Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1ee7af-7f61-4dc9-bc3e-b4e5cad0dc52/1/8O-r3OvYdcZoKV4QClpMa1r41cg.roa
File: 8O-r3OvYdcZoKV4QClpMa1r41cg.roa (raw, json)
Hash identifier: tN74DZ8LIa8cMbYxU2z8un3xrVl6urB+sSyuH/++Ib4=
Subject key identifier: F0:EF:AB:DC:EB:D8:75:C6:68:29:5E:10:0A:5A:4C:6B:5A:F8:D5:C8
Certificate issuer: /CN=0babfb67a0975384efb8b7b7ca807f714f75f84a
Certificate serial: 01898E68E7EDEB1EC510A5A944469583017D
Authority key identifier: 0B:AB:FB:67:A0:97:53:84:EF:B8:B7:B7:CA:80:7F:71:4F:75:F8:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6v7Z6CXU4TvuLe3yoB_cU91-Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1ee7af-7f61-4dc9-bc3e-b4e5cad0dc52/1/8O-r3OvYdcZoKV4QClpMa1r41cg.roa
Signing time: Tue 25 Jul 2023 18:56:26 +0000
ROA not before: Tue 25 Jul 2023 18:56:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24961
IP address blocks: 185.153.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8e:68:e7:ed:eb:1e:c5:10:a5:a9:44:46:95:83:01:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0babfb67a0975384efb8b7b7ca807f714f75f84a
Validity
Not Before: Jul 25 18:56:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0efabdcebd875c668295e100a5a4c6b5af8d5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9e:24:4d:22:b9:4c:91:41:99:17:a9:d1:0b:
49:92:10:58:82:37:81:ff:8b:f6:3a:66:db:aa:cc:
51:23:52:f7:c8:6a:35:65:b2:b1:e0:3d:ab:ed:6e:
af:20:5b:d4:af:de:ba:3d:85:c9:d5:55:c8:51:a3:
ed:ed:12:43:20:01:87:66:24:14:ea:87:f1:57:78:
59:aa:cb:50:2b:45:15:c5:dd:af:0e:22:a2:57:27:
30:a2:98:a5:7f:ef:23:db:fd:7b:57:f9:ff:83:86:
ed:16:5a:85:19:ff:71:b8:d8:d0:7c:12:c1:44:c5:
f9:18:a5:4a:a2:e8:51:9b:74:a5:29:50:e2:55:49:
e2:19:71:cc:b9:76:8b:a4:80:b2:16:e7:a3:af:87:
a1:98:ee:59:a9:02:7a:84:de:f6:b2:74:bb:41:fb:
dc:c3:38:c8:21:a7:49:a0:e7:d6:61:75:99:48:5a:
bf:6f:53:15:87:d7:28:76:9b:e1:2e:2e:31:fe:7e:
27:ee:d5:d3:0d:f1:17:70:42:9e:ca:65:c3:1f:70:
f0:59:db:18:f2:4f:57:68:8e:c0:a2:52:a5:4b:d3:
8c:b0:9e:5c:a1:1c:a9:13:03:e2:59:e7:e3:51:6a:
a1:99:77:29:71:fc:79:28:78:61:01:51:1e:82:91:
c2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EF:AB:DC:EB:D8:75:C6:68:29:5E:10:0A:5A:4C:6B:5A:F8:D5:C8
X509v3 Authority Key Identifier:
keyid:0B:AB:FB:67:A0:97:53:84:EF:B8:B7:B7:CA:80:7F:71:4F:75:F8:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6v7Z6CXU4TvuLe3yoB_cU91-Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1ee7af-7f61-4dc9-bc3e-b4e5cad0dc52/1/8O-r3OvYdcZoKV4QClpMa1r41cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1ee7af-7f61-4dc9-bc3e-b4e5cad0dc52/1/C6v7Z6CXU4TvuLe3yoB_cU91-Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.54.0/24
