Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dv8PHsvGIG0ie2_59fQmoPFLQJE.roa
File: dv8PHsvGIG0ie2_59fQmoPFLQJE.roa (raw, json)
Hash identifier: hqOtr+moY8oqf4DR0c3wl9WSW7O6lb32IbmLYHcIJPk=
Subject key identifier: 76:FF:0F:1E:CB:C6:20:6D:22:7B:6F:F9:F5:F4:26:A0:F1:4B:40:91
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01856F54A616F1C6BB65FACA6010E8E5C12A
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dv8PHsvGIG0ie2_59fQmoPFLQJE.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 153.96.140.0/24 maxlen: 24
153.96.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a6:16:f1:c6:bb:65:fa:ca:60:10:e8:e5:c1:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76ff0f1ecbc6206d227b6ff9f5f426a0f14b4091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8a:98:22:5f:b8:9e:2f:21:d8:2c:d0:f2:16:
17:9d:c3:44:46:1c:50:40:18:3a:f4:36:a7:19:19:
b7:5e:ca:79:27:2a:ce:5d:aa:f1:68:1f:03:ab:8c:
7d:0d:f3:a2:5d:ec:d5:d7:97:e0:96:83:06:49:e9:
04:ea:74:5e:04:99:74:85:4a:f8:5c:44:e9:d0:e8:
52:59:62:1b:c4:05:d4:04:bf:4c:82:64:56:2c:20:
dc:90:07:be:68:66:bc:30:51:43:5f:94:38:3e:cc:
50:31:cd:52:18:f8:9e:5e:a6:73:9e:e5:a9:82:93:
ab:ef:cf:78:37:11:8a:af:04:2c:57:14:34:68:5f:
8b:e9:30:80:f5:ea:cc:2f:94:b3:9c:99:00:70:69:
7d:c5:39:cd:40:2a:44:3c:af:e9:e3:25:ed:55:9d:
62:68:40:0c:73:51:c7:3e:3d:d9:32:55:60:1a:e7:
c6:c7:85:9f:d9:21:ac:a7:c3:3d:31:b5:2a:62:dd:
93:b6:3c:ec:f5:27:d2:14:67:30:4f:2c:f4:ca:3f:
07:9d:be:9b:df:e7:83:c3:d9:95:e1:06:fb:89:d4:
33:ed:51:17:46:9f:b8:db:d3:9f:17:38:34:01:6f:
14:1f:9a:da:4f:a4:ed:13:78:b6:36:eb:61:0c:08:
f6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FF:0F:1E:CB:C6:20:6D:22:7B:6F:F9:F5:F4:26:A0:F1:4B:40:91
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dv8PHsvGIG0ie2_59fQmoPFLQJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.140.0/23
Signature Algorithm: sha256WithRSAEncryption
06:42:52:6d:4c:8f:5f:86:94:c8:d4:7f:c1:43:ea:35:5e:ff:
af:2d:97:19:45:73:60:c2:e5:01:0a:c7:36:b0:24:66:d8:cf:
11:79:10:63:93:5c:6d:78:62:d0:7a:95:ec:e8:47:6a:8d:bd:
e0:21:dd:48:ee:ce:9e:02:6d:e1:cf:be:ee:09:bf:55:a5:1c:
5f:1a:19:3c:3b:70:9a:1a:b3:c1:36:0b:e7:52:af:2e:9b:33:
39:bc:9f:bc:92:d2:9a:73:37:2a:96:0f:ca:03:39:59:10:36:
04:31:e0:10:a8:48:d3:98:31:d9:26:6c:e1:35:7d:b5:14:03:
94:ed:f7:86:21:be:17:27:34:04:7f:e1:f3:4d:5a:05:fe:79:
6d:44:cc:ea:c2:9f:7c:49:8a:9f:d7:f1:4a:20:0f:87:5a:e7:
81:3b:d6:b1:98:df:6e:40:aa:2a:1d:e7:3b:84:03:e8:67:42:
16:e2:29:e5:20:93:f6:98:ab:4d:90:fa:05:1c:b7:bf:29:10:
45:74:b2:29:f5:48:99:62:3c:44:3f:69:9e:d0:49:10:0c:73:
60:69:78:03:27:1f:ee:6d:85:35:08:71:a6:a5:a6:3e:e4:51:
fd:72:1e:6d:98:2c:7d:e4:31:67:2c:d2:97:9d:8c:7f:8a:15:
14:ac:76:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVKYW8ca7ZfrKYBDo5cEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmZmMGYxZWNiYzYyMDZkMjI3YjZmZjlmNWY0MjZhMGYxNGI0MDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYqYIl+4ni8h2CzQ8hYXncNERhxQ
QBg69DanGRm3Xsp5JyrOXarxaB8Dq4x9DfOiXezV15fgloMGSekE6nReBJl0hUr4
XETp0OhSWWIbxAXUBL9MgmRWLCDckAe+aGa8MFFDX5Q4PsxQMc1SGPieXqZznuWp
gpOr7894NxGKrwQsVxQ0aF+L6TCA9erML5SznJkAcGl9xTnNQCpEPK/p4yXtVZ1i
aEAMc1HHPj3ZMlVgGufGx4Wf2SGsp8M9MbUqYt2Ttjzs9SfSFGcwTyz0yj8Hnb6b
3+eDw9mV4Qb7idQz7VEXRp+429OfFzg0AW8UH5raT6TtE3i2NuthDAj2GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHb/Dx7LxiBtIntv+fX0JqDxS0CRMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvZHY4UEhzdkdJRzBpZTJfNTlmUW1vUEZMUUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmWCMMA0G
CSqGSIb3DQEBCwUAA4IBAQAGQlJtTI9fhpTI1H/BQ+o1Xv+vLZcZRXNgwuUBCsc2
sCRm2M8ReRBjk1xteGLQepXs6Edqjb3gId1I7s6eAm3hz77uCb9VpRxfGhk8O3Ca
GrPBNgvnUq8umzM5vJ+8ktKaczcqlg/KAzlZEDYEMeAQqEjTmDHZJmzhNX21FAOU
7feGIb4XJzQEf+HzTVoF/nltRMzqwp98SYqf1/FKIA+HWueBO9axmN9uQKoqHec7
hAPoZ0IW4inlIJP2mKtNkPoFHLe/KRBFdLIp9UiZYjxEP2me0EkQDHNgaXgDJx/u
bYU1CHGmpaY+5FH9ch5tmCx95DFnLNKXnYx/ihUUrHYA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:52 2025 by rpki-client