Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/8Rz2LtwfdZE6iS3Pe-2Hz4KHaY8.roa
File: 8Rz2LtwfdZE6iS3Pe-2Hz4KHaY8.roa (raw, json)
Hash identifier: Ay2pbtM2JItRLWvEK3B/cawr7UkjLmcBGMZEHIkMGQE=
Subject key identifier: F1:1C:F6:2E:DC:1F:75:91:3A:89:2D:CF:7B:ED:87:CF:82:87:69:8F
Certificate issuer: /CN=40bb76aa96df8eb7d6777b357252e11155238785
Certificate serial: 01856FF0670F09670FFA68EA3B9267E44795
Authority key identifier: 40:BB:76:AA:96:DF:8E:B7:D6:77:7B:35:72:52:E1:11:55:23:87:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLt2qpbfjrfWd3s1clLhEVUjh4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/8Rz2LtwfdZE6iS3Pe-2Hz4KHaY8.roa
Signing time: Mon 02 Jan 2023 00:45:03 +0000
ROA not before: Mon 02 Jan 2023 00:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208560
IP address blocks: 83.150.192.0/24 maxlen: 24
83.150.192.0/23 maxlen: 23
83.150.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:67:0f:09:67:0f:fa:68:ea:3b:92:67:e4:47:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bb76aa96df8eb7d6777b357252e11155238785
Validity
Not Before: Jan 2 00:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f11cf62edc1f75913a892dcf7bed87cf8287698f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:04:7a:86:48:cd:50:09:1d:ea:34:fd:b1:
00:fb:b7:62:f5:f1:da:85:b8:93:9c:d0:92:8c:df:
33:11:80:ff:1b:86:ac:bd:cd:07:a2:3f:a6:f8:1a:
5c:42:e5:21:77:ab:c0:7b:3a:28:e4:fa:f2:f5:d6:
54:af:4d:97:d5:67:fc:b9:73:83:0c:2b:7c:5f:c8:
8e:c8:ee:4b:64:cc:c6:08:ef:e2:e6:e6:85:03:c2:
2f:dc:b6:a2:f6:73:4b:76:71:4b:6e:98:da:7a:ef:
40:20:4f:0c:8c:68:9f:e0:2e:8d:8a:a0:68:92:f9:
58:71:8a:3e:76:6a:75:68:c9:69:08:99:db:d1:91:
78:a5:02:bb:52:34:d1:89:f2:70:ee:b2:64:c9:4f:
8e:d4:d0:83:4f:ce:84:38:ed:ab:ad:5e:d5:63:42:
c2:ca:28:7f:16:1b:14:bc:8d:59:9e:ba:7e:dd:99:
d2:c4:1a:79:e8:68:18:15:ba:60:6b:11:55:5f:09:
ce:ba:95:11:9e:f9:06:d1:e4:78:d1:c2:af:72:1f:
9f:29:fa:4c:a4:ef:14:93:4e:c0:3d:7a:c0:31:7c:
b5:51:9a:d1:1a:b2:e8:fb:20:14:30:e0:04:90:32:
37:9b:0c:15:b9:1e:65:c7:e5:59:8b:e9:ea:f8:84:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1C:F6:2E:DC:1F:75:91:3A:89:2D:CF:7B:ED:87:CF:82:87:69:8F
X509v3 Authority Key Identifier:
keyid:40:BB:76:AA:96:DF:8E:B7:D6:77:7B:35:72:52:E1:11:55:23:87:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLt2qpbfjrfWd3s1clLhEVUjh4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/8Rz2LtwfdZE6iS3Pe-2Hz4KHaY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/QLt2qpbfjrfWd3s1clLhEVUjh4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.192.0/23
