmvciQiStafGZnpPyEqkvVhL4TSWzN2AbzHNE3X6D9SmHCyZnZEbZe3QWxMGri
IsrOLEKXmeLQBG0YVTOr1Oze+iiNavwSvHWgcaxmALVvMTazarMu3jRm+i7git6D
GfSjKgYJzoL8TOfcF/CLpNmmT92xpeCiLfEyIr3Rqkf4oBRE9wifvRccTWNjYC4L
nPnueMvPopAgOkZ3LOXkxk6uWB++r+LnFGcbelpBWY8Jvcx7KrCMcJjiswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIrutbWP1eHFUVJsjF2Ds0OnNXXvMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvaXU2MXRZX1Y0Y1ZSVW15TVhZT3pRNmMxZGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCpmy8MA0G
CSqGSIb3DQEBCwUAA4IBAQCVlP2WYAuaEIUVG72C+vlkHEX2uOOCSm8iNAKFV8d0
5R+nVuH5582rh+vPEVKED+4aZfSB7MoR0AV9hh0GuuZq4vlAa6mC3QUK/ucpc5ba
IkiuZmJEm0HlJK0WaC05yY5Bx9ZgGG0fxdkXp0W4eqw6zTT4AnNuxMBWvSyOCnVQ
Y8MF601StvV+NsTIKmj33tngtpaubLESptGI59Jy2j4B8DVfWFD/0E/RGuUV/e8I
WjSwoDlfYW3qKlABIYt2d/Sx20Ns0PGf4VbCA79oKBKZCzcvRqI4G5TaqjRe9+0e
DkCYj2XfvZYenskvKXEObq9sfg4R3hMJ3JFzf0eHjhZA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:26 2025 by rpki-client