Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/8cESa6oFVBL8W-xenSJvutcIPmM.roa
File: 8cESa6oFVBL8W-xenSJvutcIPmM.roa (raw, json)
Hash identifier: uiwzHcKGlarN1Zg3y8eQxigZD32XuwuHJOYVhVbc6m8=
Subject key identifier: F1:C1:12:6B:AA:05:54:12:FC:5B:EC:5E:9D:22:6F:BA:D7:08:3E:63
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 0185719585DA7B840A30694E0BEFAA2B42E8
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/8cESa6oFVBL8W-xenSJvutcIPmM.roa
Signing time: Mon 02 Jan 2023 08:25:02 +0000
ROA not before: Mon 02 Jan 2023 08:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 159.100.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:85:da:7b:84:0a:30:69:4e:0b:ef:aa:2b:42:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 2 08:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1c1126baa055412fc5bec5e9d226fbad7083e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:43:7b:86:db:83:53:1a:69:00:72:bf:3a:b8:
58:e3:75:5b:31:46:86:2d:43:24:43:97:89:61:ec:
1e:b9:dd:9d:0b:e2:78:72:51:b4:99:c1:af:5b:71:
0d:4e:4a:1d:a5:58:b1:c6:00:94:1d:c9:ca:7c:07:
dd:e8:99:d1:7d:a3:29:a0:56:fe:96:2b:0d:25:e9:
d7:f9:9b:76:d3:66:c0:0b:72:b4:d3:a5:ab:07:67:
2b:15:ac:b7:ff:a7:39:d2:bb:a8:a3:6b:c6:9c:c3:
67:93:60:cf:b9:07:6c:56:56:5b:6f:d7:7d:f4:1e:
10:0a:55:51:10:37:b3:15:65:be:a6:20:3e:68:d2:
be:8b:1d:76:7c:b2:d5:5f:e7:b2:fc:26:bd:f2:9e:
0b:18:4c:08:1d:07:1a:8b:30:96:e9:e8:66:7b:88:
4b:4c:84:55:82:a5:18:8f:5f:5d:24:35:2b:fb:90:
68:c6:25:74:41:1b:6e:2a:d1:71:25:05:1e:03:3e:
99:e5:ca:5a:31:78:0b:21:42:40:a0:31:2d:b4:93:
aa:c2:6d:e1:35:08:76:e0:7b:f5:03:4a:5e:b2:0b:
33:98:4e:81:52:6a:c8:99:a0:48:a9:5b:f5:5c:13:
c8:03:8e:a5:73:eb:b5:ad:e6:12:8e:44:ca:6b:26:
f5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C1:12:6B:AA:05:54:12:FC:5B:EC:5E:9D:22:6F:BA:D7:08:3E:63
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/8cESa6oFVBL8W-xenSJvutcIPmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.100.60.0/22
Signature Algorithm: sha256WithRSAEncryption
67:71:b5:3d:67:99:57:65:82:a5:d2:9d:0e:29:0b:98:fc:fc:
ff:05:74:df:1c:18:18:9e:1b:1f:63:7f:6b:ad:c6:ec:8f:65:
8e:3e:94:f6:5c:67:1b:e8:66:4a:82:7b:4b:6b:6c:74:46:f4:
4f:33:d3:47:d8:7d:74:11:f5:6d:50:79:c0:3a:d4:28:c9:fd:
c9:c0:cf:c1:33:9d:f9:11:92:d9:6f:01:d7:29:e6:6f:96:bc:
6a:1b:a8:88:cb:4a:0a:da:a6:a9:d8:6b:05:7d:78:a9:41:19:
55:fa:47:f6:07:28:09:63:db:e7:ec:e9:f5:ee:af:b8:66:05:
e5:f9:ba:ea:6b:54:61:d2:fd:6c:09:84:75:c8:c6:dc:58:8f:
2e:38:12:b5:5b:f7:2c:72:c0:61:2f:e4:a5:41:38:fd:7e:14:
25:b0:79:c6:a5:b7:2c:75:45:0c:ed:ae:53:bf:68:29:dc:92:
99:56:da:78:cb:61:05:a2:ae:22:dc:8a:f1:5e:15:40:cd:e8:
b2:e4:61:f2:b4:19:db:8e:77:7e:9e:d7:bd:a5:2c:42:bf:19:
33:9e:f0:94:26:3c:87:39:22:dc:13:da:09:2c:9f:ac:66:9b:
08:15:fc:30:7f:59:6a:da:72:e4:4e:80:75:15:b6:2a:fc:bf:
29:a8:fb:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlYXae4QKMGlOC++qK0LoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGRhOWU3YWYwMWRlNzU0NDhmNDkwNmFhYzQxYmQyOTY0
ZTg4NDcwHhcNMjMwMTAyMDgyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWMxMTI2YmFhMDU1NDEyZmM1YmVjNWU5ZDIyNmZiYWQ3MDgzZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkN7htuDUxppAHK/OrhY43VbMUaG
LUMkQ5eJYeweud2dC+J4clG0mcGvW3ENTkodpVixxgCUHcnKfAfd6JnRfaMpoFb+
lisNJenX+Zt202bAC3K006WrB2crFay3/6c50ruoo2vGnMNnk2DPuQdsVlZbb9d9
9B4QClVREDezFWW+piA+aNK+ix12fLLVX+ey/Ca98p4LGEwIHQcaizCW6ehme4hL
TIRVgqUYj19dJDUr+5BoxiV0QRtuKtFxJQUeAz6Z5cpaMXgLIUJAoDEttJOqwm3h
NQh24Hv1A0pesgszmE6BUmrImaBIqVv1XBPIA46lc+u1reYSjkTKayb1+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHBEmuqBVQS/FvsXp0ib7rXCD5jMB8GA1UdIwQY
MBaAFCENqeevAd51RI9JBqrEG9KWTohHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUt
NmUxMjc3NGY4NTFlLzEvOGNFU2E2b0ZWQkw4Vy14ZW5TSnZ1dGNJUG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUtNmUxMjc3NGY4NTFl
LzEvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCn2Q8MA0G
CSqGSIb3DQEBCwUAA4IBAQBncbU9Z5lXZYKl0p0OKQuY/Pz/BXTfHBgYnhsfY39r
rcbsj2WOPpT2XGcb6GZKgntLa2x0RvRPM9NH2H10EfVtUHnAOtQoyf3JwM/BM535
EZLZbwHXKeZvlrxqG6iIy0oK2qap2GsFfXipQRlV+kf2BygJY9vn7On17q+4ZgXl
+brqa1Rh0v1sCYR1yMbcWI8uOBK1W/cscsBhL+SlQTj9fhQlsHnGpbcsdUUM7a5T
v2gp3JKZVtp4y2EFoq4i3IrxXhVAzeiy5GHytBnbjnd+nte9pSxCvxkznvCUJjyH
OSLcE9oJLJ+sZpsIFfwwf1lq2nLkToB1FbYq/L8pqPty
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:03:51 2025 by rpki-client