Signature Algorithm: sha256WithRSAEncryption
08:d4:d6:18:8a:21:df:09:f7:c7:71:e5:7a:55:0b:26:b2:45:
8d:72:e4:5d:d3:61:11:e6:c1:20:8f:a9:de:e1:03:fb:46:9c:
85:9b:6c:6f:4d:60:6d:0e:27:50:12:ac:e1:39:20:2d:00:d1:
6b:47:9d:c1:18:31:9d:41:25:47:89:94:b3:d4:a9:cb:e6:35:
54:7a:d2:41:39:c0:a3:07:2f:1b:94:a7:aa:25:8e:d2:48:78:
2f:53:ef:07:82:c0:05:e2:ef:f1:c0:58:c1:31:ee:96:83:4b:
d7:20:9d:b6:42:f2:f5:ed:fd:29:c3:8f:83:fc:b9:b7:d6:06:
70:de:5b:48:36:a4:89:64:b8:55:84:a7:ab:78:98:f8:1a:25:
91:eb:93:c0:a6:06:21:b5:24:39:a8:16:ce:08:c2:2d:a0:4c:
b8:8a:33:47:0e:80:74:97:bd:23:2a:a9:6b:59:08:08:8e:6a:
51:e5:05:08:d0:60:ca:e1:e7:d7:d7:be:32:95:fa:de:da:a5:
69:aa:4a:6a:af:ec:30:ae:2f:22:e6:43:6e:d3:2b:f1:d7:0e:
bb:2e:98:71:5b:f6:52:8d:12:08:f4:ca:99:c3:de:46:a7:1d:
43:37:47:16:2e:de:77:2a:56:06:80:f3:db:84:bc:a9:35:aa:
ff:a9:f7:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8GcPCWcP+mjqO5Jn5EeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmI3NmFhOTZkZjhlYjdkNjc3N2IzNTcyNTJlMTExNTUy
Mzg3ODUwHhcNMjMwMTAyMDA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTFjZjYyZWRjMWY3NTkxM2E4OTJkY2Y3YmVkODdjZjgyODc2OThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsEEeoZIzVAJHeo0/bEA+7di9fHa
hbiTnNCSjN8zEYD/G4asvc0Hoj+m+BpcQuUhd6vAezoo5Pry9dZUr02X1Wf8uXOD
DCt8X8iOyO5LZMzGCO/i5uaFA8Iv3Lai9nNLdnFLbpjaeu9AIE8MjGif4C6NiqBo
kvlYcYo+dmp1aMlpCJnb0ZF4pQK7UjTRifJw7rJkyU+O1NCDT86EOO2rrV7VY0LC
yih/FhsUvI1Znrp+3ZnSxBp56GgYFbpgaxFVXwnOupURnvkG0eR40cKvch+fKfpM
pO8Uk07APXrAMXy1UZrRGrLo+yAUMOAEkDI3mwwVuR5lx+VZi+nq+ITRSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPEc9i7cH3WROoktz3vth8+Ch2mPMB8GA1UdIwQY
MBaAFEC7dqqW34631nd7NXJS4RFVI4eFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUx0MnFwYmZqcmZXZDNzMWNsTGhFVlVqaDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMzFkNjgtY2I2My00YmQxLTk5Yjkt
MzVlZTdhNzM5ZmQ5LzEvOFJ6Mkx0d2ZkWkU2aVMzUGUtMkh6NEtIYVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMzFkNjgtY2I2My00YmQxLTk5YjktMzVlZTdhNzM5ZmQ5
LzEvUUx0MnFwYmZqcmZXZDNzMWNsTGhFVlVqaDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU5bAMA0G
CSqGSIb3DQEBCwUAA4IBAQAI1NYYiiHfCffHceV6VQsmskWNcuRd02ER5sEgj6ne
4QP7RpyFm2xvTWBtDidQEqzhOSAtANFrR53BGDGdQSVHiZSz1KnL5jVUetJBOcCj
By8blKeqJY7SSHgvU+8HgsAF4u/xwFjBMe6Wg0vXIJ22QvL17f0pw4+D/Lm31gZw
3ltINqSJZLhVhKereJj4GiWR65PApgYhtSQ5qBbOCMItoEy4ijNHDoB0l70jKqlr
WQgIjmpR5QUI0GDK4efX174ylfre2qVpqkpqr+wwri8i5kNu0yvx1w67LphxW/ZS
jRII9MqZw95Gpx1DN0cWLt53KlYGgPPbhLypNar/qffp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:00 2025 by rpki-client