Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/p-V7k1zJY4H30DNZVWYi6WfYQAc.roa
File: p-V7k1zJY4H30DNZVWYi6WfYQAc.roa (raw, json)
Hash identifier: H8ITg4sYiqOP6eO/352SvwsYkn8tpjrYv8Kf8E6wnPA=
Subject key identifier: A7:E5:7B:93:5C:C9:63:81:F7:D0:33:59:55:66:22:E9:67:D8:40:07
Certificate issuer: /CN=dcfa86863c55865700634e1135e617e4079af8b9
Certificate serial: 018570FBBC0CAD541E9EA8ACF2664101C089
Authority key identifier: DC:FA:86:86:3C:55:86:57:00:63:4E:11:35:E6:17:E4:07:9A:F8:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PqGhjxVhlcAY04RNeYX5Aea-Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/p-V7k1zJY4H30DNZVWYi6WfYQAc.roa
Signing time: Mon 02 Jan 2023 05:37:03 +0000
ROA not before: Mon 02 Jan 2023 05:37:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207280
IP address blocks: 83.136.223.0/24 maxlen: 32
2a10:f00::/48 maxlen: 128
2a10:f00:1::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:bc:0c:ad:54:1e:9e:a8:ac:f2:66:41:01:c0:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcfa86863c55865700634e1135e617e4079af8b9
Validity
Not Before: Jan 2 05:37:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7e57b935cc96381f7d03359556622e967d84007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:32:64:79:74:74:c8:11:17:17:82:d8:46:2a:
ff:fb:3e:1f:64:92:a8:24:18:ee:87:6d:50:06:76:
58:45:76:a3:eb:05:7f:be:b9:bd:36:5b:b3:11:f4:
95:5f:cf:e7:b2:bd:40:26:cb:ae:b6:6d:67:2b:a6:
ae:e2:dd:94:cf:83:c0:47:34:d0:83:03:72:ac:01:
ed:ca:bb:08:6b:08:56:28:e8:70:85:25:04:a3:cf:
c0:e2:d5:42:da:07:93:c5:51:b1:26:ce:4d:42:65:
73:ec:c2:5d:37:8d:bc:a3:18:ca:dd:98:ef:fb:7e:
08:1f:b0:bc:59:ad:0a:2b:33:21:f3:3d:fd:e8:0e:
57:0a:67:5c:9b:d0:cd:1f:39:4d:31:c0:ce:fb:79:
b6:c7:5b:f1:c0:94:22:76:5c:74:a9:de:ec:48:73:
5b:1e:d7:08:0e:e4:98:cb:fc:ac:7c:4f:06:36:af:
3e:6a:36:3b:5e:a0:5b:d6:41:cd:74:8b:fe:3a:4b:
3c:43:b7:3e:bb:0e:73:54:cd:7a:9e:fc:a0:3f:85:
7a:16:5b:08:98:5f:58:0f:7d:af:7d:31:3a:d7:b3:
65:2d:1a:32:c7:86:d7:d8:30:80:4e:7b:b6:84:3e:
8c:0f:78:17:08:ed:9d:0e:eb:5e:06:9d:0c:3e:d0:
25:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:E5:7B:93:5C:C9:63:81:F7:D0:33:59:55:66:22:E9:67:D8:40:07
X509v3 Authority Key Identifier:
keyid:DC:FA:86:86:3C:55:86:57:00:63:4E:11:35:E6:17:E4:07:9A:F8:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PqGhjxVhlcAY04RNeYX5Aea-Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/p-V7k1zJY4H30DNZVWYi6WfYQAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/3PqGhjxVhlcAY04RNeYX5Aea-Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.223.0/24
IPv6:
2a10:f00::/47
