Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/8lgJvGixxnHyja2YtueMf10xazE.roa
File: 8lgJvGixxnHyja2YtueMf10xazE.roa (raw, json)
Hash identifier: bi5yQPPL/zPIb2dwrntRwx9IGbKz8T+AZ+oyMi1p8ZE=
Subject key identifier: F2:58:09:BC:68:B1:C6:71:F2:8D:AD:98:B6:E7:8C:7F:5D:31:6B:31
Certificate issuer: /CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Certificate serial: 01856F9DF8A7BBD40D9AE6C97EC093B67FE6
Authority key identifier: D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/8lgJvGixxnHyja2YtueMf10xazE.roa
Signing time: Sun 01 Jan 2023 23:15:01 +0000
ROA not before: Sun 01 Jan 2023 23:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51088
IP address blocks: 46.235.40.0/21 maxlen: 21
83.150.232.0/22 maxlen: 22
2a00:d640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:f8:a7:bb:d4:0d:9a:e6:c9:7e:c0:93:b6:7f:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Validity
Not Before: Jan 1 23:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f25809bc68b1c671f28dad98b6e78c7f5d316b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:41:f1:5b:00:ec:1c:b7:80:6a:c2:07:a9:28:
55:77:30:23:4e:69:30:12:46:c7:81:48:db:16:f4:
ab:9c:65:20:a4:f4:79:ed:6e:f4:e9:22:5e:5b:2d:
69:bb:7b:da:25:33:75:99:60:e4:73:57:f9:8f:9a:
ff:43:06:9d:a0:9a:6b:31:59:9d:92:f2:52:51:f2:
b0:9d:1c:ce:bc:ac:64:f7:2b:b0:d3:a2:7e:f7:aa:
64:ea:13:c1:2d:c9:8e:f6:a6:33:6f:a5:1c:1d:cf:
74:7d:62:aa:30:e6:22:eb:e3:be:82:53:0c:42:5c:
1a:4a:6d:b3:a8:15:79:04:7b:5b:a7:02:24:0a:9b:
0c:33:52:4d:d3:75:45:00:71:dd:8c:c2:7e:4f:2e:
54:e9:09:a4:fb:64:e1:cb:ad:8b:e6:52:93:92:5a:
d2:9a:d0:b9:e3:0c:1c:4f:85:e6:54:57:92:16:b4:
3d:b3:8f:8c:d8:25:1d:a0:4f:9a:be:53:e4:27:77:
f3:13:cb:e6:bf:65:cd:7c:53:d4:9e:a7:4b:a5:14:
dc:da:62:ae:04:cf:d8:d0:ae:33:e1:7d:fb:26:d0:
29:1b:4b:42:36:ac:44:5a:d0:48:ee:92:73:12:64:
0a:8b:5d:27:e6:6d:15:09:b5:4f:9e:1a:78:20:d7:
d6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:58:09:BC:68:B1:C6:71:F2:8D:AD:98:B6:E7:8C:7F:5D:31:6B:31
X509v3 Authority Key Identifier:
keyid:D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/8lgJvGixxnHyja2YtueMf10xazE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.40.0/21
83.150.232.0/22
IPv6:
2a00:d640::/32
Signature Algorithm: sha256WithRSAEncryption
0a:ff:1f:9c:ef:12:de:45:07:9e:71:9b:99:25:89:92:38:b6:
48:78:15:24:05:91:c4:2c:39:04:5b:bd:5f:68:f7:87:aa:13:
