Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/oRkF0G5RcNzBdHLzXAvKpuh5CIE.roa
File: oRkF0G5RcNzBdHLzXAvKpuh5CIE.roa (raw, json)
Hash identifier: cp0kNbil+d9XL7Hu+f7u6UOerzgTC5JQaryh+ahFfFM=
Subject key identifier: A1:19:05:D0:6E:51:70:DC:C1:74:72:F3:5C:0B:CA:A6:E8:79:08:81
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 0185EDDAF4951A117A75ABB85328FD2571FC
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/oRkF0G5RcNzBdHLzXAvKpuh5CIE.roa
Signing time: Thu 26 Jan 2023 11:33:47 +0000
ROA not before: Thu 26 Jan 2023 11:33:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203560
IP address blocks: 178.21.145.0/24 maxlen: 24
178.21.144.0/24 maxlen: 24
178.21.146.0/24 maxlen: 24
178.21.147.0/24 maxlen: 24
2a02:2c0:1::/48 maxlen: 48
2a02:2c0:2::/48 maxlen: 48
2a02:2c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:da:f4:95:1a:11:7a:75:ab:b8:53:28:fd:25:71:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Jan 26 11:33:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a11905d06e5170dcc17472f35c0bcaa6e8790881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:75:5e:5c:26:df:08:ea:37:58:01:cf:05:ba:
a8:3d:a7:c2:74:f7:88:62:ce:50:58:63:de:26:a9:
bf:7e:44:95:0f:31:b3:c7:39:be:81:20:4d:b0:9e:
ec:c4:8f:79:88:fe:04:d9:87:72:b5:18:5c:73:d4:
15:f5:ba:41:bd:78:a6:48:62:d9:ad:4f:64:90:74:
9e:c4:bc:e0:dd:96:ba:be:58:a5:54:00:b0:8e:a8:
8b:53:99:9a:a9:ed:ad:54:17:9b:52:12:ca:43:8d:
d5:cc:06:c0:52:3c:53:06:12:ac:c1:a0:63:02:a7:
38:90:05:d8:74:da:f9:b9:22:8e:13:5b:96:5b:6f:
fe:15:87:85:78:34:95:09:a2:74:9b:9c:dc:cc:c3:
6f:bb:05:7b:31:80:f5:8d:35:4e:63:57:bc:db:0e:
42:0f:78:da:00:da:6d:df:45:46:e1:2d:04:42:20:
6e:45:5a:9f:75:2e:2d:07:34:cb:2c:f7:62:a4:94:
ed:fa:2e:5a:72:23:e6:7e:f4:45:4a:ba:8d:de:6d:
da:00:7d:84:c7:49:33:98:2e:fe:40:20:3e:f7:a4:
a6:66:26:04:27:08:c7:02:78:25:fb:f6:18:a8:86:
a3:78:1c:cb:67:13:ad:d6:05:79:3d:6a:db:89:81:
8a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:19:05:D0:6E:51:70:DC:C1:74:72:F3:5C:0B:CA:A6:E8:79:08:81
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/oRkF0G5RcNzBdHLzXAvKpuh5CIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0/22
IPv6:
2a02:2c0::-2a02:2c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3b:72:cc:d9:c8:a4:3a:ad:c0:1e:10:82:6e:81:eb:27:c9:25:
96:12:3e:74:40:61:ce:e1:2a:27:6a:98:51:62:fa:34:0b:25:
37:f9:4c:0c:71:cd:c3:af:f0:28:94:fc:0e:fd:a9:25:87:e2:
91:8c:a2:b6:b6:0b:f0:24:91:89:1d:98:76:3e:7c:86:75:78:
1f:93:ba:e2:67:d0:de:b0:8d:0e:85:2b:9c:b7:69:60:18:61:
8d:ae:36:cc:14:f7:e2:d0:a4:5d:4c:ec:96:4c:e4:70:ea:cc:
54:00:e6:bc:ab:a3:8d:61:9e:fd:05:8f:49:b3:b8:12:8b:b9:
9d:58:cb:4b:a9:bf:28:25:da:36:dc:54:40:d1:f8:35:8c:df:
81:30:c0:bd:d6:fb:ea:9e:45:3a:68:98:9a:ca:d4:6f:41:00:
7c:61:00:ec:87:cf:b7:a6:85:0c:1f:f8:15:bc:42:61:45:e1:
75:df:2d:5c:eb:39:06:67:2b:39:a6:b4:de:cc:fc:63:74:87:
76:d1:e5:44:4c:a1:31:19:0c:31:1d:4a:a2:ca:ff:65:8a:36:
92:66:64:6d:60:dc:ae:75:6d:5e:d6:e9:26:40:0c:4a:6a:5b:
9d:a3:62:0f:1e:71:27:fa:1c:0d:c9:49:30:dc:01:29:7c:30:
6e:1e:f8:30
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYXt2vSVGhF6dau4Uyj9JXH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjMwMTI2MTEzMzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTE5MDVkMDZlNTE3MGRjYzE3NDcyZjM1YzBiY2FhNmU4NzkwODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznVeXCbfCOo3WAHPBbqoPafCdPeI
Ys5QWGPeJqm/fkSVDzGzxzm+gSBNsJ7sxI95iP4E2YdytRhcc9QV9bpBvXimSGLZ
rU9kkHSexLzg3Za6vlilVACwjqiLU5maqe2tVBebUhLKQ43VzAbAUjxTBhKswaBj
Aqc4kAXYdNr5uSKOE1uWW2/+FYeFeDSVCaJ0m5zczMNvuwV7MYD1jTVOY1e82w5C
D3jaANpt30VG4S0EQiBuRVqfdS4tBzTLLPdipJTt+i5aciPmfvRFSrqN3m3aAH2E
x0kzmC7+QCA+96SmZiYEJwjHAngl+/YYqIajeBzLZxOt1gV5PWrbiYGK2QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKEZBdBuUXDcwXRy81wLyqboeQiBMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvb1JrRjBHNVJjTnpCZEhMelhBdktwdWg1Q0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCshWQMBgE
AgACMBIwEAMFBioCAsADBwAqAgLAAAIwDQYJKoZIhvcNAQELBQADggEBADtyzNnI
pDqtwB4Qgm6B6yfJJZYSPnRAYc7hKidqmFFi+jQLJTf5TAxxzcOv8CiU/A79qSWH
4pGMora2C/AkkYkdmHY+fIZ1eB+TuuJn0N6wjQ6FK5y3aWAYYY2uNswU9+LQpF1M
7JZM5HDqzFQA5ryro41hnv0Fj0mzuBKLuZ1Yy0upvygl2jbcVEDR+DWM34EwwL3W
++qeRTpomJrK1G9BAHxhAOyHz7emhQwf+BW8QmFF4XXfLVzrOQZnKzmmtN7M/GN0
h3bR5URMoTEZDDEdSqLK/2WKNpJmZG1g3K51bV7W6SZADEpqW52jYg8ecSf6HA3J
STDcASl8MG4e+DA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:22 2025 by rpki-client