Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/7d20a2-b881-461c-bbf5-2b6809339702/1/_UiO4DkS1eOdk5HTRw7eOc9-9zE.roa
File: _UiO4DkS1eOdk5HTRw7eOc9-9zE.roa (raw, json)
Hash identifier: N4ISCHFhn3BMFe4DyJE1MLQQaeOyjK+LjMB0uPp9mgQ=
Subject key identifier: FD:48:8E:E0:39:12:D5:E3:9D:93:91:D3:47:0E:DE:39:CF:7E:F7:31
Certificate issuer: /CN=4bd1f50df263fe509fc5de9c5a473a28e3812639
Certificate serial: 01856FD4FF33705E9DC157E52B996B89C385
Authority key identifier: 4B:D1:F5:0D:F2:63:FE:50:9F:C5:DE:9C:5A:47:3A:28:E3:81:26:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S9H1DfJj_lCfxd6cWkc6KOOBJjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/7d20a2-b881-461c-bbf5-2b6809339702/1/_UiO4DkS1eOdk5HTRw7eOc9-9zE.roa
Signing time: Mon 02 Jan 2023 00:15:07 +0000
ROA not before: Mon 02 Jan 2023 00:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212597
IP address blocks: 98.158.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:ff:33:70:5e:9d:c1:57:e5:2b:99:6b:89:c3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bd1f50df263fe509fc5de9c5a473a28e3812639
Validity
Not Before: Jan 2 00:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd488ee03912d5e39d9391d3470ede39cf7ef731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f2:06:fc:4c:06:c9:47:00:79:99:e1:9f:f8:
55:3a:94:1f:b3:46:e7:59:26:17:0d:e2:7d:a6:06:
7c:c4:06:d9:84:44:3f:cf:35:37:0f:18:4c:ff:3a:
87:b7:fb:70:1f:52:90:f5:29:fd:c3:07:48:d0:75:
0d:68:83:e7:13:40:93:1c:6a:04:cd:bc:59:63:20:
56:a8:4e:ca:7b:b5:f1:f6:35:fd:03:85:9d:ea:9a:
db:b0:9a:e5:28:ae:af:55:3c:cd:20:e0:10:fc:d1:
59:98:0a:c5:1f:c8:35:10:ed:22:c8:13:2d:f0:33:
8c:a2:dc:d8:10:31:95:ed:03:76:4a:14:ce:aa:39:
ab:6e:af:c2:69:0d:d1:41:b2:12:56:82:34:b4:6e:
9c:25:46:dd:58:dc:a2:6a:7a:18:a2:28:5e:86:ba:
06:ce:5a:aa:d1:5a:69:e2:cd:64:05:77:77:4e:fb:
e7:c8:1a:69:c0:82:48:ac:cd:b8:55:aa:92:0b:a8:
2d:6b:ce:4d:59:b5:6f:1f:c0:32:43:d4:fa:3d:13:
33:45:d7:54:3c:a5:15:90:92:f7:c0:e5:24:ee:58:
32:0a:f1:28:e2:99:11:e7:ed:49:27:0f:39:6d:67:
c8:92:76:67:83:3e:af:5b:ae:96:a6:3c:72:40:6e:
a0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:48:8E:E0:39:12:D5:E3:9D:93:91:D3:47:0E:DE:39:CF:7E:F7:31
X509v3 Authority Key Identifier:
keyid:4B:D1:F5:0D:F2:63:FE:50:9F:C5:DE:9C:5A:47:3A:28:E3:81:26:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S9H1DfJj_lCfxd6cWkc6KOOBJjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7d20a2-b881-461c-bbf5-2b6809339702/1/_UiO4DkS1eOdk5HTRw7eOc9-9zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7d20a2-b881-461c-bbf5-2b6809339702/1/S9H1DfJj_lCfxd6cWkc6KOOBJjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