Signature Algorithm: sha256WithRSAEncryption
a8:6b:3c:dd:bd:ae:46:5a:f2:8b:ed:1e:84:a6:18:28:4e:7c:
7b:2b:d8:fe:ed:63:05:22:a6:1d:bb:a5:61:4b:b3:e0:36:49:
e0:a3:ce:25:3e:f2:f7:e0:28:0c:2c:52:d9:ff:2e:2b:c5:59:
b5:1c:38:6a:87:ca:31:2b:54:c1:ce:37:b5:f8:31:53:56:64:
51:c9:c9:9d:29:bf:49:1d:3a:18:39:0b:25:d5:3b:df:bf:30:
bb:94:d9:8b:5f:72:b2:5e:92:29:ea:90:a4:52:d4:f1:83:30:
e6:55:77:62:ce:dc:dd:9b:b7:ae:6d:bb:32:5e:6f:d5:ff:5e:
6f:77:90:3b:9b:99:62:6a:da:31:e8:8b:c2:49:31:f2:5c:e0:
5c:c6:88:60:b6:f2:c9:a0:c8:46:a2:12:51:1f:cb:af:60:b2:
b0:5f:f2:4e:ff:cd:7b:ae:cd:e1:0a:8f:55:d1:aa:97:f4:bb:
47:72:7c:32:76:7e:cf:c7:f9:6d:89:96:fe:70:a4:72:d6:e3:
9b:72:3e:b1:f2:d4:4e:ac:1a:22:f3:9e:b9:e4:7d:9d:d0:49:
60:f7:5b:dc:44:f5:95:4a:18:fb:d9:f2:53:e2:1a:47:be:b2:
01:4c:35:cb:07:ac:c4:21:76:83:59:a1:6b:1c:8f:30:1a:95:
de:35:db:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw+7wMrVQenqis8mZBAcCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZmE4Njg2M2M1NTg2NTcwMDYzNGUxMTM1ZTYxN2U0MDc5
YWY4YjkwHhcNMjMwMTAyMDUzNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2U1N2I5MzVjYzk2MzgxZjdkMDMzNTk1NTY2MjJlOTY3ZDg0MDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjJkeXR0yBEXF4LYRir/+z4fZJKo
JBjuh21QBnZYRXaj6wV/vrm9NluzEfSVX8/nsr1AJsuutm1nK6au4t2Uz4PARzTQ
gwNyrAHtyrsIawhWKOhwhSUEo8/A4tVC2geTxVGxJs5NQmVz7MJdN428oxjK3Zjv
+34IH7C8Wa0KKzMh8z396A5XCmdcm9DNHzlNMcDO+3m2x1vxwJQidlx0qd7sSHNb
HtcIDuSYy/ysfE8GNq8+ajY7XqBb1kHNdIv+Oks8Q7c+uw5zVM16nvygP4V6FlsI
mF9YD32vfTE617NlLRoyx4bX2DCATnu2hD6MD3gXCO2dDuteBp0MPtAlaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKfle5NcyWOB99AzWVVmIuln2EAHMB8GA1UdIwQY
MBaAFNz6hoY8VYZXAGNOETXmF+QHmvi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BxR2hqeFZobGNBWTA0Uk5lWVg1QWVhLUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83MDc2YTItMjk1Zi00NWVjLWI3Yzgt
YzVjOWM2ODliNzQ1LzEvcC1WN2sxekpZNEgzMEROWlZXWWk2V2ZZUUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83MDc2YTItMjk1Zi00NWVjLWI3YzgtYzVjOWM2ODliNzQ1
LzEvM1BxR2hqeFZobGNBWTA0Uk5lWVg1QWVhLUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAU4jfMA8E
AgACMAkDBwEqEA8AAAAwDQYJKoZIhvcNAQELBQADggEBAKhrPN29rkZa8ovtHoSm
GChOfHsr2P7tYwUiph27pWFLs+A2SeCjziU+8vfgKAwsUtn/LivFWbUcOGqHyjEr
VMHON7X4MVNWZFHJyZ0pv0kdOhg5CyXVO9+/MLuU2YtfcrJekinqkKRS1PGDMOZV
d2LO3N2bt65tuzJeb9X/Xm93kDubmWJq2jHoi8JJMfJc4FzGiGC28smgyEaiElEf
y69gsrBf8k7/zXuuzeEKj1XRqpf0u0dyfDJ2fs/H+W2Jlv5wpHLW45tyPrHy1E6s
GiLznrnkfZ3QSWD3W9xE9ZVKGPvZ8lPiGke+sgFMNcsHrMQhdoNZoWscjzAald41
2zw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:25 2025 by rpki-client