Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/557548-d39e-44e0-b7ae-3fb05a0986e7/1/i8A4Ochf2Ly_TslJtg2UYlrrx24.roa
File: i8A4Ochf2Ly_TslJtg2UYlrrx24.roa (raw, json)
Hash identifier: GZHMIk0ptRXGJ8fxrFbLV1jm7ya+l4YyI7FoDxTnQAY=
Subject key identifier: 8B:C0:38:39:C8:5F:D8:BC:BF:4E:C9:49:B6:0D:94:62:5A:EB:C7:6E
Certificate issuer: /CN=797bce98c8e3a5d2f75623e6f232f3cfcdbb52ba
Certificate serial: 01856DD41A923BEF4D3F8C04F40618AF18D3
Authority key identifier: 79:7B:CE:98:C8:E3:A5:D2:F7:56:23:E6:F2:32:F3:CF:CD:BB:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXvOmMjjpdL3ViPm8jLzz827Uro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/557548-d39e-44e0-b7ae-3fb05a0986e7/1/i8A4Ochf2Ly_TslJtg2UYlrrx24.roa
Signing time: Sun 01 Jan 2023 14:54:55 +0000
ROA not before: Sun 01 Jan 2023 14:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16019
IP address blocks: 185.13.87.0/24 maxlen: 24
2a10:1d00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:1a:92:3b:ef:4d:3f:8c:04:f4:06:18:af:18:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=797bce98c8e3a5d2f75623e6f232f3cfcdbb52ba
Validity
Not Before: Jan 1 14:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bc03839c85fd8bcbf4ec949b60d94625aebc76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d1:80:13:5b:a2:54:14:8c:84:7c:e9:6e:d5:
1c:5b:79:f0:8f:d3:4c:f5:81:de:ca:f9:6a:09:be:
35:cc:2e:e4:c4:7a:b9:c3:fa:18:05:2c:0e:e5:5d:
e9:b3:f8:f8:a6:6e:19:83:3c:fd:e2:f3:10:6f:cb:
4b:fd:b6:2e:88:25:76:10:ec:31:ab:21:29:8e:6d:
1a:fe:8a:df:35:0a:0a:2b:f4:95:b4:08:85:2d:5c:
05:60:9d:23:50:27:ae:d4:4e:be:97:1b:e7:86:03:
4a:ea:33:b6:48:6d:6d:54:a0:79:9d:93:4d:2f:72:
fa:c5:54:cb:80:22:ed:5f:59:42:9e:96:e0:29:c1:
ee:f8:c0:82:d2:ca:8b:85:7d:70:51:14:3a:9e:5f:
89:a8:a9:7c:a7:b9:c6:ee:7f:93:60:e8:f5:3d:32:
79:f2:8e:a6:d5:5b:b2:6f:e6:8c:5e:da:10:cc:0d:
46:7b:11:72:9a:38:d4:4e:d3:22:b1:6e:86:66:be:
f5:4b:a1:87:87:61:16:25:8e:fd:4c:d8:5b:13:1c:
05:de:fe:fd:1c:60:e3:20:59:a4:d4:d8:9f:79:aa:
61:bd:84:b8:55:6a:a2:ce:31:7c:28:79:0d:14:9e:
25:c2:90:63:df:79:7b:e5:8d:3c:a8:b3:7b:60:d3:
8b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C0:38:39:C8:5F:D8:BC:BF:4E:C9:49:B6:0D:94:62:5A:EB:C7:6E
X509v3 Authority Key Identifier:
keyid:79:7B:CE:98:C8:E3:A5:D2:F7:56:23:E6:F2:32:F3:CF:CD:BB:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXvOmMjjpdL3ViPm8jLzz827Uro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/557548-d39e-44e0-b7ae-3fb05a0986e7/1/i8A4Ochf2Ly_TslJtg2UYlrrx24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/557548-d39e-44e0-b7ae-3fb05a0986e7/1/eXvOmMjjpdL3ViPm8jLzz827Uro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.87.0/24
