Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/8cKecJBR3lO21pF92xO8Lvfpp0o.roa
File: 8cKecJBR3lO21pF92xO8Lvfpp0o.roa (raw, json)
Hash identifier: X9skBRG2X0w2lN5ovfYXMyKEEiHooGi7NP6n2Ybmv40=
Subject key identifier: F1:C2:9E:70:90:51:DE:53:B6:D6:91:7D:DB:13:BC:2E:F7:E9:A7:4A
Certificate issuer: /CN=1b980f22a5952a4ef9a4ec4a9e0d0c351fec9454
Certificate serial: 0AF793C8
Authority key identifier: 1B:98:0F:22:A5:95:2A:4E:F9:A4:EC:4A:9E:0D:0C:35:1F:EC:94:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G5gPIqWVKk75pOxKng0MNR_slFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/8cKecJBR3lO21pF92xO8Lvfpp0o.roa
Signing time: Sat 01 Jan 2022 03:55:50 +0000
ROA not before: Sat 01 Jan 2022 03:55:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25560
IP address blocks: 62.216.160.0/19 maxlen: 24
85.199.128.0/18 maxlen: 24
217.24.208.0/20 maxlen: 24
95.143.160.0/20 maxlen: 24
2001:1a50::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183997384 (0xaf793c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b980f22a5952a4ef9a4ec4a9e0d0c351fec9454
Validity
Not Before: Jan 1 03:55:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1c29e709051de53b6d6917ddb13bc2ef7e9a74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6f:57:bc:b5:c0:69:46:6a:cd:03:80:d5:82:
54:17:33:db:f1:6f:be:af:fd:99:b9:a3:a6:16:37:
0a:8e:20:52:e2:f1:71:06:21:90:c8:2f:c9:0c:31:
49:a9:72:74:90:1d:09:bf:a4:dc:ac:e2:4d:96:d1:
a4:b6:44:50:b3:d9:2f:cc:65:5f:94:97:68:6f:47:
d2:e1:fe:88:c9:25:22:f5:0a:b7:81:7a:91:4c:79:
c0:85:54:df:b8:0d:be:1b:10:22:13:a7:77:d6:7b:
fe:33:ba:98:5b:bd:cf:31:e7:b2:ee:a8:a2:5e:5b:
72:a8:1c:4b:78:63:25:c5:02:b5:e3:0d:c8:5c:b1:
bf:4d:82:96:6d:5b:c6:af:3a:bf:46:ac:46:ca:e2:
5f:cd:b5:0c:a1:eb:b0:b0:29:49:d0:f4:ff:e1:b8:
84:ee:d2:db:93:22:ae:d9:0e:a5:15:3a:af:98:98:
86:eb:18:a8:5d:b5:ec:65:30:f2:99:f5:a5:78:de:
b6:fd:b8:af:2e:6a:ca:4f:7c:3f:04:73:c9:d1:c7:
58:11:c5:78:7b:2c:71:8d:ae:6b:ce:9e:88:95:b1:
23:7b:93:0f:a0:33:3b:a4:82:4b:fc:4e:c7:c8:b0:
d8:b4:9a:d5:57:1e:ea:2b:a5:0f:1d:c3:7b:e9:69:
1c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C2:9E:70:90:51:DE:53:B6:D6:91:7D:DB:13:BC:2E:F7:E9:A7:4A
X509v3 Authority Key Identifier:
keyid:1B:98:0F:22:A5:95:2A:4E:F9:A4:EC:4A:9E:0D:0C:35:1F:EC:94:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5gPIqWVKk75pOxKng0MNR_slFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/8cKecJBR3lO21pF92xO8Lvfpp0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/G5gPIqWVKk75pOxKng0MNR_slFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.160.0/19
85.199.128.0/18
95.143.160.0/20
217.24.208.0/20
