Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/1-M8D_EQNW27qSv2yX6lCbTVMvIo.roa
File: 1-M8D_EQNW27qSv2yX6lCbTVMvIo.roa (raw, json)
Hash identifier: 9qdcdvj7yAt1kM8GOmlfo2aZ1pA2xhuVLLU42bsbfnE=
Subject key identifier: F8:CF:03:FC:44:0D:5B:6E:EA:4A:FD:B2:5F:A9:42:6D:35:4C:BC:8A
Certificate issuer: /CN=8df893edf33208d7a2cf62268613769fb4967c66
Certificate serial: 0183C24FDBCFB82F0C8D7F0E97657BFA0FE8
Authority key identifier: 8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/1-M8D_EQNW27qSv2yX6lCbTVMvIo.roa
Signing time: Mon 10 Oct 2022 14:32:36 +0000
ROA not before: Mon 10 Oct 2022 14:32:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43108
IP address blocks: 91.228.4.0/22 maxlen: 22
195.28.26.0/23 maxlen: 23
91.194.76.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:4f:db:cf:b8:2f:0c:8d:7f:0e:97:65:7b:fa:0f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df893edf33208d7a2cf62268613769fb4967c66
Validity
Not Before: Oct 10 14:32:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8cf03fc440d5b6eea4afdb25fa9426d354cbc8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f1:7c:8d:83:ab:ee:61:1d:41:35:50:78:23:
74:8a:3e:2a:ea:d2:4f:77:c2:83:18:0e:19:66:45:
de:4e:9e:ae:8e:6a:cb:1e:1b:17:86:36:95:9c:46:
2e:66:75:66:3e:76:f5:73:b0:33:4a:a4:b4:76:00:
42:4b:0a:b2:7b:f4:ce:66:9b:ee:51:11:ab:c8:35:
25:02:d0:db:e3:91:9b:a4:17:df:09:a7:1b:0a:bc:
3d:cb:54:72:2a:f8:2d:eb:4e:b8:40:df:e9:20:12:
d9:da:83:3c:a4:ca:32:44:d1:21:fc:7b:7b:e0:c2:
ab:56:9d:17:92:96:02:63:dd:49:25:c1:c0:80:c1:
62:17:72:d9:06:f8:0e:53:5e:e0:21:d1:c9:8f:09:
c6:05:fc:bd:f8:58:7a:7f:97:ea:4e:7f:ec:c4:18:
4c:63:28:a8:d2:8c:9a:c9:c7:6b:21:39:dd:d3:f2:
8a:9d:4d:a8:10:00:12:ab:02:2f:08:2c:79:4c:99:
38:82:61:0a:68:a2:00:c3:df:83:24:ba:c7:58:90:
af:cb:b2:e1:4b:de:e3:17:cd:f8:9f:f8:d3:f2:61:
d3:f6:ed:c7:9d:c6:07:dc:50:ed:35:c4:48:b4:a1:
6a:b8:a4:f3:be:7f:93:f6:10:83:6e:cf:1d:53:94:
3f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CF:03:FC:44:0D:5B:6E:EA:4A:FD:B2:5F:A9:42:6D:35:4C:BC:8A
X509v3 Authority Key Identifier:
keyid:8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/1-M8D_EQNW27qSv2yX6lCbTVMvIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.76.0/23
91.228.4.0/22
195.28.26.0/23
Signature Algorithm: sha256WithRSAEncryption
92:84:58:5c:8f:4f:78:79:4c:c8:4a:07:7e:b1:41:9b:10:a4:
d9:99:d9:ee:ca:7e:50:99:22:23:b1:b7:45:87:c2:4e:4f:5e:
