Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/8PxkLulU6kq5d9OZaqCcoFfE48w.roa
File: 8PxkLulU6kq5d9OZaqCcoFfE48w.roa (raw, json)
Hash identifier: v9Ll0VcR3RC/8inQgg4A869vfkUNCHSzXoohI2x1y44=
Subject key identifier: F0:FC:64:2E:E9:54:EA:4A:B9:77:D3:99:6A:A0:9C:A0:57:C4:E3:CC
Certificate issuer: /CN=d58214cfa326611e9d494135a12ce8276f0f1784
Certificate serial: 018ABC651AC78C8C959E0EE8AB6BBC2B2F83
Authority key identifier: D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/8PxkLulU6kq5d9OZaqCcoFfE48w.roa
Signing time: Fri 22 Sep 2023 10:17:37 +0000
ROA not before: Fri 22 Sep 2023 10:17:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216264
IP address blocks: 194.150.174.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:65:1a:c7:8c:8c:95:9e:0e:e8:ab:6b:bc:2b:2f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58214cfa326611e9d494135a12ce8276f0f1784
Validity
Not Before: Sep 22 10:17:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0fc642ee954ea4ab977d3996aa09ca057c4e3cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2b:56:90:a9:e3:43:48:2d:46:74:54:6e:3d:
6b:b9:99:2b:d0:92:e6:06:b5:20:d7:08:56:4e:21:
9e:6b:4b:fa:97:f8:01:8e:11:66:87:f4:ef:88:23:
29:de:6c:e3:ba:fe:16:32:96:e4:bf:97:c3:06:74:
c1:b2:47:2c:f9:b8:7e:53:c4:fe:37:e8:38:65:dc:
99:62:2f:72:a1:4d:4e:81:30:62:57:54:99:89:6d:
f1:0f:6e:47:ed:05:98:f0:ae:29:49:f5:e2:cb:ae:
a9:04:9c:c7:f0:f9:ae:9d:78:53:2f:0b:0d:51:32:
08:7e:94:86:53:c0:a3:21:a7:8b:32:7e:58:0e:22:
5a:35:5d:99:1d:8f:93:a7:37:77:0f:bb:d5:15:33:
15:31:73:cd:4d:0b:a6:08:e3:47:69:0c:0d:66:26:
ad:35:d3:6a:45:78:35:58:9f:89:37:32:bc:9f:3c:
e4:9d:38:3e:b0:5b:ce:d7:d1:4d:22:47:f7:f9:ed:
06:0a:7b:a7:ba:83:e0:db:43:28:d6:4f:64:57:85:
72:80:45:6b:42:a4:38:c9:b6:a1:c3:6c:ca:1a:be:
f3:0e:bb:5c:45:69:db:e1:be:22:ba:52:92:55:8f:
57:3d:d2:86:e4:fd:41:31:82:67:d4:92:56:b3:fc:
56:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:FC:64:2E:E9:54:EA:4A:B9:77:D3:99:6A:A0:9C:A0:57:C4:E3:CC
X509v3 Authority Key Identifier:
keyid:D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/8PxkLulU6kq5d9OZaqCcoFfE48w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.174.0/23
Signature Algorithm: sha256WithRSAEncryption
26:1a:51:ac:27:60:4b:2e:37:97:4b:32:e0:5c:f1:a6:34:2d:
81:aa:ef:7c:ba:84:d8:65:cd:0f:22:00:4b:b6:08:5b:61:7a:
64:09:4b:fa:ed:34:c5:17:31:26:ed:e7:ed:da:36:7f:b8:27:
45:9a:bd:fa:db:d4:dd:eb:8f:0b:de:11:20:a3:e7:04:d0:39:
75:50:d6:3c:e5:68:e8:aa:2d:1f:68:ca:58:c9:48:5c:49:8a:
8f:82:74:c1:05:0f:5b:26:5f:bc:1b:53:3c:da:39:cd:eb:86:
f7:db:00:57:c7:c9:fe:1c:5c:2a:ad:61:79:b5:4e:f6:25:51:
54:63:5a:63:bd:d9:4d:5e:e0:a7:97:84:88:75:f7:1a:fb:3b:
7f:c7:28:51:65:bb:34:80:c9:5d:7e:8c:ff:5d:99:61:37:ea:
92:06:3a:8b:8e:3d:04:c9:51:70:68:5b:49:cb:52:1c:b3:dd:
15:ba:ac:ab:d4:24:b6:0d:6c:5e:39:68:2a:0f:6d:93:95:48:
16:55:85:b5:fc:87:c3:2a:71:fb:b6:e0:e3:37:85:07:4c:c6:
b5:f8:fb:5b:93:a8:fc:f5:ee:fc:f4:f0:b4:c7:65:29:8f:f1:
6f:6e:6b:9c:77:83:35:e5:63:22:61:5e:eb:35:5a:5c:33:2a:
c9:af:62:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq8ZRrHjIyVng7oq2u8Ky+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ODIxNGNmYTMyNjYxMWU5ZDQ5NDEzNWExMmNlODI3NmYw
ZjE3ODQwHhcNMjMwOTIyMTAxNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZjNjQyZWU5NTRlYTRhYjk3N2QzOTk2YWEwOWNhMDU3YzRlM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnitWkKnjQ0gtRnRUbj1ruZkr0JLm
BrUg1whWTiGea0v6l/gBjhFmh/TviCMp3mzjuv4WMpbkv5fDBnTBskcs+bh+U8T+
N+g4ZdyZYi9yoU1OgTBiV1SZiW3xD25H7QWY8K4pSfXiy66pBJzH8PmunXhTLwsN
UTIIfpSGU8CjIaeLMn5YDiJaNV2ZHY+Tpzd3D7vVFTMVMXPNTQumCONHaQwNZiat
NdNqRXg1WJ+JNzK8nzzknTg+sFvO19FNIkf3+e0GCnunuoPg20Mo1k9kV4VygEVr
QqQ4ybahw2zKGr7zDrtcRWnb4b4iulKSVY9XPdKG5P1BMYJn1JJWs/xWkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPD8ZC7pVOpKuXfTmWqgnKBXxOPMMB8GA1UdIwQY
MBaAFNWCFM+jJmEenUlBNaEs6CdvDxeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQt
MTA3OWQ1NWFlZTkxLzEvOFB4a0x1bFU2a3E1ZDlPWmFxQ2NvRmZFNDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQtMTA3OWQ1NWFlZTkx
LzEvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpauMA0G
CSqGSIb3DQEBCwUAA4IBAQAmGlGsJ2BLLjeXSzLgXPGmNC2Bqu98uoTYZc0PIgBL
tghbYXpkCUv67TTFFzEm7eft2jZ/uCdFmr3629Td648L3hEgo+cE0Dl1UNY85Wjo
qi0faMpYyUhcSYqPgnTBBQ9bJl+8G1M82jnN64b32wBXx8n+HFwqrWF5tU72JVFU
Y1pjvdlNXuCnl4SIdfca+zt/xyhRZbs0gMldfoz/XZlhN+qSBjqLjj0EyVFwaFtJ
y1Ics90Vuqyr1CS2DWxeOWgqD22TlUgWVYW1/IfDKnH7tuDjN4UHTMa1+Ptbk6j8
9e789PC0x2Upj/Fvbmucd4M15WMiYV7rNVpcMyrJr2JZ
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:00:45 2025 by rpki-client