Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/2451b7-9091-4a27-ab91-348f9ffbd883/1/0bhaiQhZaOvH-Vm30ckAV-2cNVs.roa
File: 0bhaiQhZaOvH-Vm30ckAV-2cNVs.roa (raw, json)
Hash identifier: 3b2gHDXa5nqL0H9o1/JpiTf+t6zydFHJViQpqs/Ycro=
Subject key identifier: D1:B8:5A:89:08:59:68:EB:C7:F9:59:B7:D1:C9:00:57:ED:9C:35:5B
Certificate issuer: /CN=a1b0477f9d09a2c74f4c459e80b729afeeb312d4
Certificate serial: 0182AB43B68AA9F4F20AAF5196197B571430
Authority key identifier: A1:B0:47:7F:9D:09:A2:C7:4F:4C:45:9E:80:B7:29:AF:EE:B3:12:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obBHf50JosdPTEWegLcpr-6zEtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/2451b7-9091-4a27-ab91-348f9ffbd883/1/0bhaiQhZaOvH-Vm30ckAV-2cNVs.roa
Signing time: Wed 17 Aug 2022 10:05:17 +0000
ROA not before: Wed 17 Aug 2022 10:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207311
IP address blocks: 178.17.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ab:43:b6:8a:a9:f4:f2:0a:af:51:96:19:7b:57:14:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b0477f9d09a2c74f4c459e80b729afeeb312d4
Validity
Not Before: Aug 17 10:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1b85a89085968ebc7f959b7d1c90057ed9c355b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:de:ba:d8:1b:eb:ac:62:1f:a8:6a:da:90:c4:
29:d4:69:50:3b:72:0f:d9:70:1a:ff:15:8d:93:c5:
b8:52:0a:20:02:38:d9:7b:cc:9d:98:f4:d7:ce:ef:
80:b7:84:ed:d7:0a:60:d7:99:dc:84:4b:95:de:7b:
4e:f1:a7:cc:a8:d8:ec:71:d2:ac:71:d9:c6:00:ad:
29:43:02:bd:8c:1e:f8:ff:07:cb:0f:03:4b:cc:c3:
11:1b:c5:13:ee:ca:53:74:40:84:7f:7e:f3:35:9c:
09:4b:fd:e8:c7:b1:f7:11:72:72:b9:d5:a2:df:36:
77:8c:d4:d4:af:b4:e8:7a:d5:8d:36:8e:d9:e4:8d:
ad:b4:8c:f1:63:ef:c9:91:44:cb:9e:8d:49:24:8f:
44:1d:9f:90:c2:5c:5c:ae:ed:b5:91:48:1b:c4:d7:
b7:fc:67:ce:9e:33:78:bb:f4:39:53:b8:c9:c8:d0:
52:32:f1:3f:c5:c3:54:0c:bc:1c:70:81:39:3d:26:
74:a9:cc:36:26:54:8f:45:f1:b4:4c:2d:0c:52:ad:
54:a9:8d:0b:39:f7:5f:c3:c5:52:0a:18:ea:f4:47:
f2:87:7e:39:7d:e9:15:e7:c1:1d:c2:01:87:0f:59:
0e:7b:b6:69:0c:42:a2:f3:6a:c9:6f:93:82:a5:eb:
4c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B8:5A:89:08:59:68:EB:C7:F9:59:B7:D1:C9:00:57:ED:9C:35:5B
X509v3 Authority Key Identifier:
keyid:A1:B0:47:7F:9D:09:A2:C7:4F:4C:45:9E:80:B7:29:AF:EE:B3:12:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obBHf50JosdPTEWegLcpr-6zEtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/2451b7-9091-4a27-ab91-348f9ffbd883/1/0bhaiQhZaOvH-Vm30ckAV-2cNVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/2451b7-9091-4a27-ab91-348f9ffbd883/1/obBHf50JosdPTEWegLcpr-6zEtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.17.218.0/24
