Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/yOa46dBvUTk3YocfLjOOPdPZeQs.roa
File: yOa46dBvUTk3YocfLjOOPdPZeQs.roa (raw, json)
Hash identifier: ASCtAu2yDtsjI2FwO3U+Z0vrwGnKqvgbC7CuSu/VCUQ=
Subject key identifier: C8:E6:B8:E9:D0:6F:51:39:37:62:87:1F:2E:33:8E:3D:D3:D9:79:0B
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01862AF514CD6E4B3C3CCEBD03CD561F782E
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/yOa46dBvUTk3YocfLjOOPdPZeQs.roa
Signing time: Tue 07 Feb 2023 08:19:10 +0000
ROA not before: Tue 07 Feb 2023 08:19:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211585
IP address blocks: 166.108.160.0/22 maxlen: 24
166.108.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2a:f5:14:cd:6e:4b:3c:3c:ce:bd:03:cd:56:1f:78:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Feb 7 08:19:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8e6b8e9d06f51393762871f2e338e3dd3d9790b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:46:f0:4f:52:6d:a0:fa:75:28:95:1b:7c:a1:
27:1b:cf:b6:8a:72:65:df:43:85:1b:5e:6d:e8:83:
b4:ae:6c:e1:fb:26:9d:c0:e6:a7:42:53:83:a9:1c:
d9:9d:48:2c:08:8c:00:ce:b6:77:73:3d:c7:92:09:
f1:73:f1:ce:f2:9c:7f:6e:d2:40:e5:fe:7d:59:47:
93:73:72:1e:99:7a:52:13:c7:d3:b3:fa:c1:91:4d:
04:ff:9a:a2:9b:15:95:a4:e6:ad:d4:42:28:56:55:
68:99:3a:0e:69:85:5b:8b:76:d6:1e:6f:15:e1:da:
0b:88:ee:4d:67:14:99:99:c6:4c:11:b9:31:64:96:
df:d9:a2:39:a0:8f:dc:15:7e:19:14:62:9e:32:25:
03:2f:c5:88:e6:cd:4f:39:5a:bb:bc:2c:f8:7c:a0:
5f:7e:56:8f:fc:32:04:54:d2:b6:51:cd:76:bc:38:
19:c3:25:a3:1d:13:4b:bb:a9:81:a5:42:7c:57:58:
c2:a4:28:06:a1:6f:96:e4:50:bf:be:31:94:d4:83:
bb:48:4c:d8:80:01:20:3b:3b:de:0f:b8:c7:51:9e:
d9:c5:67:d3:7a:f9:c6:83:e2:33:c7:c6:e0:f1:c7:
78:63:4a:8d:a7:89:ea:32:b4:09:5a:70:45:4e:34:
2b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E6:B8:E9:D0:6F:51:39:37:62:87:1F:2E:33:8E:3D:D3:D9:79:0B
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/yOa46dBvUTk3YocfLjOOPdPZeQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.160.0/22
166.108.168.0/22
Signature Algorithm: sha256WithRSAEncryption
39:15:b6:66:c1:0b:7d:58:c9:0c:45:d6:62:49:1f:43:5c:c1:
26:73:26:d3:8d:c6:3b:6e:1e:93:aa:4f:09:cf:f3:b9:71:e4:
f8:8b:1b:3c:cb:3f:4e:84:85:8a:3e:93:66:ac:04:4f:5c:45:
1a:25:fc:ff:8f:c5:97:61:44:2d:f9:96:87:52:42:ad:38:9b:
01:63:05:b4:cc:8a:a9:72:40:de:9d:02:f1:f9:18:09:59:c5:
b5:6e:a5:1e:8e:c0:31:22:05:31:9a:7f:9b:ef:4d:fd:19:9e:
07:eb:89:61:5e:94:04:29:9f:38:bb:7b:60:cc:e1:5b:97:a1:
06:e0:5c:e5:a0:2d:5e:da:f2:e3:42:f3:4b:73:7e:33:98:3f:
e7:01:9c:e9:02:da:e1:d8:18:5a:7d:4c:c3:89:e1:cf:e4:68:
45:7d:6d:4c:30:b7:fc:16:f4:d2:be:55:70:0a:48:00:4d:34:
10:a7:1d:a4:73:8f:6f:00:02:b5:b0:2c:b2:fd:d8:18:a9:0e:
6c:2a:38:f5:16:5b:5d:f1:c9:43:26:a5:42:50:d9:67:7c:dd:
73:f1:e1:ba:45:82:3c:46:20:27:29:03:af:c7:40:6a:d2:92:
19:c2:db:d1:c9:29:67:d7:99:88:49:b8:22:f4:59:34:f4:43:
d9:7d:98:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYq9RTNbks8PM69A81WH3guMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjMwMjA3MDgxOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGU2YjhlOWQwNmY1MTM5Mzc2Mjg3MWYyZTMzOGUzZGQzZDk3OTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUbwT1JtoPp1KJUbfKEnG8+2inJl
30OFG15t6IO0rmzh+yadwOanQlODqRzZnUgsCIwAzrZ3cz3Hkgnxc/HO8px/btJA
5f59WUeTc3IemXpSE8fTs/rBkU0E/5qimxWVpOat1EIoVlVomToOaYVbi3bWHm8V
4doLiO5NZxSZmcZMEbkxZJbf2aI5oI/cFX4ZFGKeMiUDL8WI5s1POVq7vCz4fKBf
flaP/DIEVNK2Uc12vDgZwyWjHRNLu6mBpUJ8V1jCpCgGoW+W5FC/vjGU1IO7SEzY
gAEgOzveD7jHUZ7ZxWfTevnGg+Izx8bg8cd4Y0qNp4nqMrQJWnBFTjQrzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMjmuOnQb1E5N2KHHy4zjj3T2XkLMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEveU9hNDZkQnZVVGszWW9jZkxqT09QZFBaZVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCpmygAwQC
pmyoMA0GCSqGSIb3DQEBCwUAA4IBAQA5FbZmwQt9WMkMRdZiSR9DXMEmcybTjcY7
bh6Tqk8Jz/O5ceT4ixs8yz9OhIWKPpNmrARPXEUaJfz/j8WXYUQt+ZaHUkKtOJsB
YwW0zIqpckDenQLx+RgJWcW1bqUejsAxIgUxmn+b7039GZ4H64lhXpQEKZ84u3tg
zOFbl6EG4FzloC1e2vLjQvNLc34zmD/nAZzpAtrh2BhafUzDieHP5GhFfW1MMLf8
FvTSvlVwCkgATTQQpx2kc49vAAK1sCyy/dgYqQ5sKjj1Fltd8clDJqVCUNlnfN1z
8eG6RYI8RiAnKQOvx0Bq0pIZwtvRySln15mISbgi9Fk09EPZfZii
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:49 2025 by rpki-client