Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/82uN-ft9qkurmXUZmzXNbYs2QGs.roa
File: 82uN-ft9qkurmXUZmzXNbYs2QGs.roa (raw, json)
Hash identifier: HL3+ymDAmZDe/lpcKWBpRc68UhQAOsBwIaOrHr4DCNs=
Subject key identifier: F3:6B:8D:F9:FB:7D:AA:4B:AB:99:75:19:9B:35:CD:6D:8B:36:40:6B
Certificate issuer: /CN=8da03e0d020efc944c1eebdaee5427d365b70076
Certificate serial: 018B8A63294F9D09858E3A5EFD18DFCC08D5
Authority key identifier: 8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/82uN-ft9qkurmXUZmzXNbYs2QGs.roa
Signing time: Wed 01 Nov 2023 10:17:16 +0000
ROA not before: Wed 01 Nov 2023 10:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202561
IP address blocks: 198.145.119.0/24 maxlen: 24
109.224.242.0/24 maxlen: 24
185.200.36.0/22 maxlen: 24
198.145.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:63:29:4f:9d:09:85:8e:3a:5e:fd:18:df:cc:08:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da03e0d020efc944c1eebdaee5427d365b70076
Validity
Not Before: Nov 1 10:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f36b8df9fb7daa4bab9975199b35cd6d8b36406b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5d:dc:fb:9d:3f:e5:b7:5b:ff:dd:00:1d:a2:
1c:9c:1b:68:ce:b6:68:39:33:7c:36:ee:7c:69:ca:
1d:3f:c0:82:e5:3a:4d:0f:b8:b0:32:6c:50:34:7f:
24:5e:87:d0:3f:6a:d0:0d:92:d8:a8:2b:a7:d1:c5:
11:97:c6:34:11:d8:cc:9a:3d:8b:ea:62:f0:8d:be:
71:28:84:09:cd:ec:bb:5d:9e:45:9e:25:d3:88:e0:
d7:04:c7:79:e9:53:6b:d1:46:64:fd:65:ee:4b:f0:
e5:90:92:6a:a2:6b:f3:82:a1:8f:4d:01:7e:ff:f7:
13:92:5d:03:7e:ed:ae:8e:72:75:e9:37:01:30:6c:
93:1f:a4:be:25:5e:48:74:b0:50:d5:13:f9:6d:84:
5c:82:12:dd:ed:2f:68:8a:66:61:c9:14:7b:4d:43:
85:da:2e:83:12:2a:cb:95:ea:0b:1a:b3:07:7c:92:
d0:49:62:87:01:9a:98:2d:ea:c6:31:39:f8:89:25:
97:fb:26:7a:cb:14:43:09:7e:e1:e7:c6:4d:c6:d1:
25:71:25:70:cc:b9:3f:e1:4e:69:0d:4e:ff:54:02:
f7:6c:fe:02:29:11:7d:26:ed:7d:b2:a8:b6:30:49:
bf:fb:88:f2:dc:74:96:1a:07:5f:e3:96:84:5e:3c:
e9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6B:8D:F9:FB:7D:AA:4B:AB:99:75:19:9B:35:CD:6D:8B:36:40:6B
X509v3 Authority Key Identifier:
keyid:8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/82uN-ft9qkurmXUZmzXNbYs2QGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.242.0/24
185.200.36.0/22
198.145.118.0/23
Signature Algorithm: sha256WithRSAEncryption
73:78:6d:22:76:55:71:f1:12:f9:60:46:3a:b8:57:52:a2:f5:
33:f1:88:d7:d7:3d:ca:8a:ed:ec:08:96:c7:1e:b6:cd:13:59:
7a:e5:ae:23:ac:a1:0a:72:0f:2c:73:b5:27:4d:05:af:d5:39:
f2:b6:6c:c5:40:5e:9c:dd:fb:1d:4c:a6:d4:48:80:44:08:89:
6d:12:c1:e3:d5:4a:13:a6:91:1a:95:13:f2:e5:55:a0:ed:ab:
92:c6:7f:36:16:ee:3d:b6:a0:05:aa:f2:7e:ba:32:79:3b:45:
39:86:e4:04:01:58:f0:10:70:1d:4e:f3:2b:f8:3f:9f:44:68:
78:e1:92:f5:a5:75:56:12:81:71:2b:ba:f8:45:79:ed:07:9f:
58:1c:b2:03:35:4e:5c:6f:dd:06:3d:b3:98:a4:28:37:2c:61:
ef:c8:79:da:d1:69:fd:1b:d9:6a:df:93:d0:0a:e0:a2:5f:9c:
d7:4c:20:a9:eb:a1:3b:8a:60:33:df:1b:b3:a1:5b:09:78:93:
0f:51:fe:13:31:79:6f:04:02:2d:d1:6c:a4:3b:05:36:c7:10:
0e:5b:29:62:0a:9e:d6:4d:02:a0:12:8d:60:83:ff:6f:c9:b6:
7d:4c:6e:88:4a:13:c6:c4:29:8e:b4:18:ab:13:17:d5:da:6b:
d7:ec:c3:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuKYylPnQmFjjpe/RjfzAjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTAzZTBkMDIwZWZjOTQ0YzFlZWJkYWVlNTQyN2QzNjVi
NzAwNzYwHhcNMjMxMTAxMTAxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzZiOGRmOWZiN2RhYTRiYWI5OTc1MTk5YjM1Y2Q2ZDhiMzY0MDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil3c+50/5bdb/90AHaIcnBtozrZo
OTN8Nu58acodP8CC5TpND7iwMmxQNH8kXofQP2rQDZLYqCun0cURl8Y0EdjMmj2L
6mLwjb5xKIQJzey7XZ5FniXTiODXBMd56VNr0UZk/WXuS/DlkJJqomvzgqGPTQF+
//cTkl0Dfu2ujnJ16TcBMGyTH6S+JV5IdLBQ1RP5bYRcghLd7S9oimZhyRR7TUOF
2i6DEirLleoLGrMHfJLQSWKHAZqYLerGMTn4iSWX+yZ6yxRDCX7h58ZNxtElcSVw
zLk/4U5pDU7/VAL3bP4CKRF9Ju19sqi2MEm/+4jy3HSWGgdf45aEXjzpfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNrjfn7fapLq5l1GZs1zW2LNkBrMB8GA1UdIwQY
MBaAFI2gPg0CDvyUTB7r2u5UJ9NltwB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjkt
ZmI3ZDdkY2EzNGE3LzEvODJ1Ti1mdDlxa3VybVhVWm16WE5iWXMyUUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjktZmI3ZDdkY2EzNGE3
LzEvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDyAwQC
ucgkAwQBxpF2MA0GCSqGSIb3DQEBCwUAA4IBAQBzeG0idlVx8RL5YEY6uFdSovUz
8YjX1z3Kiu3sCJbHHrbNE1l65a4jrKEKcg8sc7UnTQWv1TnytmzFQF6c3fsdTKbU
SIBECIltEsHj1UoTppEalRPy5VWg7auSxn82Fu49tqAFqvJ+ujJ5O0U5huQEAVjw
EHAdTvMr+D+fRGh44ZL1pXVWEoFxK7r4RXntB59YHLIDNU5cb90GPbOYpCg3LGHv
yHna0Wn9G9lq35PQCuCiX5zXTCCp66E7imAz3xuzoVsJeJMPUf4TMXlvBAIt0Wyk
OwU2xxAOWyliCp7WTQKgEo1gg/9vybZ9TG6IShPGxCmOtBirExfV2mvX7MMA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:44 2025 by rpki-client