Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/de8d82-8e0a-4452-b89a-6508c1f4a445/1/n8E4sm1Vkg03sbCKhTC14QdRmzI.roa
File: n8E4sm1Vkg03sbCKhTC14QdRmzI.roa (raw, json)
Hash identifier: 20dzX8KXGa5lXrl03qf8gXZ/FdPhh4HErh0L613akW0=
Subject key identifier: 9F:C1:38:B2:6D:55:92:0D:37:B1:B0:8A:85:30:B5:E1:07:51:9B:32
Certificate issuer: /CN=116538dffd77cf238c4eaeb95ca05487c5671ab5
Certificate serial: 018571831B0C5AE377DD952AED1B00932F69
Authority key identifier: 11:65:38:DF:FD:77:CF:23:8C:4E:AE:B9:5C:A0:54:87:C5:67:1A:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EWU43_13zyOMTq65XKBUh8VnGrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/de8d82-8e0a-4452-b89a-6508c1f4a445/1/n8E4sm1Vkg03sbCKhTC14QdRmzI.roa
Signing time: Mon 02 Jan 2023 08:04:55 +0000
ROA not before: Mon 02 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200797
IP address blocks: 217.148.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:1b:0c:5a:e3:77:dd:95:2a:ed:1b:00:93:2f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=116538dffd77cf238c4eaeb95ca05487c5671ab5
Validity
Not Before: Jan 2 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fc138b26d55920d37b1b08a8530b5e107519b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:95:58:4b:1c:4b:23:93:19:6a:7e:0c:4a:5c:
61:62:ab:e2:98:dc:14:91:c4:4c:01:45:68:12:78:
d4:27:a6:2c:d8:c9:ca:7f:21:5a:73:98:93:8d:08:
68:0f:14:8f:d3:0b:15:5a:c6:75:8b:42:32:7e:d5:
2d:98:5e:7d:15:b2:ac:67:aa:dd:0a:9d:fb:2b:26:
7f:67:73:b0:d0:48:91:8a:02:eb:dd:99:45:3c:22:
91:b4:b7:e9:95:3a:aa:3b:a8:b3:96:1f:be:21:b1:
8a:14:88:a2:22:8b:8e:56:91:87:74:76:0c:6a:4f:
0a:0f:bc:ea:48:0f:55:3f:5d:cc:e2:d4:f5:94:51:
e8:89:6b:02:7c:38:5c:95:15:3b:63:15:a8:a2:f4:
a6:10:70:e3:1b:16:64:48:0d:91:c9:01:f6:77:07:
ea:f6:f5:b7:7d:90:89:72:b7:23:15:83:20:a2:cb:
84:c5:c9:82:89:be:5e:da:54:9b:2b:84:49:77:ed:
06:51:71:25:36:44:bb:6f:c5:1c:db:c3:37:57:7c:
f6:2f:af:33:f6:bb:22:e7:bb:17:10:c3:58:ac:68:
e7:2e:57:fe:13:d9:c9:55:02:e7:ea:2d:d1:ca:45:
a9:92:54:47:1a:8a:3c:7e:02:af:38:c7:d6:ac:84:
1a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C1:38:B2:6D:55:92:0D:37:B1:B0:8A:85:30:B5:E1:07:51:9B:32
X509v3 Authority Key Identifier:
keyid:11:65:38:DF:FD:77:CF:23:8C:4E:AE:B9:5C:A0:54:87:C5:67:1A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EWU43_13zyOMTq65XKBUh8VnGrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/de8d82-8e0a-4452-b89a-6508c1f4a445/1/n8E4sm1Vkg03sbCKhTC14QdRmzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/de8d82-8e0a-4452-b89a-6508c1f4a445/1/EWU43_13zyOMTq65XKBUh8VnGrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.148.128.0/22
