Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/15Cf1xLVrC3PtN9y0MNvnhcmMR4.roa
File: 15Cf1xLVrC3PtN9y0MNvnhcmMR4.roa (raw, json)
Hash identifier: le55ObX3231qzVaIn1/yC43/zvvV+DkDmEBG9rSH+40=
Subject key identifier: D7:90:9F:D7:12:D5:AC:2D:CF:B4:DF:72:D0:C3:6F:9E:17:26:31:1E
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018CAB45EF0AEE186CC5072FA447E53DCD9B
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/15Cf1xLVrC3PtN9y0MNvnhcmMR4.roa
Signing time: Wed 27 Dec 2023 12:35:36 +0000
ROA not before: Wed 27 Dec 2023 12:35:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210392
IP address blocks: 178.239.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:45:ef:0a:ee:18:6c:c5:07:2f:a4:47:e5:3d:cd:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 27 12:35:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7909fd712d5ac2dcfb4df72d0c36f9e1726311e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4c:8b:af:9e:f6:77:f8:e8:24:bd:bb:dd:90:
70:66:90:fc:90:b5:2a:a1:7b:5a:a3:bd:95:c4:9a:
23:b7:47:c7:2e:11:d8:90:74:8d:a4:61:d6:b9:01:
c0:4f:4f:ce:1c:f5:67:0b:e5:e6:7b:8b:2d:f5:d8:
0c:99:83:35:25:b1:99:19:04:56:cf:ab:79:eb:cb:
24:2e:ba:d8:62:79:de:3a:a0:fb:d8:93:37:1e:e0:
51:76:8d:a2:90:46:a4:f7:68:35:95:c6:11:b0:1d:
bf:a8:4d:1b:d4:e1:70:5a:27:bd:56:68:24:e2:65:
5e:6e:9b:00:80:86:e5:60:f0:61:e6:ea:59:17:f1:
46:29:70:63:ec:34:a4:1e:06:16:09:87:e9:45:26:
97:ca:e7:84:1d:cf:a0:51:e2:9a:ad:1b:c0:0a:42:
af:78:3d:43:c2:d0:00:89:3f:d4:7b:3b:ce:43:00:
7e:6c:8b:e7:79:cf:25:50:fd:4e:3a:79:4a:73:35:
eb:88:9b:bb:52:9f:f3:ea:c6:b3:c3:b9:31:d4:86:
7b:1d:21:7d:68:5b:0f:9e:ba:62:db:2c:e3:e0:6e:
30:f3:34:c8:b5:15:83:53:a4:69:6a:28:1b:2b:a9:
83:80:7b:81:53:23:56:a0:c4:ca:c7:75:f5:97:21:
d8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:90:9F:D7:12:D5:AC:2D:CF:B4:DF:72:D0:C3:6F:9E:17:26:31:1E
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/15Cf1xLVrC3PtN9y0MNvnhcmMR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.152.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:09:99:a5:e2:23:80:9d:3d:9e:22:4e:fa:1a:44:34:ee:44:
97:7f:14:61:50:92:f8:6d:bd:45:c3:d4:e0:01:39:3f:73:4d:
16:d5:9e:06:aa:12:8b:a2:72:41:42:38:58:f4:70:75:b9:81:
63:cf:94:a7:a1:54:ca:93:b5:8c:1f:27:cc:e3:c1:10:af:54:
8d:bd:85:4f:d6:c2:f9:3c:53:bb:36:b5:68:8b:48:f2:ac:4b:
cc:44:44:45:84:31:a4:b1:1a:d3:ab:6b:a1:54:a6:f8:7e:e8:
5a:92:51:84:a2:01:c0:1e:5c:72:70:73:42:b4:e6:df:af:9d:
74:81:b8:40:e2:27:95:ef:4a:fd:d1:06:1a:24:e8:42:47:f5:
d3:0c:ac:be:ed:b9:22:28:10:6c:95:5c:59:85:c2:da:9e:c4:
ef:cc:a9:08:14:44:86:c1:57:d1:cc:3a:17:1f:0b:7c:4a:5b:
43:63:21:d4:63:5d:63:11:87:b1:d1:b8:2b:58:d6:0c:ab:7a:
b0:f3:1d:2a:f7:10:32:9d:6e:4c:d6:1d:4f:31:c8:9b:34:54:
87:c6:68:0d:56:9f:33:85:28:1c:4e:26:39:97:17:2e:ad:e2:
93:f6:5f:85:bb:3f:8b:4f:2a:9a:b8:95:ac:65:a6:a3:45:f2:
d7:04:54:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyrRe8K7hhsxQcvpEflPc2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMjI3MTIzNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzkwOWZkNzEyZDVhYzJkY2ZiNGRmNzJkMGMzNmY5ZTE3MjYzMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkyLr572d/joJL273ZBwZpD8kLUq
oXtao72VxJojt0fHLhHYkHSNpGHWuQHAT0/OHPVnC+Xme4st9dgMmYM1JbGZGQRW
z6t568skLrrYYnneOqD72JM3HuBRdo2ikEak92g1lcYRsB2/qE0b1OFwWie9Vmgk
4mVebpsAgIblYPBh5upZF/FGKXBj7DSkHgYWCYfpRSaXyueEHc+gUeKarRvACkKv
eD1DwtAAiT/UezvOQwB+bIvnec8lUP1OOnlKczXriJu7Up/z6sazw7kx1IZ7HSF9
aFsPnrpi2yzj4G4w8zTItRWDU6RpaigbK6mDgHuBUyNWoMTKx3X1lyHYjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNeQn9cS1awtz7TfctDDb54XJjEeMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvMTVDZjF4TFZyQzNQdE45eTBNTnZuaGNtTVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsu+YMA0G
CSqGSIb3DQEBCwUAA4IBAQAqCZml4iOAnT2eIk76GkQ07kSXfxRhUJL4bb1Fw9Tg
ATk/c00W1Z4GqhKLonJBQjhY9HB1uYFjz5SnoVTKk7WMHyfM48EQr1SNvYVP1sL5
PFO7NrVoi0jyrEvMRERFhDGksRrTq2uhVKb4fuhaklGEogHAHlxycHNCtObfr510
gbhA4ieV70r90QYaJOhCR/XTDKy+7bkiKBBslVxZhcLansTvzKkIFESGwVfRzDoX
Hwt8SltDYyHUY11jEYex0bgrWNYMq3qw8x0q9xAynW5M1h1PMcibNFSHxmgNVp8z
hSgcTiY5lxcureKT9l+Fuz+LTyqauJWsZaajRfLXBFQo
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:32 2025 by rpki-client