21:cf:20:c4:1b:2e:d8:87:89:8e:07:bf:a3:df:34:aa:a0:76:
b8:0f:a0:5f:39:ca:49:76:eb:a0:99:ed:bd:ef:6e:6a:fd:c0:
c5:22:96:3c:a9:c6:94:b6:29:13:3f:46:ec:38:46:7a:50:c0:
4c:0a:8b:cb:de:35:0b:32:e6:e6:d0:a3:b8:9d:e1:46:40:81:
12:ce:2b:48:10:67:54:1c:26:38:f6:14:3b:9c:44:6c:06:fa:
2c:56:a5:fd:74:5a:57:78:90:16:19:78:6e:ac:0d:1d:41:5e:
3a:76:b4:c5:88:56:f6:cc:d3:c5:10:60:1d:30:c1:d6:05:38:
f9:86:64:bb:49:e8:f2:9e:3a:44:25:ca:9f:b4:45:71:8d:41:
d1:71:45:f5:f8:aa:f8:42:49:7e:18:39:82:f6:9d:2c:8e:c1:
8b:e3:dc:49:ba:a0:19:16:c4:1f:3b:67:65:09:9c:20:f7:73:
4a:57:7b:4b:88:d1:b2:ac:e2:9b:dc:ab:65:4f:e2:14:9f:8a:
73:cf:02:88:fd:66:90:8e:b8:51:b3:da:d1:94:b8:72:1c:99:
67:89:e2:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvnfinu9QNmubJfsCTtn/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZmEyYTcwMDAzODgwZDc1NjE2MTJhM2MwYTEyNjAyY2Uz
NTQxYTQwHhcNMjMwMTAxMjMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjU4MDliYzY4YjFjNjcxZjI4ZGFkOThiNmU3OGM3ZjVkMzE2YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kHxWwDsHLeAasIHqShVdzAjTmkw
EkbHgUjbFvSrnGUgpPR57W706SJeWy1pu3vaJTN1mWDkc1f5j5r/QwadoJprMVmd
kvJSUfKwnRzOvKxk9yuw06J+96pk6hPBLcmO9qYzb6UcHc90fWKqMOYi6+O+glMM
QlwaSm2zqBV5BHtbpwIkCpsMM1JN03VFAHHdjMJ+Ty5U6Qmk+2Thy62L5lKTklrS
mtC54wwcT4XmVFeSFrQ9s4+M2CUdoE+avlPkJ3fzE8vmv2XNfFPUnqdLpRTc2mKu
BM/Y0K4z4X37JtApG0tCNqxEWtBI7pJzEmQKi10n5m0VCbVPnhp4INfW1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPJYCbxoscZx8o2tmLbnjH9dMWsxMB8GA1UdIwQY
MBaAFNL6KnAAOIDXVhYSo8ChJgLONUGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHZvcWNBQTRnTmRXRmhLandLRW1BczQxUWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iMjA3ZDEtOGI3Yi00ZTI3LTgzNzAt
YTc5NjUwMWU3N2ExLzEvOGxnSnZHaXh4bkh5amEyWXR1ZU1mMTB4YXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iMjA3ZDEtOGI3Yi00ZTI3LTgzNzAtYTc5NjUwMWU3N2Ex
LzEvMHZvcWNBQTRnTmRXRmhLandLRW1BczQxUWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLusoAwQC
U5boMA0EAgACMAcDBQAqANZAMA0GCSqGSIb3DQEBCwUAA4IBAQAK/x+c7xLeRQee
cZuZJYmSOLZIeBUkBZHELDkEW71faPeHqhMhzyDEGy7Yh4mOB7+j3zSqoHa4D6Bf
OcpJduugme29725q/cDFIpY8qcaUtikTP0bsOEZ6UMBMCovL3jULMubm0KO4neFG
QIESzitIEGdUHCY49hQ7nERsBvosVqX9dFpXeJAWGXhurA0dQV46drTFiFb2zNPF
EGAdMMHWBTj5hmS7SejynjpEJcqftEVxjUHRcUX1+Kr4Qkl+GDmC9p0sjsGL49xJ
uqAZFsQfO2dlCZwg93NKV3tLiNGyrOKb3KtlT+IUn4pzzwKI/WaQjrhRs9rRlLhy
HJlnieJI
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:13 2025 by rpki-client