98.158.238.0/24
Signature Algorithm: sha256WithRSAEncryption
22:04:d4:ff:11:a1:9b:87:92:c0:ab:6c:e6:59:fc:8a:cb:03:
be:95:5a:e1:35:c8:59:38:5b:e5:e8:cf:eb:49:3b:ae:a5:4c:
5b:1d:51:16:9c:dc:00:39:6c:cd:47:cf:75:ad:10:aa:59:a0:
98:dc:57:cc:ef:8f:62:4a:bf:a0:c3:6d:9f:95:25:d2:6d:a7:
01:4e:d0:30:5b:36:d9:e4:1d:b2:e8:32:88:2a:f7:14:0a:8d:
d5:2d:cd:0b:08:6f:a5:57:e3:41:e1:a1:79:76:d1:9b:dc:9c:
a4:6e:67:b2:c8:42:0d:4e:82:a3:71:31:f7:e4:23:fe:6d:2b:
28:b4:69:bc:46:4b:e6:52:36:2c:29:0f:4e:4f:3c:6e:90:1e:
a2:0b:d4:46:ad:dc:a6:50:16:38:ac:39:1d:28:87:1c:39:fb:
a9:cf:21:fb:e0:ff:db:7c:90:b3:38:5f:23:7e:64:c6:61:7c:
03:09:2a:77:5a:38:ba:53:bd:4c:52:55:76:29:89:76:f7:a0:
29:cd:b5:15:8d:ac:49:62:40:b1:79:f4:59:00:77:0d:b9:04:
65:aa:f5:3c:5d:04:fb:b0:79:91:2d:f0:cf:66:71:4a:8c:03:
d0:00:16:82:47:ef:fe:88:dd:94:ea:f0:68:3e:d1:32:a3:b6:
1e:aa:87:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1P8zcF6dwVflK5lricOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZDFmNTBkZjI2M2ZlNTA5ZmM1ZGU5YzVhNDczYTI4ZTM4
MTI2MzkwHhcNMjMwMTAyMDAxNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQ4OGVlMDM5MTJkNWUzOWQ5MzkxZDM0NzBlZGUzOWNmN2VmNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/IG/EwGyUcAeZnhn/hVOpQfs0bn
WSYXDeJ9pgZ8xAbZhEQ/zzU3DxhM/zqHt/twH1KQ9Sn9wwdI0HUNaIPnE0CTHGoE
zbxZYyBWqE7Ke7Xx9jX9A4Wd6prbsJrlKK6vVTzNIOAQ/NFZmArFH8g1EO0iyBMt
8DOMotzYEDGV7QN2ShTOqjmrbq/CaQ3RQbISVoI0tG6cJUbdWNyianoYoihehroG
zlqq0Vpp4s1kBXd3TvvnyBppwIJIrM24VaqSC6gta85NWbVvH8AyQ9T6PRMzRddU
PKUVkJL3wOUk7lgyCvEo4pkR5+1JJw85bWfIknZngz6vW66WpjxyQG6gawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1IjuA5EtXjnZOR00cO3jnPfvcxMB8GA1UdIwQY
MBaAFEvR9Q3yY/5Qn8XenFpHOijjgSY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzlIMURmSmpfbENmeGQ2Y1drYzZLT09CSmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83ZDIwYTItYjg4MS00NjFjLWJiZjUt
MmI2ODA5MzM5NzAyLzEvX1VpTzREa1MxZU9kazVIVFJ3N2VPYzktOXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83ZDIwYTItYjg4MS00NjFjLWJiZjUtMmI2ODA5MzM5NzAy
LzEvUzlIMURmSmpfbENmeGQ2Y1drYzZLT09CSmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAYp7uMA0G
CSqGSIb3DQEBCwUAA4IBAQAiBNT/EaGbh5LAq2zmWfyKywO+lVrhNchZOFvl6M/r
STuupUxbHVEWnNwAOWzNR891rRCqWaCY3FfM749iSr+gw22flSXSbacBTtAwWzbZ
5B2y6DKIKvcUCo3VLc0LCG+lV+NB4aF5dtGb3JykbmeyyEINToKjcTH35CP+bSso
tGm8RkvmUjYsKQ9OTzxukB6iC9RGrdymUBY4rDkdKIccOfupzyH74P/bfJCzOF8j
fmTGYXwDCSp3Wji6U71MUlV2KYl296ApzbUVjaxJYkCxefRZAHcNuQRlqvU8XQT7
sHmRLfDPZnFKjAPQABaCR+/+iN2U6vBoPtEyo7YeqocZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:53 2025 by rpki-client