82:5e:52:82:4f:30:e7:e0:6c:3a:df:17:8e:20:aa:0f:b7:1b:
e1:3f:fd:98:62:e0:98:54:cc:e4:b8:bb:29:02:e7:8c:a5:a8:
2e:ea:4f:04:cc:4a:2d:ea:8c:84:a5:5e:e2:08:54:54:8d:99:
06:f3:f8:08:d2:77:b5:45:75:77:6e:04:fa:cc:31:14:2c:19:
84:9a:b0:49:70:b0:cb:c4:c9:96:23:ed:95:3b:b5:30:22:9c:
31:62:94:53:72:c9:7c:f1:8d:aa:12:2a:52:a1:b1:d1:26:38:
df:f3:a0:f9:57:9c:da:78:8c:a0:3e:08:5a:f0:78:08:2b:46:
62:b2:ad:df:e3:04:fa:8c:47:6c:52:70:d9:3f:7d:dd:47:68:
a9:f2:9a:1a:c6:d9:3b:69:28:d9:f6:e8:78:7b:7c:45:9e:46:
74:54:b4:00:51:d3:0c:5e:b4:d7:b9:5b:d2:bb:22:8c:63:d4:
b2:59:60:28:c9:3e:c0:9f:66:19:83:ba:0b:1c:0e:1a:ae:ff:
af:a2:0b:9c:e6:8b:f2:db:1f:ce:d8:2d:7c:87:74:03:63:a3:
94:d4:7b:d5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYPCT9vPuC8MjX8Ol2V7+g/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjg5M2VkZjMzMjA4ZDdhMmNmNjIyNjg2MTM3NjlmYjQ5
NjdjNjYwHhcNMjIxMDEwMTQzMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGNmMDNmYzQ0MGQ1YjZlZWE0YWZkYjI1ZmE5NDI2ZDM1NGNiYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/F8jYOr7mEdQTVQeCN0ij4q6tJP
d8KDGA4ZZkXeTp6ujmrLHhsXhjaVnEYuZnVmPnb1c7AzSqS0dgBCSwqye/TOZpvu
URGryDUlAtDb45GbpBffCacbCrw9y1RyKvgt6064QN/pIBLZ2oM8pMoyRNEh/Ht7
4MKrVp0XkpYCY91JJcHAgMFiF3LZBvgOU17gIdHJjwnGBfy9+Fh6f5fqTn/sxBhM
Yyio0oyaycdrITnd0/KKnU2oEAASqwIvCCx5TJk4gmEKaKIAw9+DJLrHWJCvy7Lh
S97jF834n/jT8mHT9u3HncYH3FDtNcRItKFquKTzvn+T9hCDbs8dU5Q/iQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPjPA/xEDVtu6kr9sl+pQm01TLyKMB8GA1UdIwQY
MBaAFI34k+3zMgjXos9iJoYTdp+0lnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZpVDdmTXlDTmVpejJJbWhoTjJuN1NXZkdZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMGE5NWQtOTM3Yy00NzNjLWE4NWYt
Zjg3Nzg3YjFkMDNjLzEvMS1NOERfRVFOVzI3cVN2MnlYNmxDYlRWTXZJby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2QvMDBhOTVkLTkzN2MtNDczYy1hODVmLWY4Nzc4N2IxZDAz
Yy8xL2pmaVQ3Zk15Q05laXoySW1oaE4ybjdTV2ZHWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvCTAME
AlvkBAMEAcMcGjANBgkqhkiG9w0BAQsFAAOCAQEAkoRYXI9PeHlMyEoHfrFBmxCk
2ZnZ7sp+UJkiI7G3RYfCTk9egl5Sgk8w5+BsOt8XjiCqD7cb4T/9mGLgmFTM5Li7
KQLnjKWoLupPBMxKLeqMhKVe4ghUVI2ZBvP4CNJ3tUV1d24E+swxFCwZhJqwSXCw
y8TJliPtlTu1MCKcMWKUU3LJfPGNqhIqUqGx0SY43/Og+Vec2niMoD4IWvB4CCtG
YrKt3+ME+oxHbFJw2T993UdoqfKaGsbZO2ko2fboeHt8RZ5GdFS0AFHTDF6017lb
0rsijGPUsllgKMk+wJ9mGYO6CxwOGq7/r6ILnOaL8tsfztgtfId0A2OjlNR71Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:57 2025 by rpki-client