IPv6:
2001:1a50::/32
Signature Algorithm: sha256WithRSAEncryption
6b:2a:30:3c:f4:26:99:27:dc:01:ce:ea:6e:d7:11:bc:83:66:
bb:3e:cb:3b:ea:3a:32:7b:0d:17:11:68:80:4d:fa:09:5a:2e:
33:a3:6e:c2:aa:df:31:1c:43:d0:f3:60:bc:b1:23:f0:d8:75:
a7:59:89:93:9e:97:d3:81:24:7e:b1:87:0f:45:41:c5:c1:b0:
3f:dd:21:3f:9a:a6:47:53:87:72:74:cf:c9:44:3c:3a:84:63:
c7:f6:00:f7:20:a9:35:b2:b9:47:d6:4c:d7:57:f8:15:a0:bb:
92:d8:e2:c9:e7:c8:d6:0e:c6:90:5f:88:94:1f:6e:16:cf:21:
02:29:6a:27:f3:8b:f7:f9:48:d5:e4:32:45:16:b6:8f:db:de:
98:49:db:0f:b0:7a:eb:fd:17:56:a8:37:10:78:11:a1:78:72:
81:16:29:0b:db:53:7a:33:fb:80:a5:3f:94:29:1d:87:e7:87:
8c:93:54:b1:77:91:97:55:50:98:c5:e5:20:c7:f1:f4:a7:0f:
11:70:c5:06:c9:e2:35:ae:63:d4:42:dc:b5:87:ad:71:29:5e:
70:5c:d0:a9:44:d3:b8:b5:6e:7c:0e:89:32:65:9b:4b:b5:49:
de:e4:ec:8c:f0:fe:0b:a2:7d:e7:a9:7c:06:60:10:f2:97:dc:
a6:fb:67:2f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECveTyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Yjk4MGYyMmE1OTUyYTRlZjlhNGVjNGE5ZTBkMGMzNTFmZWM5NDU0MB4XDTIyMDEw
MTAzNTU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFjMjllNzA5MDUx
ZGU1M2I2ZDY5MTdkZGIxM2JjMmVmN2U5YTc0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdvV7y1wGlGas0DgNWCVBcz2/Fvvq/9mbmjphY3Co4gUuLx
cQYhkMgvyQwxSalydJAdCb+k3KziTZbRpLZEULPZL8xlX5SXaG9H0uH+iMklIvUK
t4F6kUx5wIVU37gNvhsQIhOnd9Z7/jO6mFu9zzHnsu6ool5bcqgcS3hjJcUCteMN
yFyxv02Clm1bxq86v0asRsriX821DKHrsLApSdD0/+G4hO7S25MirtkOpRU6r5iY
husYqF217GUw8pn1pXjetv24ry5qyk98PwRzydHHWBHFeHsscY2ua86eiJWxI3uT
D6AzO6SCS/xOx8iw2LSa1Vce6iulDx3De+lpHM8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTxwp5wkFHeU7bWkX3bE7wu9+mnSjAfBgNVHSMEGDAWgBQbmA8ipZUqTvmk
7EqeDQw1H+yUVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c1Z1BJcVdWS2s3NXBPeEtuZzBNTlJfc2xGUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvNzc0ZTI2LWQwOGYtNDZkMy1hZDA2LTM0N2I1NjZkZGJkMS8x
LzhjS2VjSkJSM2xPMjFwRjkyeE84THZmcHAwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
Nzc0ZTI2LWQwOGYtNDZkMy1hZDA2LTM0N2I1NjZkZGJkMS8xL0c1Z1BJcVdWS2s3
NXBPeEtuZzBNTlJfc2xGUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBT7YoAMEBlXHgAMEBF+PoAMEBNkY
0DANBAIAAjAHAwUAIAEaUDANBgkqhkiG9w0BAQsFAAOCAQEAayowPPQmmSfcAc7q
btcRvINmuz7LO+o6MnsNFxFogE36CVouM6NuwqrfMRxD0PNgvLEj8Nh1p1mJk56X
04EkfrGHD0VBxcGwP90hP5qmR1OHcnTPyUQ8OoRjx/YA9yCpNbK5R9ZM11f4FaC7
ktjiyefI1g7GkF+IlB9uFs8hAilqJ/OL9/lI1eQyRRa2j9vemEnbD7B66/0XVqg3
EHgRoXhygRYpC9tTejP7gKU/lCkdh+eHjJNUsXeRl1VQmMXlIMfx9KcPEXDFBsni
Na5j1ELctYetcSlecFzQqUTTuLVufA6JMmWbS7VJ3uTsjPD+C6J956l8BmAQ8pfc
pvtnLw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:08 2025 by rpki-client