Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/9G8nTTW6qMviY1fTOUbY7CtlI1s.roa
File: 9G8nTTW6qMviY1fTOUbY7CtlI1s.roa (raw, json)
Hash identifier: j6kcPc7YnwqnwAg0PdBNgmqucL40Af2elE9qRR4uTjI=
Subject key identifier: F4:6F:27:4D:35:BA:A8:CB:E2:63:57:D3:39:46:D8:EC:2B:65:23:5B
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B811E82279DDA32B28FBA9A353DE412
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/9G8nTTW6qMviY1fTOUbY7CtlI1s.roa
Signing time: Sun 01 Jan 2023 04:05:01 +0000
ROA not before: Sun 01 Jan 2023 04:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59851
IP address blocks: 87.118.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:1e:82:27:9d:da:32:b2:8f:ba:9a:35:3d:e4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f46f274d35baa8cbe26357d33946d8ec2b65235b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:98:de:e5:bd:04:6e:71:f2:ab:c1:02:34:2a:
9b:ad:7d:ed:bf:38:22:fc:f8:0c:04:a1:b8:c4:d9:
7d:49:85:7d:f0:6c:7b:ea:2b:3e:62:60:17:4d:bd:
11:db:31:cb:4a:d6:ee:55:99:07:31:c5:c5:84:38:
62:26:5a:9d:8e:17:40:a9:1e:d9:da:55:b0:d0:5c:
c8:56:3d:02:bd:ad:1e:7b:b3:76:89:7c:94:81:80:
ad:28:1f:19:0c:f1:3e:4f:d3:c8:f1:ac:06:11:8b:
c6:ca:db:62:fb:7a:de:53:f9:92:d1:7b:c9:da:73:
13:34:a3:3e:d5:88:8b:45:0a:43:df:a8:66:a2:93:
b6:16:a5:0e:ec:ed:d6:68:73:39:19:0d:b0:05:3b:
28:03:8d:15:83:0d:df:b4:da:c0:1d:8a:e2:92:3b:
c0:c6:97:e5:5f:27:e6:84:33:1e:9a:bd:4e:61:f9:
c9:06:10:76:8b:bf:e3:cd:47:a1:3c:94:bb:56:15:
bb:d5:e6:2f:7d:09:8c:ee:b4:57:a9:cb:4e:72:6e:
ee:f6:37:f7:2f:32:38:5e:a0:2c:dd:af:b6:b0:99:
7b:fb:7f:7e:7f:04:03:97:65:df:3a:ec:9c:d8:59:
4a:66:c7:29:c4:5c:20:da:8a:fe:81:16:4b:94:38:
1a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6F:27:4D:35:BA:A8:CB:E2:63:57:D3:39:46:D8:EC:2B:65:23:5B
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/9G8nTTW6qMviY1fTOUbY7CtlI1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.118.135.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a1:4c:43:d8:a6:25:2a:aa:9e:77:39:27:29:d7:f6:2b:de:
78:0c:c6:8d:b3:08:0e:5a:b5:53:c2:88:9a:e6:0d:df:0d:51:
82:01:f0:cc:d0:c2:40:a2:ee:3a:6f:ab:28:5d:6c:98:fb:09:
f7:fd:73:88:3d:a9:09:00:08:c6:00:74:f9:e7:08:68:20:d0:
ce:e1:64:57:f0:59:58:e9:3c:12:53:f7:07:82:73:c2:ee:c3:
c7:52:1f:57:31:57:02:01:f0:46:d8:cb:1a:ec:2d:a7:4e:03:
83:99:0b:2c:e5:e1:49:8f:06:a2:0a:39:9b:17:cf:8b:f1:8f:
0f:db:03:99:4e:6a:69:38:ba:07:29:34:5e:32:af:80:9a:97:
5d:98:92:39:d3:0b:bb:51:39:f9:9f:17:4c:8f:93:f5:70:13:
38:7c:5b:41:77:2a:f7:57:9c:23:bf:70:39:2d:48:71:1b:75:
15:74:85:5d:59:69:65:a7:ed:12:d2:61:3e:6b:b1:53:c0:a7:
21:12:a6:0d:0a:73:26:22:95:69:9e:73:fb:30:d3:50:6a:39:
4c:55:d6:7c:e3:73:46:b3:d4:eb:db:c8:57:63:56:2a:03:12:
b0:3c:09:74:79:33:54:25:f1:24:f4:8e:21:2e:c1:aa:16:99:
7f:3e:4f:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgR6CJ53aMrKPupo1PeQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZmMjc0ZDM1YmFhOGNiZTI2MzU3ZDMzOTQ2ZDhlYzJiNjUyMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpje5b0EbnHyq8ECNCqbrX3tvzgi
/PgMBKG4xNl9SYV98Gx76is+YmAXTb0R2zHLStbuVZkHMcXFhDhiJlqdjhdAqR7Z
2lWw0FzIVj0Cva0ee7N2iXyUgYCtKB8ZDPE+T9PI8awGEYvGytti+3reU/mS0XvJ
2nMTNKM+1YiLRQpD36hmopO2FqUO7O3WaHM5GQ2wBTsoA40Vgw3ftNrAHYrikjvA
xpflXyfmhDMemr1OYfnJBhB2i7/jzUehPJS7VhW71eYvfQmM7rRXqctOcm7u9jf3
LzI4XqAs3a+2sJl7+39+fwQDl2XfOuyc2FlKZscpxFwg2or+gRZLlDgaVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRvJ001uqjL4mNX0zlG2OwrZSNbMB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvOUc4blRUVzZxTXZpWTFmVE9VYlk3Q3RsSTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3aHMA0G
CSqGSIb3DQEBCwUAA4IBAQB1oUxD2KYlKqqedzknKdf2K954DMaNswgOWrVTwoia
5g3fDVGCAfDM0MJAou46b6soXWyY+wn3/XOIPakJAAjGAHT55whoINDO4WRX8FlY
6TwSU/cHgnPC7sPHUh9XMVcCAfBG2Msa7C2nTgODmQss5eFJjwaiCjmbF8+L8Y8P
2wOZTmppOLoHKTReMq+AmpddmJI50wu7UTn5nxdMj5P1cBM4fFtBdyr3V5wjv3A5
LUhxG3UVdIVdWWllp+0S0mE+a7FTwKchEqYNCnMmIpVpnnP7MNNQajlMVdZ843NG
s9Tr28hXY1YqAxKwPAl0eTNUJfEk9I4hLsGqFpl/Pk+n
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:53 2025 by rpki-client