Signature Algorithm: sha256WithRSAEncryption
29:56:3f:26:8c:45:65:af:f6:bb:27:40:01:58:81:0a:34:6a:
c7:a9:41:5e:a1:b0:c0:8a:f3:d3:6c:a8:65:f2:e0:e4:87:ef:
c8:63:1a:1e:3a:3f:d4:da:8f:f3:a2:34:fa:b4:07:01:d0:69:
fa:d1:77:e7:5e:e6:b5:3e:d0:09:f2:8f:0f:9a:23:18:41:db:
19:3b:1b:67:ca:9e:47:17:55:1b:a6:e5:72:10:e8:22:a5:53:
5a:6f:2f:ff:38:72:c5:60:7d:7f:3d:0a:85:9e:39:f2:d5:24:
0f:99:a2:58:42:81:ca:89:cb:48:e4:f9:1e:6b:01:01:1c:ff:
0b:4c:b2:1d:1e:76:2b:cb:6d:66:00:6d:9c:c7:df:d6:e4:37:
12:a7:af:8a:df:1d:46:b5:d2:f3:f3:b1:93:fb:ca:ed:9c:ec:
8e:b1:e2:8b:33:4b:a7:dd:81:3a:c8:4c:1a:bd:24:73:d1:dd:
80:43:a1:12:d6:e9:b8:5d:b4:9c:ad:16:7c:80:ef:bc:59:54:
07:da:d1:fc:4c:51:e9:34:7e:fd:09:34:bd:af:cb:ae:b2:e3:
78:fb:ee:64:2c:db:d3:39:38:b3:e6:a5:23:1f:f4:95:b4:41:
4d:2f:dc:0b:0b:11:a9:42:d5:7b:58:f4:54:f9:48:8b:b3:6f:
8d:85:7c:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmOaOft6x7FEKWpREaVgwF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWJmYjY3YTA5NzUzODRlZmI4YjdiN2NhODA3ZjcxNGY3
NWY4NGEwHhcNMjMwNzI1MTg1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGVmYWJkY2ViZDg3NWM2NjgyOTVlMTAwYTVhNGM2YjVhZjhkNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp4kTSK5TJFBmRep0QtJkhBYgjeB
/4v2OmbbqsxRI1L3yGo1ZbKx4D2r7W6vIFvUr966PYXJ1VXIUaPt7RJDIAGHZiQU
6ofxV3hZqstQK0UVxd2vDiKiVycwopilf+8j2/17V/n/g4btFlqFGf9xuNjQfBLB
RMX5GKVKouhRm3SlKVDiVUniGXHMuXaLpICyFuejr4ehmO5ZqQJ6hN72snS7Qfvc
wzjIIadJoOfWYXWZSFq/b1MVh9codpvhLi4x/n4n7tXTDfEXcEKeymXDH3DwWdsY
8k9XaI7AolKlS9OMsJ5coRypEwPiWefjUWqhmXcpcfx5KHhhAVEegpHCNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDvq9zr2HXGaCleEApaTGta+NXIMB8GA1UdIwQY
MBaAFAur+2egl1OE77i3t8qAf3FPdfhKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ2N1o2Q1hVNFR2dUxlM3lvQl9jVTkxLUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xZWU3YWYtN2Y2MS00ZGM5LWJjM2Ut
YjRlNWNhZDBkYzUyLzEvOE8tcjNPdllkY1pvS1Y0UUNscE1hMXI0MWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xZWU3YWYtN2Y2MS00ZGM5LWJjM2UtYjRlNWNhZDBkYzUy
LzEvQzZ2N1o2Q1hVNFR2dUxlM3lvQl9jVTkxLUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZk2MA0G
CSqGSIb3DQEBCwUAA4IBAQApVj8mjEVlr/a7J0ABWIEKNGrHqUFeobDAivPTbKhl
8uDkh+/IYxoeOj/U2o/zojT6tAcB0Gn60XfnXua1PtAJ8o8PmiMYQdsZOxtnyp5H
F1UbpuVyEOgipVNaby//OHLFYH1/PQqFnjny1SQPmaJYQoHKictI5PkeawEBHP8L
TLIdHnYry21mAG2cx9/W5DcSp6+K3x1GtdLz87GT+8rtnOyOseKLM0un3YE6yEwa
vSRz0d2AQ6ES1um4XbScrRZ8gO+8WVQH2tH8TFHpNH79CTS9r8uusuN4++5kLNvT
OTiz5qUjH/SVtEFNL9wLCxGpQtV7WPRU+UiLs2+NhXyd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:44 2025 by rpki-client