Signature Algorithm: sha256WithRSAEncryption
15:b0:c5:93:3d:5e:e0:c6:3e:78:41:a0:1d:66:71:06:b7:08:
ec:70:b5:7d:c9:5e:c7:f0:cb:b2:86:cd:2e:11:57:cd:ed:8f:
13:59:2f:85:71:03:79:bb:57:27:7d:77:93:19:28:09:12:5c:
7f:8a:7a:b1:bc:9b:0e:46:50:48:cc:ba:42:4e:75:83:4a:2c:
ea:38:c6:c7:c6:4a:0f:d6:40:82:87:82:16:26:bc:99:ea:ad:
46:7f:1a:2e:7c:8d:c1:54:dc:1d:cb:a7:9a:61:0f:98:6a:91:
fd:7c:c6:9f:80:14:ac:ff:0c:d3:d6:5b:5d:2a:0c:a7:54:52:
db:35:e8:76:d7:2a:77:81:3f:88:22:37:33:a6:e7:57:23:03:
4a:3b:9c:67:eb:85:3b:e0:a1:c4:b4:57:96:ac:fb:6a:75:39:
c1:80:b2:28:90:e0:65:66:ff:90:1d:13:25:b3:dd:4f:6f:fc:
62:0b:58:05:2b:df:60:d7:18:46:c7:50:46:a5:5a:da:ea:f9:
76:ed:6d:2f:f0:37:1d:b0:59:f5:ac:dd:3f:e1:d6:7f:15:80:
1e:94:aa:eb:b1:6a:d2:e2:13:38:5b:d3:c9:c7:b8:ca:24:cf:
04:57:93:d7:05:5a:fd:cc:59:e2:2d:51:c7:e3:27:ad:ca:26:
70:ab:c1:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKrQ7aKqfTyCq9Rlhl7VxQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjA0NzdmOWQwOWEyYzc0ZjRjNDU5ZTgwYjcyOWFmZWVi
MzEyZDQwHhcNMjIwODE3MTAwNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI4NWE4OTA4NTk2OGViYzdmOTU5YjdkMWM5MDA1N2VkOWMzNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgd662BvrrGIfqGrakMQp1GlQO3IP
2XAa/xWNk8W4UgogAjjZe8ydmPTXzu+At4Tt1wpg15nchEuV3ntO8afMqNjscdKs
cdnGAK0pQwK9jB74/wfLDwNLzMMRG8UT7spTdECEf37zNZwJS/3ox7H3EXJyudWi
3zZ3jNTUr7ToetWNNo7Z5I2ttIzxY+/JkUTLno1JJI9EHZ+Qwlxcru21kUgbxNe3
/GfOnjN4u/Q5U7jJyNBSMvE/xcNUDLwccIE5PSZ0qcw2JlSPRfG0TC0MUq1UqY0L
Ofdfw8VSChjq9Efyh345fekV58EdwgGHD1kOe7ZpDEKi82rJb5OCpetM5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNG4WokIWWjrx/lZt9HJAFftnDVbMB8GA1UdIwQY
MBaAFKGwR3+dCaLHT0xFnoC3Ka/usxLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JCSGY1MEpvc2RQVEVXZWdMY3ByLTZ6RXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8yNDUxYjctOTA5MS00YTI3LWFiOTEt
MzQ4ZjlmZmJkODgzLzEvMGJoYWlRaFphT3ZILVZtMzBja0FWLTJjTlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8yNDUxYjctOTA5MS00YTI3LWFiOTEtMzQ4ZjlmZmJkODgz
LzEvb2JCSGY1MEpvc2RQVEVXZWdMY3ByLTZ6RXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshHaMA0G
CSqGSIb3DQEBCwUAA4IBAQAVsMWTPV7gxj54QaAdZnEGtwjscLV9yV7H8Muyhs0u
EVfN7Y8TWS+FcQN5u1cnfXeTGSgJElx/inqxvJsORlBIzLpCTnWDSizqOMbHxkoP
1kCCh4IWJryZ6q1GfxoufI3BVNwdy6eaYQ+YapH9fMafgBSs/wzT1ltdKgynVFLb
Neh21yp3gT+IIjczpudXIwNKO5xn64U74KHEtFeWrPtqdTnBgLIokOBlZv+QHRMl
s91Pb/xiC1gFK99g1xhGx1BGpVra6vl27W0v8DcdsFn1rN0/4dZ/FYAelKrrsWrS
4hM4W9PJx7jKJM8EV5PXBVr9zFniLVHH4yetyiZwq8Gy
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:45 2025 by rpki-client