Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/9m1UbOPO9iv2vyyT8DbIv3aDkiI.roa
File: 9m1UbOPO9iv2vyyT8DbIv3aDkiI.roa (raw, json)
Hash identifier: stKikAKWmAV83HuxM5GR7VC6sNFapsML4FdhaNb8zw4=
Subject key identifier: F6:6D:54:6C:E3:CE:F6:2B:F6:BF:2C:93:F0:36:C8:BF:76:83:92:22
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 018963E66A14AC9ED7D908C3755E9FCCEA46
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/9m1UbOPO9iv2vyyT8DbIv3aDkiI.roa
Signing time: Mon 17 Jul 2023 12:49:52 +0000
ROA not before: Mon 17 Jul 2023 12:49:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203050
IP address blocks: 185.178.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:e6:6a:14:ac:9e:d7:d9:08:c3:75:5e:9f:cc:ea:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: Jul 17 12:49:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f66d546ce3cef62bf6bf2c93f036c8bf76839222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4d:74:c0:a9:9c:cf:ce:e5:93:9f:93:7d:52:
92:ad:e0:0e:a7:e1:4d:e7:f0:2c:cc:9d:6a:34:d5:
a0:9d:29:8a:ab:7b:d5:e9:d7:b7:4a:25:cb:ba:98:
2d:15:4e:38:15:3e:b5:26:e1:2a:fb:b6:c7:d4:1d:
9a:63:b6:00:1f:4e:7f:06:14:07:12:ba:50:9b:04:
3f:36:a3:65:7b:0b:66:50:62:8a:d9:61:bd:df:0b:
24:61:de:a4:a7:82:ba:dd:bd:6b:63:ef:b2:f8:5c:
e0:35:8e:7c:4a:1e:6f:d4:a9:ce:f3:a5:45:3d:90:
9f:0e:d1:11:8c:40:b9:fd:63:9a:0c:3c:cf:3e:0e:
46:ae:64:3b:48:4b:07:66:c7:a2:89:d4:9d:08:8d:
27:0d:8b:19:8b:c3:55:a5:59:f8:4d:8b:8b:cc:f0:
b8:7f:05:9b:eb:7a:4c:3e:ce:8c:70:1f:af:92:91:
85:09:1f:36:33:81:b0:b3:62:1c:5b:a0:74:55:a7:
e2:11:32:d6:1f:06:64:53:37:58:6e:d6:c7:20:c9:
85:3b:80:3e:8c:e7:df:58:fd:5d:cd:b0:ed:e6:37:
69:5f:92:9a:29:7f:86:fc:d1:94:2c:4f:ea:a6:80:
df:83:b0:8b:72:3b:4d:53:12:89:5f:ff:12:66:81:
c1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6D:54:6C:E3:CE:F6:2B:F6:BF:2C:93:F0:36:C8:BF:76:83:92:22
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/9m1UbOPO9iv2vyyT8DbIv3aDkiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.159.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:d7:f9:d8:76:c2:9a:33:93:f3:c2:be:58:c6:3a:61:4b:ba:
91:d1:e1:ed:3c:07:3c:f7:07:81:b2:c6:99:04:3f:ec:0b:1d:
ec:0c:7e:04:df:9d:91:68:e7:aa:e0:64:d3:65:ce:2f:ab:f6:
5a:70:9d:df:0a:d5:3b:73:9a:f5:6d:22:e7:11:f1:e6:bc:43:
98:39:7a:da:d9:7c:55:f9:98:8e:57:15:f2:fe:33:e7:df:6a:
dd:fe:51:44:d7:bb:99:c9:11:2f:6f:95:f8:31:1a:77:5c:4d:
e0:df:35:62:49:0e:12:85:5f:44:b5:bc:76:9f:c1:6d:03:4c:
d5:e0:82:8b:73:16:f2:57:d0:d8:c6:a4:38:ab:0b:25:85:7c:
05:6a:5a:11:d0:70:0f:63:19:9c:57:f8:db:38:77:8b:5c:ff:
d0:fd:e5:c8:70:af:14:25:a8:b4:5d:db:ba:57:e7:c6:e1:93:
2a:42:81:00:5e:bf:5c:e5:be:5b:4d:20:2e:e9:3e:28:17:70:
40:cd:05:71:ff:ad:f7:99:7a:b0:66:a1:d5:e8:ce:3e:b2:a1:
17:d3:6d:d5:e7:bd:38:ad:da:a2:8e:93:fc:ea:25:32:6c:1d:
67:1c:6e:ae:81:9a:f9:11:8a:7c:a1:da:66:26:b5:c9:70:ea:
2c:8e:f7:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlj5moUrJ7X2QjDdV6fzOpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx
MWU5NGEwHhcNMjMwNzE3MTI0OTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjZkNTQ2Y2UzY2VmNjJiZjZiZjJjOTNmMDM2YzhiZjc2ODM5MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU10wKmcz87lk5+TfVKSreAOp+FN
5/AszJ1qNNWgnSmKq3vV6de3SiXLupgtFU44FT61JuEq+7bH1B2aY7YAH05/BhQH
ErpQmwQ/NqNlewtmUGKK2WG93wskYd6kp4K63b1rY++y+FzgNY58Sh5v1KnO86VF
PZCfDtERjEC5/WOaDDzPPg5GrmQ7SEsHZseiidSdCI0nDYsZi8NVpVn4TYuLzPC4
fwWb63pMPs6McB+vkpGFCR82M4Gws2IcW6B0VafiETLWHwZkUzdYbtbHIMmFO4A+
jOffWP1dzbDt5jdpX5KaKX+G/NGULE/qpoDfg7CLcjtNUxKJX/8SZoHBKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZtVGzjzvYr9r8sk/A2yL92g5IiMB8GA1UdIwQY
MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt
NTBjYmNiNWIxOWMyLzEvOW0xVWJPUE85aXYydnl5VDhEYkl2M2FEa2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy
LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubKfMA0G
CSqGSIb3DQEBCwUAA4IBAQCu1/nYdsKaM5Pzwr5YxjphS7qR0eHtPAc89weBssaZ
BD/sCx3sDH4E352RaOeq4GTTZc4vq/ZacJ3fCtU7c5r1bSLnEfHmvEOYOXra2XxV
+ZiOVxXy/jPn32rd/lFE17uZyREvb5X4MRp3XE3g3zViSQ4ShV9Etbx2n8FtA0zV
4IKLcxbyV9DYxqQ4qwslhXwFaloR0HAPYxmcV/jbOHeLXP/Q/eXIcK8UJai0Xdu6
V+fG4ZMqQoEAXr9c5b5bTSAu6T4oF3BAzQVx/633mXqwZqHV6M4+sqEX023V5704
rdqijpP86iUybB1nHG6ugZr5EYp8odpmJrXJcOosjvd1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:14 2025 by rpki-client