Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/a7SHlb8UprEGr2PHnotnurt7ep0.roa
File: a7SHlb8UprEGr2PHnotnurt7ep0.roa (raw, json)
Hash identifier: 550tiNyjMn/F+6JEqmir4Uc3/b/41HjfUgimXhJo3+A=
Subject key identifier: 6B:B4:87:95:BF:14:A6:B1:06:AF:63:C7:9E:8B:67:BA:BB:7B:7A:9D
Certificate issuer: /CN=d09da99a73ba7202418f73718932dc8d7c153e32
Certificate serial: 0186ABBB3EBF86742CE719D6F58EC42F46A9
Authority key identifier: D0:9D:A9:9A:73:BA:72:02:41:8F:73:71:89:32:DC:8D:7C:15:3E:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/a7SHlb8UprEGr2PHnotnurt7ep0.roa
Signing time: Sat 04 Mar 2023 08:27:00 +0000
ROA not before: Sat 04 Mar 2023 08:27:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198185
IP address blocks: 130.255.8.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ab:bb:3e:bf:86:74:2c:e7:19:d6:f5:8e:c4:2f:46:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d09da99a73ba7202418f73718932dc8d7c153e32
Validity
Not Before: Mar 4 08:27:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bb48795bf14a6b106af63c79e8b67babb7b7a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:da:82:05:63:57:83:83:4b:91:b7:ef:12:3b:
7e:cd:90:47:46:69:14:a6:e9:37:4c:88:96:86:17:
c1:dc:0b:ea:4c:7b:99:bb:52:b2:9e:ca:1d:26:65:
b6:cd:24:a1:97:55:e8:a0:16:97:2b:54:5d:ab:69:
6d:3d:b0:89:ca:86:fe:24:44:8f:f6:e5:e7:72:bd:
31:50:80:d2:cf:30:b8:54:a8:28:d6:c8:b8:21:8e:
2e:e4:d9:b0:8b:72:c4:e0:c6:1b:95:26:e2:c7:98:
8e:6b:f7:8a:b9:05:12:8f:e1:70:7a:a4:af:54:0c:
ed:34:b3:f7:06:bc:16:b7:57:ad:66:58:40:c7:49:
6b:57:a3:0a:70:cf:c1:a8:66:db:49:a9:22:da:02:
8f:50:6d:fb:0f:92:13:d0:65:6b:50:b6:64:a5:72:
d8:25:13:10:e0:bd:2c:98:8f:3b:25:6d:73:0f:2b:
77:be:3c:89:c3:a9:26:a2:43:17:33:a9:a1:e6:42:
4a:b5:f8:0a:0b:1c:64:74:fe:26:e8:48:98:d0:9a:
83:17:9a:8d:b2:8d:e8:81:a3:f1:ff:e9:62:6b:98:
3d:0f:17:67:50:a9:2c:a6:7f:74:94:d3:d0:27:dd:
dc:48:7d:d5:aa:af:b8:10:c1:db:60:f2:86:19:c1:
1b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B4:87:95:BF:14:A6:B1:06:AF:63:C7:9E:8B:67:BA:BB:7B:7A:9D
X509v3 Authority Key Identifier:
keyid:D0:9D:A9:9A:73:BA:72:02:41:8F:73:71:89:32:DC:8D:7C:15:3E:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/a7SHlb8UprEGr2PHnotnurt7ep0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/0J2pmnO6cgJBj3NxiTLcjXwVPjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.8.0/21
Signature Algorithm: sha256WithRSAEncryption
53:20:42:45:7d:e0:9e:59:02:10:91:6a:41:fd:9b:eb:a3:cc:
5b:d7:65:a3:85:50:58:f9:95:43:b2:7f:c2:78:c9:1e:69:00:
99:47:8b:ee:f9:b8:bf:83:45:a4:cb:53:3c:cd:10:71:65:f5:
40:3f:be:0b:87:09:c2:d0:de:fc:b2:44:4d:df:8a:07:da:57:
97:f9:2b:3e:21:8c:a4:db:5c:0a:17:75:39:e5:d6:63:0d:d2:
bd:7b:50:24:10:19:4a:11:85:0b:88:35:b8:b6:43:3b:e0:57:
83:58:a9:7d:4a:bc:a1:8b:cb:fb:59:ce:d9:4f:f0:21:75:28:
e6:bd:2b:43:ab:f2:dc:b1:ce:b3:67:02:12:8a:e4:90:45:7c:
be:a6:b6:59:dd:47:e1:04:f3:30:99:88:f2:57:e8:6a:e0:1b:
10:3a:1e:a7:80:53:e9:ea:17:08:d0:8a:43:5f:1d:d3:02:d6:
83:13:7e:5d:77:d6:35:96:23:9e:1d:a6:b3:34:b5:c1:13:53:
78:ae:60:c5:e4:54:50:f1:e8:ed:37:0e:db:84:a0:d9:81:66:
5b:9a:a2:49:97:d1:d8:43:53:98:68:92:ee:6d:6d:13:c9:0b:
63:8d:bc:7b:af:85:b2:bd:26:bd:49:60:c7:fa:35:32:fe:98:
3f:c7:3e:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaruz6/hnQs5xnW9Y7EL0apMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOWRhOTlhNzNiYTcyMDI0MThmNzM3MTg5MzJkYzhkN2Mx
NTNlMzIwHhcNMjMwMzA0MDgyNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmI0ODc5NWJmMTRhNmIxMDZhZjYzYzc5ZThiNjdiYWJiN2I3YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtqCBWNXg4NLkbfvEjt+zZBHRmkU
puk3TIiWhhfB3AvqTHuZu1KynsodJmW2zSShl1XooBaXK1Rdq2ltPbCJyob+JESP
9uXncr0xUIDSzzC4VKgo1si4IY4u5Nmwi3LE4MYblSbix5iOa/eKuQUSj+FweqSv
VAztNLP3BrwWt1etZlhAx0lrV6MKcM/BqGbbSaki2gKPUG37D5IT0GVrULZkpXLY
JRMQ4L0smI87JW1zDyt3vjyJw6kmokMXM6mh5kJKtfgKCxxkdP4m6EiY0JqDF5qN
so3ogaPx/+lia5g9DxdnUKkspn90lNPQJ93cSH3Vqq+4EMHbYPKGGcEbBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGu0h5W/FKaxBq9jx56LZ7q7e3qdMB8GA1UdIwQY
MBaAFNCdqZpzunICQY9zcYky3I18FT4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEoycG1uTzZjZ0pCajNOeGlUTGNqWHdWUGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC84YTJjZWQtODdhZS00MWVhLWIzYjAt
ZGNlYmY2MTk3ZTBlLzEvYTdTSGxiOFVwckVHcjJQSG5vdG51cnQ3ZXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC84YTJjZWQtODdhZS00MWVhLWIzYjAtZGNlYmY2MTk3ZTBl
LzEvMEoycG1uTzZjZ0pCajNOeGlUTGNqWHdWUGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDgv8IMA0G
CSqGSIb3DQEBCwUAA4IBAQBTIEJFfeCeWQIQkWpB/Zvro8xb12WjhVBY+ZVDsn/C
eMkeaQCZR4vu+bi/g0Wky1M8zRBxZfVAP74LhwnC0N78skRN34oH2leX+Ss+IYyk
21wKF3U55dZjDdK9e1AkEBlKEYULiDW4tkM74FeDWKl9Sryhi8v7Wc7ZT/AhdSjm
vStDq/Lcsc6zZwISiuSQRXy+prZZ3UfhBPMwmYjyV+hq4BsQOh6ngFPp6hcI0IpD
Xx3TAtaDE35dd9Y1liOeHaazNLXBE1N4rmDF5FRQ8ejtNw7bhKDZgWZbmqJJl9HY
Q1OYaJLubW0TyQtjjbx7r4WyvSa9SWDH+jUy/pg/xz6n
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:01 2025 by rpki-client