Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PU0vRK_h4I-mzWu-HZ66qcobUDM.roa
File: PU0vRK_h4I-mzWu-HZ66qcobUDM.roa (raw, json)
Hash identifier: ISeFozxcA3hyZHUtCBJQAo85DCEqqmR+qCQsqINvTWw=
Subject key identifier: 3D:4D:2F:44:AF:E1:E0:8F:A6:CD:6B:BE:1D:9E:BA:A9:CA:1B:50:33
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD52B16DD5911CB2BC6E5FA4E466A95
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PU0vRK_h4I-mzWu-HZ66qcobUDM.roa
Signing time: Mon 02 Jan 2023 00:15:19 +0000
ROA not before: Mon 02 Jan 2023 00:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50637
IP address blocks: 188.212.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:2b:16:dd:59:11:cb:2b:c6:e5:fa:4e:46:6a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d4d2f44afe1e08fa6cd6bbe1d9ebaa9ca1b5033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a2:c4:8d:73:b1:40:c1:ad:18:37:14:99:3d:
5c:18:d3:55:76:88:ba:fb:25:e4:41:f3:16:86:b6:
10:8d:bc:b3:2b:45:f5:a8:5d:80:bb:ab:67:0a:9f:
3b:10:95:bf:57:76:39:a8:d8:eb:a9:55:e1:d3:d2:
8d:02:b9:58:52:38:06:0c:e0:94:a9:22:1a:c2:13:
b7:1b:3d:fa:e3:d2:18:ad:18:7d:6c:d5:c7:fb:78:
a7:27:8c:e5:88:83:22:16:5b:58:1d:d1:e7:1e:bf:
d9:cb:c0:c6:27:fd:92:5b:e0:37:97:04:3d:2c:13:
dd:65:85:62:a8:9f:5b:4f:a8:db:ce:49:db:f9:4d:
3f:97:38:f6:52:02:cb:b2:2d:bc:f0:de:2d:05:69:
6b:ba:bc:29:0e:5c:46:64:bb:5a:57:cf:2a:f9:c4:
66:0c:96:b7:f1:03:c5:7b:08:7c:e4:84:c1:3f:11:
0f:ae:85:91:d9:41:d6:52:3b:38:b4:91:69:f9:b3:
4a:57:70:8f:43:f0:57:a2:17:ec:f5:74:3d:0d:f4:
7d:7c:96:13:86:33:b2:6d:7f:c5:bd:47:d3:6b:bb:
0c:b4:a4:43:94:8e:77:46:ae:35:a3:2a:86:b1:9d:
77:a4:a2:36:7e:a8:2e:30:5a:ca:ea:1e:82:24:ac:
f0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4D:2F:44:AF:E1:E0:8F:A6:CD:6B:BE:1D:9E:BA:A9:CA:1B:50:33
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PU0vRK_h4I-mzWu-HZ66qcobUDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.212.130.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:e6:e1:12:0e:ae:f1:74:3e:5a:e3:92:d5:07:d8:b9:93:ad:
78:89:94:43:79:ae:ab:5e:29:73:7c:d4:51:99:8f:c8:ce:7f:
56:9b:04:24:f4:ff:e5:33:c4:01:a3:fe:b6:e1:90:de:25:f1:
e2:00:6e:62:45:27:5b:1c:73:50:df:b2:bd:25:d0:5c:bd:ff:
38:da:46:45:c2:f3:68:e8:1c:f5:65:e1:48:5e:63:50:1a:a6:
87:31:b9:2e:cf:0d:db:f6:d8:f1:1a:7a:26:2d:6b:66:aa:e7:
73:e7:37:3a:52:b6:87:3c:46:be:f4:53:c4:fb:3e:93:fb:be:
75:86:42:a2:8b:84:40:44:e5:57:32:2f:e0:05:c6:2c:4c:ac:
7c:79:41:e6:6b:ca:48:54:da:93:4b:8e:7f:48:3a:0a:b9:09:
47:40:a6:88:c5:8f:6a:26:5d:62:45:8d:cc:bc:73:a4:1b:da:
1d:10:4d:64:b7:6f:4c:4d:eb:61:e4:cb:b7:23:b4:0a:de:ad:
ee:da:77:04:31:9c:40:ef:5c:52:8f:16:65:4c:64:d7:3f:83:
57:94:3e:9f:f4:6d:b3:c3:d1:81:96:ea:42:ad:f6:bc:13:16:
2e:91:49:e8:fc:58:e9:d0:61:b9:d3:a2:84:53:b5:2a:0e:d9:
a8:4e:97:33
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1SsW3VkRyyvG5fpORmqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRkMmY0NGFmZTFlMDhmYTZjZDZiYmUxZDllYmFhOWNhMWI1MDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKLEjXOxQMGtGDcUmT1cGNNVdoi6
+yXkQfMWhrYQjbyzK0X1qF2Au6tnCp87EJW/V3Y5qNjrqVXh09KNArlYUjgGDOCU
qSIawhO3Gz3649IYrRh9bNXH+3inJ4zliIMiFltYHdHnHr/Zy8DGJ/2SW+A3lwQ9
LBPdZYViqJ9bT6jbzknb+U0/lzj2UgLLsi288N4tBWlrurwpDlxGZLtaV88q+cRm
DJa38QPFewh85ITBPxEProWR2UHWUjs4tJFp+bNKV3CPQ/BXohfs9XQ9DfR9fJYT
hjOybX/FvUfTa7sMtKRDlI53Rq41oyqGsZ13pKI2fqguMFrK6h6CJKzwQQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD1NL0Sv4eCPps1rvh2euqnKG1AzMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1BVMHZSS19oNEktbXpXdS1IWjY2cWNvYlVETS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC81IIw
DQYJKoZIhvcNAQELBQADggEBAMjm4RIOrvF0PlrjktUH2LmTrXiJlEN5rqteKXN8
1FGZj8jOf1abBCT0/+UzxAGj/rbhkN4l8eIAbmJFJ1scc1Dfsr0l0Fy9/zjaRkXC
82joHPVl4UheY1AapocxuS7PDdv22PEaeiYta2aq53PnNzpStoc8Rr70U8T7PpP7
vnWGQqKLhEBE5VcyL+AFxixMrHx5QeZrykhU2pNLjn9IOgq5CUdApojFj2omXWJF
jcy8c6Qb2h0QTWS3b0xN62Hky7cjtArere7adwQxnEDvXFKPFmVMZNc/g1eUPp/0
bbPD0YGW6kKt9rwTFi6RSej8WOnQYbnTooRTtSoO2ahOlzM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:46 2025 by rpki-client