Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/mUc54UmZUd7sBDwPTyD7I99Se8k.roa
File: mUc54UmZUd7sBDwPTyD7I99Se8k.roa (raw, json)
Hash identifier: bf0o/Mrj4yzhl9Zq6SX7787gBCV+5gcXL6fp/R+vRT4=
Subject key identifier: 99:47:39:E1:49:99:51:DE:EC:04:3C:0F:4F:20:FB:23:DF:52:7B:C9
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 0187DDEFF41420F03C795CC054133051C1B2
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/mUc54UmZUd7sBDwPTyD7I99Se8k.roa
Signing time: Tue 02 May 2023 19:28:23 +0000
ROA not before: Tue 02 May 2023 19:28:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207957
IP address blocks: 178.250.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dd:ef:f4:14:20:f0:3c:79:5c:c0:54:13:30:51:c1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: May 2 19:28:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=994739e1499951deec043c0f4f20fb23df527bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:51:e1:9f:f5:78:27:58:b6:33:61:8c:87:2d:
b9:b3:0b:8f:51:8b:bf:b8:f6:eb:a8:87:b7:ca:7d:
f7:c8:17:be:23:9a:47:47:63:5a:ba:39:b2:76:fb:
db:9a:db:0c:4e:16:97:99:8e:ad:73:b0:8c:74:c9:
e5:8d:c1:a4:2c:d8:80:b3:53:48:3f:b2:87:db:9e:
6d:34:5f:40:03:68:5f:f4:51:83:65:64:d4:e1:02:
23:38:12:3d:6b:d2:2c:cb:22:ea:63:0c:4b:d5:2d:
f6:a7:9c:b2:79:fd:dd:19:b6:f7:c9:46:3e:6c:2d:
6b:81:bc:94:0b:93:96:eb:4c:b3:97:ec:d1:ff:ad:
31:6e:d4:04:d8:06:47:83:2d:a0:c6:bf:51:f8:60:
52:34:d0:16:63:12:3d:a5:8b:c1:18:54:52:eb:c5:
57:b9:dc:25:53:0c:06:7f:51:70:b0:ff:c5:5d:ba:
1e:a6:0f:21:54:d6:3d:bc:15:9f:43:86:3a:e4:ce:
db:1f:10:5c:13:ed:8c:56:b0:33:cd:4a:87:19:2a:
54:90:9e:80:27:64:a7:a5:57:f9:68:26:e5:e3:40:
f1:e6:ec:3e:df:06:05:09:0d:3f:9d:f2:50:31:f2:
0d:ef:dd:70:9c:d2:2c:c7:8b:f1:d0:6d:3c:6f:f2:
0a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:47:39:E1:49:99:51:DE:EC:04:3C:0F:4F:20:FB:23:DF:52:7B:C9
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/mUc54UmZUd7sBDwPTyD7I99Se8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.186.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:14:24:60:b0:6a:97:91:08:3b:f7:56:f8:13:38:85:c1:26:
9c:91:e4:8a:27:91:93:c2:19:94:b3:1f:e8:18:b6:de:d9:2d:
19:da:6d:18:ad:74:9e:38:b2:fb:77:8f:05:f6:60:2f:ac:ec:
22:3f:97:71:e7:17:32:ae:9f:1d:37:18:0e:fc:33:5c:bd:68:
b1:7a:68:bc:0f:f9:f2:cc:c7:f0:fa:29:0b:85:0a:44:74:4d:
c2:7c:00:36:3f:59:5f:7d:4e:62:a8:cc:ad:c6:d4:c0:ef:7e:
e1:ef:86:7e:65:5c:a0:4c:45:de:00:d8:63:23:6e:ae:04:80:
bb:58:93:e6:aa:20:03:90:a7:64:90:a7:c1:2c:62:b4:fb:79:
a0:4e:7a:c1:69:db:b4:f8:0e:d5:1f:6c:c1:ae:81:70:c6:74:
4b:54:f9:25:8f:f0:1d:89:88:cb:e9:a0:4b:d2:4a:63:21:9d:
11:cb:0e:be:23:76:bf:ee:cf:88:b9:74:f0:ef:ec:8b:89:4f:
7c:0b:b6:68:bb:d3:e3:8e:6e:af:6d:6b:81:13:8b:94:04:df:
1a:d5:ca:0b:52:31:c0:15:aa:19:70:3d:a5:c0:95:16:a7:33:
67:3d:dd:8f:80:0d:52:2d:c5:ab:09:6b:25:5c:76:35:58:b5:
65:6d:ad:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfd7/QUIPA8eVzAVBMwUcGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMwNTAyMTkyODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ3MzllMTQ5OTk1MWRlZWMwNDNjMGY0ZjIwZmIyM2RmNTI3YmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglHhn/V4J1i2M2GMhy25swuPUYu/
uPbrqIe3yn33yBe+I5pHR2NaujmydvvbmtsMThaXmY6tc7CMdMnljcGkLNiAs1NI
P7KH255tNF9AA2hf9FGDZWTU4QIjOBI9a9IsyyLqYwxL1S32p5yyef3dGbb3yUY+
bC1rgbyUC5OW60yzl+zR/60xbtQE2AZHgy2gxr9R+GBSNNAWYxI9pYvBGFRS68VX
udwlUwwGf1FwsP/FXboepg8hVNY9vBWfQ4Y65M7bHxBcE+2MVrAzzUqHGSpUkJ6A
J2SnpVf5aCbl40Dx5uw+3wYFCQ0/nfJQMfIN791wnNIsx4vx0G08b/IKBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJlHOeFJmVHe7AQ8D08g+yPfUnvJMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvbVVjNTRVbVpVZDdzQkR3UFR5RDdJOTlTZThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvq6MA0G
CSqGSIb3DQEBCwUAA4IBAQAsFCRgsGqXkQg791b4EziFwSackeSKJ5GTwhmUsx/o
GLbe2S0Z2m0YrXSeOLL7d48F9mAvrOwiP5dx5xcyrp8dNxgO/DNcvWixemi8D/ny
zMfw+ikLhQpEdE3CfAA2P1lffU5iqMytxtTA737h74Z+ZVygTEXeANhjI26uBIC7
WJPmqiADkKdkkKfBLGK0+3mgTnrBadu0+A7VH2zBroFwxnRLVPklj/AdiYjL6aBL
0kpjIZ0Ryw6+I3a/7s+IuXTw7+yLiU98C7Zou9Pjjm6vbWuBE4uUBN8a1coLUjHA
FaoZcD2lwJUWpzNnPd2PgA1SLcWrCWslXHY1WLVlba29
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:24 2025 by rpki-client