Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/Jj7owRpXCsJW-9P-sTm2nBcKHBA.roa
File: Jj7owRpXCsJW-9P-sTm2nBcKHBA.roa (raw, json)
Hash identifier: YDU3Xg5XmTqAVTBDLWoznH/PN0Vgm33S9b+5vdJLuzE=
Subject key identifier: 26:3E:E8:C1:1A:57:0A:C2:56:FB:D3:FE:B1:39:B6:9C:17:0A:1C:10
Certificate issuer: /CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Certificate serial: 0185530A994AC5CE28404BD84F59B41AF797
Authority key identifier: F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/Jj7owRpXCsJW-9P-sTm2nBcKHBA.roa
Signing time: Tue 27 Dec 2022 10:04:41 +0000
ROA not before: Tue 27 Dec 2022 10:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210356
IP address blocks: 178.255.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:0a:99:4a:c5:ce:28:40:4b:d8:4f:59:b4:1a:f7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Validity
Not Before: Dec 27 10:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=263ee8c11a570ac256fbd3feb139b69c170a1c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:65:05:53:27:3a:f7:2e:fe:55:c3:81:15:51:
5f:22:5e:96:6b:b2:04:47:f4:94:17:8d:f9:05:4d:
23:bc:6c:da:1d:93:5f:c8:6a:b6:34:f4:a1:35:83:
1f:a5:0a:aa:5b:2c:d6:50:ce:33:05:e7:03:57:14:
53:03:2b:43:ba:da:80:dc:9b:9d:85:79:37:f6:a7:
84:d1:d3:2a:ba:aa:75:09:a4:8d:95:96:43:75:7b:
57:47:2d:78:0c:60:b3:35:ee:79:e5:53:f4:aa:4e:
f9:49:1d:c6:12:a6:ca:5c:b7:b7:e1:64:76:cd:42:
15:00:35:0e:ac:26:04:0e:08:58:af:77:c5:c1:ef:
65:79:5d:03:94:29:1d:88:2d:56:bc:f9:7b:63:7b:
f4:6a:96:63:35:91:14:0a:4b:13:83:34:c2:01:03:
9e:76:e6:68:1e:fd:44:2a:24:18:29:2a:fd:f0:b1:
26:1b:01:7c:de:1c:4f:73:43:37:d2:6a:e1:12:d6:
1b:cd:78:b1:7a:47:bc:fa:71:d5:fd:2f:da:7e:a1:
11:2d:db:48:6a:45:1f:2f:71:77:e5:76:8f:5f:4a:
0b:26:c8:6b:2b:b5:0c:97:75:1d:21:30:6b:d7:8a:
93:74:b7:0c:69:df:50:17:ed:35:8a:f5:70:a7:6a:
cb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3E:E8:C1:1A:57:0A:C2:56:FB:D3:FE:B1:39:B6:9C:17:0A:1C:10
X509v3 Authority Key Identifier:
keyid:F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/Jj7owRpXCsJW-9P-sTm2nBcKHBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/87KAXYd27t63qky-WvVozbJin8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.219.0/24
Signature Algorithm: sha256WithRSAEncryption
58:12:38:42:6b:2f:84:4a:ad:a9:72:8c:00:db:33:b2:5f:92:
ec:31:04:aa:a6:16:81:f5:54:b7:58:56:6c:a1:b9:c0:95:90:
68:4a:90:5e:2b:1f:bc:cd:af:62:31:ce:77:a3:41:30:ac:61:
8b:24:91:10:aa:71:5d:db:f7:35:b4:1b:b5:e3:fa:12:b8:d4:
9a:ed:1b:f8:91:95:23:02:3e:68:c5:df:f9:d1:07:c1:43:44:
36:9d:79:03:38:a0:12:31:20:b3:33:36:32:60:c6:53:fe:3e:
be:50:2b:e0:25:fe:b3:ff:bf:49:d5:b7:6e:c0:1d:bf:d2:df:
72:08:6e:0c:53:fe:55:08:c1:90:d8:1a:27:15:21:51:33:62:
0c:2e:51:c9:a4:34:f1:92:57:d5:c6:52:60:42:12:7e:c9:df:
03:2d:be:66:61:af:a7:ed:83:fb:d0:79:0e:b8:76:3c:36:30:
c8:9e:81:9e:00:7a:46:a6:06:67:dd:83:01:01:b7:b3:7b:b1:
23:ce:25:8e:db:60:11:37:53:aa:a0:7f:2e:65:5a:a6:77:8d:
20:16:e7:cb:00:39:45:f6:3f:ea:e7:11:d2:94:56:bf:73:d9:
e8:c8:c0:76:aa:73:1f:12:e2:a3:c7:36:bc:75:0f:1b:d0:e3:
10:fe:d2:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVTCplKxc4oQEvYT1m0GveXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjI4MDVkODc3NmVlZGViN2FhNGNiZTVhZjU2OGNkYjI2
MjlmYzIwHhcNMjIxMjI3MTAwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNlZThjMTFhNTcwYWMyNTZmYmQzZmViMTM5YjY5YzE3MGExYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGUFUyc69y7+VcOBFVFfIl6Wa7IE
R/SUF435BU0jvGzaHZNfyGq2NPShNYMfpQqqWyzWUM4zBecDVxRTAytDutqA3Jud
hXk39qeE0dMquqp1CaSNlZZDdXtXRy14DGCzNe555VP0qk75SR3GEqbKXLe34WR2
zUIVADUOrCYEDghYr3fFwe9leV0DlCkdiC1WvPl7Y3v0apZjNZEUCksTgzTCAQOe
duZoHv1EKiQYKSr98LEmGwF83hxPc0M30mrhEtYbzXixeke8+nHV/S/afqERLdtI
akUfL3F35XaPX0oLJshrK7UMl3UdITBr14qTdLcMad9QF+01ivVwp2rLCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCY+6MEaVwrCVvvT/rE5tpwXChwQMB8GA1UdIwQY
MBaAFPOygF2Hdu7et6pMvlr1aM2yYp/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgt
ODNiYzc5NzI3OGUyLzEvSmo3b3dScFhDc0pXLTlQLXNUbTJuQmNLSEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgtODNiYzc5NzI3OGUy
LzEvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv/bMA0G
CSqGSIb3DQEBCwUAA4IBAQBYEjhCay+ESq2pcowA2zOyX5LsMQSqphaB9VS3WFZs
obnAlZBoSpBeKx+8za9iMc53o0EwrGGLJJEQqnFd2/c1tBu14/oSuNSa7Rv4kZUj
Aj5oxd/50QfBQ0Q2nXkDOKASMSCzMzYyYMZT/j6+UCvgJf6z/79J1bduwB2/0t9y
CG4MU/5VCMGQ2BonFSFRM2IMLlHJpDTxklfVxlJgQhJ+yd8DLb5mYa+n7YP70HkO
uHY8NjDInoGeAHpGpgZn3YMBAbeze7EjziWO22ARN1OqoH8uZVqmd40gFufLADlF
9j/q5xHSlFa/c9noyMB2qnMfEuKjxza8dQ8b0OMQ/tIc
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:35 2025 by rpki-client