Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/wM-L9rUKNiVugq_NjriMbutJ-bc.roa
File: wM-L9rUKNiVugq_NjriMbutJ-bc.roa (raw, json)
Hash identifier: L2UZ7s4+gmICXFITuPL24rR6+l9j5rPTL2xr8fQWfHU=
Subject key identifier: C0:CF:8B:F6:B5:0A:36:25:6E:82:AF:CD:8E:B8:8C:6E:EB:49:F9:B7
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F102693F9FC08C422C85CDEECD1E00
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/wM-L9rUKNiVugq_NjriMbutJ-bc.roa
Signing time: Mon 02 Jan 2023 10:04:58 +0000
ROA not before: Mon 02 Jan 2023 10:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202658
IP address blocks: 88.148.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:02:69:3f:9f:c0:8c:42:2c:85:cd:ee:cd:1e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0cf8bf6b50a36256e82afcd8eb88c6eeb49f9b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b3:26:68:5b:07:55:d0:a9:08:38:5b:cc:7c:
67:1b:44:49:c6:66:d7:a4:c4:e7:f9:7e:dc:dd:0d:
91:bd:a2:0c:0b:1e:4e:16:94:42:36:ee:8f:46:79:
44:1d:a4:ec:39:2a:59:56:67:76:20:15:c6:c6:c6:
a4:38:1d:89:e0:55:38:6e:52:e7:9f:74:0b:dc:55:
0e:71:e5:dd:28:5b:ab:ba:ad:60:a2:6e:7f:de:14:
c9:cc:35:2b:10:25:3b:36:ce:87:ca:39:e4:2a:f6:
86:c9:46:51:36:7e:99:53:b3:2a:b9:97:c3:8e:32:
84:9f:5f:d0:ae:89:bd:bf:6e:88:e2:95:7d:2b:dc:
18:b8:a2:c8:3b:e8:ec:e0:c8:25:a2:ed:c7:21:df:
b0:23:f9:df:82:a5:af:66:de:c9:86:93:d4:cc:90:
36:0b:fe:00:8c:5e:54:49:1f:e9:27:04:49:a7:77:
af:37:15:af:ac:45:5a:19:f5:60:92:c5:b0:18:3c:
67:f4:83:47:d6:3f:33:12:82:34:38:15:0d:73:c9:
fa:62:da:22:a6:a9:e8:f5:ca:4f:07:39:49:25:a7:
37:d7:18:07:d9:1e:68:aa:18:9c:2c:2b:0e:81:83:
29:f4:b5:fb:79:1c:1b:6d:cb:b9:0a:ef:26:6c:1f:
de:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:CF:8B:F6:B5:0A:36:25:6E:82:AF:CD:8E:B8:8C:6E:EB:49:F9:B7
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/wM-L9rUKNiVugq_NjriMbutJ-bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.148.49.0/24
Signature Algorithm: sha256WithRSAEncryption
74:85:76:06:72:07:90:a5:60:77:31:0b:97:e0:9c:15:53:ef:
65:db:04:69:b6:cd:8a:a8:b9:d3:06:04:3a:d7:ff:83:85:99:
31:d5:36:61:18:1d:f7:70:c5:51:90:d0:17:f5:b5:24:3e:d9:
8d:68:d3:a0:8d:f8:8b:08:9c:16:c4:b5:91:f8:e3:9a:40:73:
97:ff:b6:c9:6e:19:9e:66:6e:00:51:af:62:29:f7:0f:90:18:
d0:6f:ea:f1:9d:2a:fc:79:1a:a2:12:c0:dd:a8:bc:3c:24:ef:
e4:44:ef:9a:40:3a:7d:b1:10:d3:e9:08:60:57:18:3c:6a:15:
4a:62:53:a4:c8:b4:84:d0:95:24:eb:bf:ea:32:71:fb:4a:26:
83:8c:ab:c2:34:5c:50:b7:f8:df:7d:3e:46:a7:a6:a9:e8:f0:
b8:e1:6a:a9:bc:27:4b:6d:bd:4e:ec:39:23:a3:5a:71:17:97:
af:6d:a8:95:24:1d:67:e3:25:a4:e7:8a:18:74:09:90:5f:99:
f2:83:da:60:e8:45:b5:7f:a3:20:f3:7e:a5:54:35:96:22:bf:
15:8a:59:2b:c4:72:a1:e0:c7:0d:12:b2:0b:85:83:4b:66:65:
59:19:7e:e8:1c:c1:ed:74:eb:35:a5:4b:fe:cf:dc:ed:84:8d:
80:05:30:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8QJpP5/AjEIshc3uzR4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGNmOGJmNmI1MGEzNjI1NmU4MmFmY2Q4ZWI4OGM2ZWViNDlmOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7MmaFsHVdCpCDhbzHxnG0RJxmbX
pMTn+X7c3Q2RvaIMCx5OFpRCNu6PRnlEHaTsOSpZVmd2IBXGxsakOB2J4FU4blLn
n3QL3FUOceXdKFuruq1gom5/3hTJzDUrECU7Ns6HyjnkKvaGyUZRNn6ZU7MquZfD
jjKEn1/Qrom9v26I4pV9K9wYuKLIO+js4Mglou3HId+wI/nfgqWvZt7JhpPUzJA2
C/4AjF5USR/pJwRJp3evNxWvrEVaGfVgksWwGDxn9INH1j8zEoI0OBUNc8n6Ytoi
pqno9cpPBzlJJac31xgH2R5oqhicLCsOgYMp9LX7eRwbbcu5Cu8mbB/eUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDPi/a1CjYlboKvzY64jG7rSfm3MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvd00tTDlyVUtOaVZ1Z3FfTmpyaU1idXRKLWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJQxMA0G
CSqGSIb3DQEBCwUAA4IBAQB0hXYGcgeQpWB3MQuX4JwVU+9l2wRpts2KqLnTBgQ6
1/+DhZkx1TZhGB33cMVRkNAX9bUkPtmNaNOgjfiLCJwWxLWR+OOaQHOX/7bJbhme
Zm4AUa9iKfcPkBjQb+rxnSr8eRqiEsDdqLw8JO/kRO+aQDp9sRDT6QhgVxg8ahVK
YlOkyLSE0JUk67/qMnH7SiaDjKvCNFxQt/jffT5Gp6ap6PC44WqpvCdLbb1O7Dkj
o1pxF5evbaiVJB1n4yWk54oYdAmQX5nyg9pg6EW1f6Mg836lVDWWIr8VilkrxHKh
4McNErILhYNLZmVZGX7oHMHtdOs1pUv+z9zthI2ABTAl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:55 2025 by rpki-client