Signature Algorithm: sha256WithRSAEncryption
26:5f:02:be:48:fc:28:03:38:09:7f:8f:d0:7d:2c:26:03:eb:
29:c5:e8:72:6b:12:5a:f8:ed:9f:cc:ea:13:06:aa:a1:4e:eb:
c8:36:f1:83:1a:97:a1:a5:83:38:11:0b:09:47:64:9f:c5:7a:
51:ac:89:a2:bc:4e:e7:96:7e:48:fe:c1:42:3f:69:cc:8f:cc:
01:35:85:7b:61:70:57:4d:e9:9e:57:b7:76:53:60:99:67:68:
eb:89:f6:a1:4f:45:03:dc:35:2a:92:01:a6:3a:83:ea:74:d8:
34:dd:05:48:c7:cb:68:0e:aa:6e:e6:eb:ba:ad:2a:ca:aa:6c:
e9:4c:2b:33:72:9a:bb:9c:7e:01:f0:cd:61:9a:fb:f4:8b:6a:
fd:39:c7:43:66:57:ca:10:c5:71:6d:5c:1d:41:b7:a5:f7:7b:
6e:95:83:b8:c8:fd:8b:a3:6f:39:e7:0f:cc:55:60:1b:74:d9:
8a:39:5c:19:6c:cd:1d:c9:40:6a:2a:73:2c:de:b7:21:b4:55:
d0:c5:3d:e9:17:30:7f:65:46:e9:c8:fb:db:18:49:66:bd:79:
51:2a:93:8a:92:e8:03:2a:30:a7:22:dc:d2:02:6f:e0:51:8b:
f3:64:f9:29:93:31:a6:37:65:d7:39:8e:b6:e7:1a:db:1d:75:
a6:eb:66:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgxsMWuN33ZUq7RsAky9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNjUzOGRmZmQ3N2NmMjM4YzRlYWViOTVjYTA1NDg3YzU2
NzFhYjUwHhcNMjMwMTAyMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmMxMzhiMjZkNTU5MjBkMzdiMWIwOGE4NTMwYjVlMTA3NTE5YjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZVYSxxLI5MZan4MSlxhYqvimNwU
kcRMAUVoEnjUJ6Ys2MnKfyFac5iTjQhoDxSP0wsVWsZ1i0IyftUtmF59FbKsZ6rd
Cp37KyZ/Z3Ow0EiRigLr3ZlFPCKRtLfplTqqO6izlh++IbGKFIiiIouOVpGHdHYM
ak8KD7zqSA9VP13M4tT1lFHoiWsCfDhclRU7YxWoovSmEHDjGxZkSA2RyQH2dwfq
9vW3fZCJcrcjFYMgosuExcmCib5e2lSbK4RJd+0GUXElNkS7b8Uc28M3V3z2L68z
9rsi57sXEMNYrGjnLlf+E9nJVQLn6i3RykWpklRHGoo8fgKvOMfWrIQa4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/BOLJtVZINN7GwioUwteEHUZsyMB8GA1UdIwQY
MBaAFBFlON/9d88jjE6uuVygVIfFZxq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVdVNDNfMTN6eU9NVHE2NVhLQlVoOFZuR3JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kZThkODItOGUwYS00NDUyLWI4OWEt
NjUwOGMxZjRhNDQ1LzEvbjhFNHNtMVZrZzAzc2JDS2hUQzE0UWRSbXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kZThkODItOGUwYS00NDUyLWI4OWEtNjUwOGMxZjRhNDQ1
LzEvRVdVNDNfMTN6eU9NVHE2NVhLQlVoOFZuR3JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2ZSAMA0G
CSqGSIb3DQEBCwUAA4IBAQAmXwK+SPwoAzgJf4/QfSwmA+spxehyaxJa+O2fzOoT
BqqhTuvINvGDGpehpYM4EQsJR2SfxXpRrImivE7nln5I/sFCP2nMj8wBNYV7YXBX
TemeV7d2U2CZZ2jrifahT0UD3DUqkgGmOoPqdNg03QVIx8toDqpu5uu6rSrKqmzp
TCszcpq7nH4B8M1hmvv0i2r9OcdDZlfKEMVxbVwdQbel93tulYO4yP2Lo2855w/M
VWAbdNmKOVwZbM0dyUBqKnMs3rchtFXQxT3pFzB/ZUbpyPvbGElmvXlRKpOKkugD
KjCnItzSAm/gUYvzZPkpkzGmN2XXOY625xrbHXWm62Y5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:59 2025 by rpki-client