IPv6:
2a10:1d00::/32
Signature Algorithm: sha256WithRSAEncryption
19:60:e4:39:5e:33:ce:72:70:b8:20:21:68:f9:e8:b1:98:83:
ca:e0:1e:41:5c:a9:6b:90:a1:e0:50:e5:c0:bc:5e:f5:83:21:
7c:04:a7:8c:a2:ee:9f:c2:c1:1a:b3:6b:34:26:4b:6c:64:24:
e6:b1:f4:f3:93:a4:fe:27:5e:8f:fc:7b:38:32:98:46:28:20:
8f:d4:6f:2c:58:ac:f8:7d:a3:bd:50:41:29:52:bf:c5:73:2c:
79:0b:53:cc:45:86:fb:f1:0d:83:a5:6a:8b:5f:08:d6:50:f8:
0f:57:96:c4:d4:05:16:f2:03:50:c6:e4:6d:23:87:0d:61:7f:
e9:01:57:d1:af:db:c0:af:64:43:f5:dc:95:0c:ff:9f:64:42:
f8:e9:93:ad:8a:72:1f:ea:07:0d:fb:be:35:8b:ea:5a:1c:6e:
d4:4b:dd:4b:ef:0e:cc:9f:02:82:6e:56:f8:b3:da:4d:77:d6:
f3:26:cc:ce:9f:56:b6:f5:25:32:9c:3a:98:55:ef:cd:d7:97:
78:74:a1:bb:58:dc:0a:5d:7b:47:55:b6:0a:38:d0:4e:9d:e9:
02:94:0d:c9:1a:4a:47:b9:04:8c:f9:4c:0d:c2:d7:b5:f1:8d:
08:3f:79:95:54:e0:1a:ab:82:a6:68:62:b5:5a:9f:72:bd:f7:
3a:a8:07:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt1BqSO+9NP4wE9AYYrxjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5N2JjZTk4YzhlM2E1ZDJmNzU2MjNlNmYyMzJmM2NmY2Ri
YjUyYmEwHhcNMjMwMTAxMTQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmMwMzgzOWM4NWZkOGJjYmY0ZWM5NDliNjBkOTQ2MjVhZWJjNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdGAE1uiVBSMhHzpbtUcW3nwj9NM
9YHeyvlqCb41zC7kxHq5w/oYBSwO5V3ps/j4pm4Zgzz94vMQb8tL/bYuiCV2EOwx
qyEpjm0a/orfNQoKK/SVtAiFLVwFYJ0jUCeu1E6+lxvnhgNK6jO2SG1tVKB5nZNN
L3L6xVTLgCLtX1lCnpbgKcHu+MCC0sqLhX1wURQ6nl+JqKl8p7nG7n+TYOj1PTJ5
8o6m1Vuyb+aMXtoQzA1GexFymjjUTtMisW6GZr71S6GHh2EWJY79TNhbExwF3v79
HGDjIFmk1NifeaphvYS4VWqizjF8KHkNFJ4lwpBj33l75Y08qLN7YNOLkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIvAODnIX9i8v07JSbYNlGJa68duMB8GA1UdIwQY
MBaAFHl7zpjI46XS91Yj5vIy88/Nu1K6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVh2T21NampwZEwzVmlQbThqTHp6ODI3VXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NTc1NDgtZDM5ZS00NGUwLWI3YWUt
M2ZiMDVhMDk4NmU3LzEvaThBNE9jaGYyTHlfVHNsSnRnMlVZbHJyeDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NTc1NDgtZDM5ZS00NGUwLWI3YWUtM2ZiMDVhMDk4NmU3
LzEvZVh2T21NampwZEwzVmlQbThqTHp6ODI3VXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuQ1XMA0E
AgACMAcDBQAqEB0AMA0GCSqGSIb3DQEBCwUAA4IBAQAZYOQ5XjPOcnC4ICFo+eix
mIPK4B5BXKlrkKHgUOXAvF71gyF8BKeMou6fwsEas2s0JktsZCTmsfTzk6T+J16P
/Hs4MphGKCCP1G8sWKz4faO9UEEpUr/Fcyx5C1PMRYb78Q2DpWqLXwjWUPgPV5bE
1AUW8gNQxuRtI4cNYX/pAVfRr9vAr2RD9dyVDP+fZEL46ZOtinIf6gcN+741i+pa
HG7US91L7w7MnwKCblb4s9pNd9bzJszOn1a29SUynDqYVe/N15d4dKG7WNwKXXtH
VbYKONBOnekClA3JGkpHuQSM+UwNwte18Y0IP3mVVOAaq4KmaGK1Wp9yvfc6qAeZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:49 2025 by rpki-client