Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/ha5bhUrf6qHiOQdo2__dQCDmLs8.roa
File: ha5bhUrf6qHiOQdo2__dQCDmLs8.roa (raw, json)
Hash identifier: fpU3+auaFL3uaKABXTiDAwb0xntgxooMPFXFJQtNF28=
Subject key identifier: 85:AE:5B:85:4A:DF:EA:A1:E2:39:07:68:DB:FF:DD:40:20:E6:2E:CF
Certificate issuer: /CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Certificate serial: 0184E1F0DB985F1AD810F8FC6F93D9939A08
Authority key identifier: CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/ha5bhUrf6qHiOQdo2__dQCDmLs8.roa
Signing time: Mon 05 Dec 2022 10:59:29 +0000
ROA not before: Mon 05 Dec 2022 10:59:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198012
IP address blocks: 178.255.24.0/21 maxlen: 21
2a13:4540::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:f0:db:98:5f:1a:d8:10:f8:fc:6f:93:d9:93:9a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Validity
Not Before: Dec 5 10:59:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85ae5b854adfeaa1e2390768dbffdd4020e62ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:49:be:69:16:93:b8:4e:47:1b:76:01:65:67:
47:01:2b:06:0c:c9:47:ca:07:2c:75:ea:40:cc:bd:
a5:18:7d:a8:d9:cd:34:31:c1:3c:2c:38:81:b0:da:
98:c5:62:e4:f9:5c:32:46:e0:8a:fc:d9:3f:84:d7:
9d:94:0d:bc:36:b0:a6:63:41:9f:7e:0f:a1:20:7d:
da:87:e8:56:88:c6:72:a3:4c:48:9e:f7:9b:19:21:
57:62:d7:60:b6:ef:36:60:d0:74:4b:28:1e:e1:0c:
4e:b4:05:25:8e:20:e1:e3:00:33:7d:a6:d1:81:91:
1c:18:17:4c:38:f6:72:9f:50:33:77:ea:ec:a0:19:
70:38:a8:88:48:ba:1e:d8:fc:1e:79:3b:ac:64:b3:
41:60:59:cd:51:f4:18:6d:26:06:12:ba:e4:81:f1:
00:c9:c0:9d:e2:2d:53:11:e5:e6:93:1c:dd:b1:72:
79:e8:60:4a:45:3f:f6:fe:ff:4f:f0:0b:c8:25:0a:
32:6b:8e:06:88:bb:9d:59:6e:99:62:68:6f:7b:46:
5a:00:f4:9f:08:60:63:7b:b0:c8:b3:a2:eb:41:2a:
c3:00:0a:23:2e:95:66:1a:6c:e0:66:29:1e:ec:17:
52:ee:a5:82:cf:00:f5:76:6c:de:3a:db:a4:f8:ed:
fb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AE:5B:85:4A:DF:EA:A1:E2:39:07:68:DB:FF:DD:40:20:E6:2E:CF
X509v3 Authority Key Identifier:
keyid:CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/ha5bhUrf6qHiOQdo2__dQCDmLs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/y2vyuJWE7JYIAEjcP9wuOYPCd_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.24.0/21
IPv6:
2a13:4540::/29
Signature Algorithm: sha256WithRSAEncryption
99:cb:00:cb:27:e1:ee:a1:2a:ce:5a:9a:8a:d5:3f:aa:1b:cc:
be:7a:8f:66:4f:1b:2f:24:66:6a:27:3a:96:ea:b7:a8:de:ef:
48:e7:cf:60:d9:78:c5:7f:6c:c1:1e:25:8a:ed:5b:db:c6:e4:
d6:27:c0:64:9e:00:80:42:99:f0:f6:d9:df:3b:7e:58:46:de:
98:ff:a2:5b:de:56:61:2a:99:96:74:ea:f0:d9:49:fb:6e:15:
aa:b9:1f:4d:d2:c4:ef:1f:b2:73:36:a7:64:0c:f6:17:88:c6:
d5:31:16:e2:e6:27:8c:40:60:a6:55:eb:9a:ef:17:8d:ab:16:
14:c7:cb:28:df:13:35:cd:74:f8:e5:ae:c9:eb:4c:40:68:03:
5f:e3:7a:f5:2e:fa:09:a0:77:3c:a3:2f:4b:d3:95:90:28:ec:
85:2e:d3:87:f1:7a:e8:45:28:f8:e9:1f:12:65:c4:57:8a:f2:
75:7d:cb:ec:06:3a:75:07:2a:db:fc:b2:6e:bb:aa:c6:7d:af:
47:ed:02:83:d0:b5:c6:32:8c:5c:12:2d:9a:68:4d:dc:c3:14:
87:78:65:20:8c:9e:ef:41:95:40:44:a7:fc:a8:a2:98:05:66:
e2:42:5c:0a:35:6b:4d:38:4c:2a:6c:b4:fb:83:f3:34:94:0f:
47:de:0a:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTh8NuYXxrYEPj8b5PZk5oIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNmJmMmI4OTU4NGVjOTYwODAwNDhkYzNmZGMyZTM5ODNj
Mjc3ZjMwHhcNMjIxMjA1MTA1OTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFlNWI4NTRhZGZlYWExZTIzOTA3NjhkYmZmZGQ0MDIwZTYyZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUm+aRaTuE5HG3YBZWdHASsGDMlH
ygcsdepAzL2lGH2o2c00McE8LDiBsNqYxWLk+VwyRuCK/Nk/hNedlA28NrCmY0Gf
fg+hIH3ah+hWiMZyo0xInvebGSFXYtdgtu82YNB0Syge4QxOtAUljiDh4wAzfabR
gZEcGBdMOPZyn1Azd+rsoBlwOKiISLoe2PweeTusZLNBYFnNUfQYbSYGErrkgfEA
ycCd4i1TEeXmkxzdsXJ56GBKRT/2/v9P8AvIJQoya44GiLudWW6ZYmhve0ZaAPSf
CGBje7DIs6LrQSrDAAojLpVmGmzgZike7BdS7qWCzwD1dmzeOtuk+O37twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIWuW4VK3+qh4jkHaNv/3UAg5i7PMB8GA1UdIwQY
MBaAFMtr8riVhOyWCABI3D/cLjmDwnfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2Qt
MTBmZGZjZTk0NTEzLzEvaGE1YmhVcmY2cUhpT1FkbzJfX2RRQ0RtTHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2QtMTBmZGZjZTk0NTEz
LzEveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsv8YMA0E
AgACMAcDBQMqE0VAMA0GCSqGSIb3DQEBCwUAA4IBAQCZywDLJ+HuoSrOWpqK1T+q
G8y+eo9mTxsvJGZqJzqW6reo3u9I589g2XjFf2zBHiWK7VvbxuTWJ8BkngCAQpnw
9tnfO35YRt6Y/6Jb3lZhKpmWdOrw2Un7bhWquR9N0sTvH7JzNqdkDPYXiMbVMRbi
5ieMQGCmVeua7xeNqxYUx8so3xM1zXT45a7J60xAaANf43r1LvoJoHc8oy9L05WQ
KOyFLtOH8XroRSj46R8SZcRXivJ1fcvsBjp1Byrb/LJuu6rGfa9H7QKD0LXGMoxc
Ei2aaE3cwxSHeGUgjJ7vQZVARKf8qKKYBWbiQlwKNWtNOEwqbLT7g/M0lA9H3grN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:44 2025 by rpki-client