Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/rSumd6yljqqrV6D2RDYzR5IQ_SI.roa
File: rSumd6yljqqrV6D2RDYzR5IQ_SI.roa (raw, json)
Hash identifier: J3ZonEjP/9ooTLQEVgBukx57TlzQA0yu5cxKqXcK3O4=
Subject key identifier: AD:2B:A6:77:AC:A5:8E:AA:AB:57:A0:F6:44:36:33:47:92:10:FD:22
Certificate issuer: /CN=afa51165aa5036acda11fee0020e34fcc439ede6
Certificate serial: 0183793EE450EC871612345F0739409D17FA
Authority key identifier: AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/rSumd6yljqqrV6D2RDYzR5IQ_SI.roa
Signing time: Mon 26 Sep 2022 10:01:48 +0000
ROA not before: Mon 26 Sep 2022 10:01:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25504
IP address blocks: 185.90.232.0/22 maxlen: 22
158.58.144.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:79:3e:e4:50:ec:87:16:12:34:5f:07:39:40:9d:17:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa51165aa5036acda11fee0020e34fcc439ede6
Validity
Not Before: Sep 26 10:01:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad2ba677aca58eaaab57a0f6443633479210fd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:f1:c9:e6:8b:21:78:d7:a3:de:60:49:3b:
6e:6e:b7:63:e4:2a:09:11:d2:f8:b4:94:f2:37:bd:
d7:9b:57:32:66:01:7c:df:f9:10:55:c3:59:3f:62:
9f:d1:78:b7:e3:20:b3:cc:5b:4e:ef:21:4f:50:f2:
13:b1:a1:dc:e6:ab:65:08:1b:71:8d:a1:79:b2:37:
71:98:1e:a6:ce:97:ec:5b:08:3e:e9:e5:3f:fa:18:
12:6d:81:30:f7:61:6e:32:f4:96:87:eb:8c:7e:10:
58:b2:36:aa:54:3a:05:df:92:ec:3a:f1:bf:46:18:
5d:aa:fc:98:a3:11:66:96:d4:c4:06:08:66:ac:ef:
5a:70:06:91:c8:5d:12:76:44:e0:47:02:e0:96:72:
e4:53:8c:0e:06:95:35:65:be:85:02:cc:d3:17:10:
d9:78:57:7d:66:7f:21:1d:f8:36:11:9c:c5:8f:4a:
eb:56:a3:9c:8c:21:65:db:ab:f1:8d:05:7e:01:cc:
92:7e:42:01:6d:38:83:66:93:5c:d3:e9:9e:02:ef:
39:34:ef:37:ab:c0:13:d7:cc:09:01:49:9e:bc:b1:
9a:a3:c1:d5:4d:93:6a:e0:57:77:a4:8d:b8:d2:cf:
aa:78:31:56:98:f8:73:21:6b:b4:4a:eb:5a:62:1e:
50:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:2B:A6:77:AC:A5:8E:AA:AB:57:A0:F6:44:36:33:47:92:10:FD:22
X509v3 Authority Key Identifier:
keyid:AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/rSumd6yljqqrV6D2RDYzR5IQ_SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/r6URZapQNqzaEf7gAg40_MQ57eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.58.144.0/21
185.90.232.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:90:70:0b:e5:07:81:a8:47:ef:af:4a:4c:24:bd:fe:60:56:
fb:de:c2:04:e1:ec:a2:08:88:71:48:d4:69:07:0f:31:f7:a3:
25:32:fc:09:31:57:18:78:5c:96:6c:f8:e4:96:6c:64:4f:68:
66:da:78:40:91:8a:35:1e:9a:cc:f6:a1:63:1f:40:e4:3c:e9:
f6:4b:44:c2:cb:22:0d:db:b7:d3:0d:e6:f1:d6:91:f6:72:b4:
a3:13:dc:ec:ca:81:05:9d:03:9e:50:8a:0e:47:3b:e0:19:11:
43:c1:7e:94:bd:63:8c:e3:4a:ab:6b:d3:0a:82:d0:13:49:0b:
23:da:9d:cf:88:f5:0c:55:ab:36:4c:80:20:2b:34:8d:22:18:
d4:9b:68:b8:09:91:d5:13:32:a5:1b:7c:b1:de:e2:6b:64:36:
90:16:55:eb:e0:94:f5:08:d5:e5:0f:4c:9a:e5:51:58:aa:67:
c6:4d:2b:72:47:54:93:00:05:4c:f7:ee:6f:dd:b0:95:88:db:
7e:06:da:d3:c9:05:71:b0:d8:1c:e4:1d:f9:8e:6a:96:65:ba:
6a:b2:94:a4:c1:dc:d0:a2:27:cb:6c:8c:79:0e:61:4a:ad:60:
1a:df:d7:91:18:81:3e:20:58:81:31:dd:c5:78:6a:89:e1:18:
fc:4f:c4:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYN5PuRQ7IcWEjRfBzlAnRf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTUxMTY1YWE1MDM2YWNkYTExZmVlMDAyMGUzNGZjYzQz
OWVkZTYwHhcNMjIwOTI2MTAwMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDJiYTY3N2FjYTU4ZWFhYWI1N2EwZjY0NDM2MzM0NzkyMTBmZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSbxyeaLIXjXo95gSTtubrdj5CoJ
EdL4tJTyN73Xm1cyZgF83/kQVcNZP2Kf0Xi34yCzzFtO7yFPUPITsaHc5qtlCBtx
jaF5sjdxmB6mzpfsWwg+6eU/+hgSbYEw92FuMvSWh+uMfhBYsjaqVDoF35LsOvG/
RhhdqvyYoxFmltTEBghmrO9acAaRyF0SdkTgRwLglnLkU4wOBpU1Zb6FAszTFxDZ
eFd9Zn8hHfg2EZzFj0rrVqOcjCFl26vxjQV+AcySfkIBbTiDZpNc0+meAu85NO83
q8AT18wJAUmevLGao8HVTZNq4Fd3pI240s+qeDFWmPhzIWu0SutaYh5Q4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK0rpnespY6qq1eg9kQ2M0eSEP0iMB8GA1UdIwQY
MBaAFK+lEWWqUDas2hH+4AIONPzEOe3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2It
YTc3NmU0YTYzZTZmLzEvclN1bWQ2eWxqcXFyVjZEMlJEWXpSNUlRX1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2ItYTc3NmU0YTYzZTZm
LzEvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnjqQAwQC
uVroMA0GCSqGSIb3DQEBCwUAA4IBAQCrkHAL5QeBqEfvr0pMJL3+YFb73sIE4eyi
CIhxSNRpBw8x96MlMvwJMVcYeFyWbPjklmxkT2hm2nhAkYo1HprM9qFjH0DkPOn2
S0TCyyIN27fTDebx1pH2crSjE9zsyoEFnQOeUIoORzvgGRFDwX6UvWOM40qra9MK
gtATSQsj2p3PiPUMVas2TIAgKzSNIhjUm2i4CZHVEzKlG3yx3uJrZDaQFlXr4JT1
CNXlD0ya5VFYqmfGTStyR1STAAVM9+5v3bCViNt+BtrTyQVxsNgc5B35jmqWZbpq
spSkwdzQoifLbIx5DmFKrWAa39eRGIE+IFiBMd3FeGqJ4Rj8T8SM
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:48 2025 by rpki-client