Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/6a0102-417d-49bf-b193-48ba928fb1be/1/f8CjERF_h3E33tn9BA5zoHyLLvI.roa
File: f8CjERF_h3E33tn9BA5zoHyLLvI.roa (raw, json)
Hash identifier: J/8QN81wJVlFg94eeSui95NjDHR1+dO2SYpWLBKSVic=
Subject key identifier: 7F:C0:A3:11:11:7F:87:71:37:DE:D9:FD:04:0E:73:A0:7C:8B:2E:F2
Certificate issuer: /CN=6f846c8c0db65dc746ef64cfd82bb9c194e27f73
Certificate serial: 01856D13AC29EFCDA0D81321129972773724
Authority key identifier: 6F:84:6C:8C:0D:B6:5D:C7:46:EF:64:CF:D8:2B:B9:C1:94:E2:7F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4RsjA22XcdG72TP2Cu5wZTif3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/6a0102-417d-49bf-b193-48ba928fb1be/1/f8CjERF_h3E33tn9BA5zoHyLLvI.roa
Signing time: Sun 01 Jan 2023 11:24:43 +0000
ROA not before: Sun 01 Jan 2023 11:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62417
IP address blocks: 185.32.78.0/24 maxlen: 24
185.32.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:ac:29:ef:cd:a0:d8:13:21:12:99:72:77:37:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f846c8c0db65dc746ef64cfd82bb9c194e27f73
Validity
Not Before: Jan 1 11:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fc0a311117f877137ded9fd040e73a07c8b2ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1a:6b:53:94:99:65:aa:d2:66:8c:d7:92:08:
6b:e4:4c:43:c2:aa:d9:af:28:77:cc:05:47:f9:4b:
2f:32:a7:ef:91:75:d5:d3:13:d6:70:1f:6c:6d:c8:
9e:8a:5c:85:8f:0d:a8:23:fa:d4:69:76:bf:a6:9a:
98:e6:7d:7e:e5:40:fb:91:e9:0a:c9:c5:3a:d5:f5:
7b:e6:e4:c1:2c:09:d2:b3:c2:2c:15:95:78:e8:b6:
f1:cd:e2:df:ef:29:ce:a2:aa:9e:3b:ee:0e:e6:6b:
4c:20:74:62:6e:01:64:6f:14:f5:7e:5d:06:d9:58:
00:69:90:4f:b2:4b:d7:18:ca:56:2a:12:55:23:ff:
62:c1:b0:23:bd:11:93:fa:26:22:d3:11:0e:79:68:
a8:56:1a:c0:f2:09:56:f8:10:a5:e4:f7:c9:de:36:
c5:7f:d3:96:49:ed:5c:75:38:9c:00:f3:cd:64:5e:
f5:6c:9c:ee:e1:0f:02:9d:db:a8:8f:57:0f:f6:c6:
da:6f:3c:28:4d:cc:be:6c:4a:e4:da:da:9f:76:08:
16:6c:07:79:82:2d:6d:60:d7:af:90:f5:5a:cf:62:
c4:b1:13:58:bc:9e:e6:ec:54:d7:1c:1a:6b:88:a7:
7a:08:d4:ce:e7:8d:21:a9:b0:c0:68:a7:89:1e:43:
59:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C0:A3:11:11:7F:87:71:37:DE:D9:FD:04:0E:73:A0:7C:8B:2E:F2
X509v3 Authority Key Identifier:
keyid:6F:84:6C:8C:0D:B6:5D:C7:46:EF:64:CF:D8:2B:B9:C1:94:E2:7F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4RsjA22XcdG72TP2Cu5wZTif3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/6a0102-417d-49bf-b193-48ba928fb1be/1/f8CjERF_h3E33tn9BA5zoHyLLvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/6a0102-417d-49bf-b193-48ba928fb1be/1/b4RsjA22XcdG72TP2Cu5wZTif3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.78.0/23
Signature Algorithm: sha256WithRSAEncryption
60:c1:96:b6:88:4d:9b:89:76:21:11:fe:ed:e8:c9:93:96:bb:
f9:69:e8:d2:e7:c3:9f:ec:85:0d:00:01:cf:a6:28:c1:21:32:
57:c0:e0:e5:c5:bd:7d:14:c0:b9:9a:4a:c4:4c:c3:ab:bf:c1:
28:18:ca:76:5d:90:8d:42:db:3f:cc:d1:6b:bb:5a:65:e5:92:
c0:ce:80:33:5f:aa:25:c8:70:fd:00:8d:26:98:65:f3:b1:fa:
fc:52:ad:ee:7a:8d:93:59:72:27:71:6b:08:14:97:c4:c5:5a:
2a:5d:3d:e0:8e:14:e2:8f:e6:22:d4:9e:9d:bf:1f:05:32:d8:
1c:de:b5:b8:bb:73:2f:64:41:9b:7a:7a:31:e9:dc:3d:d6:da:
10:1e:cd:0b:18:f8:58:fc:63:cb:70:12:7d:e5:cd:9c:41:8e:
08:84:20:44:20:78:07:04:c0:4f:4e:35:45:6e:e0:32:05:ea:
e2:df:b1:f6:cc:31:9b:7a:2b:d5:bc:ad:c6:61:88:e1:f5:d4:
b9:d3:3f:9a:63:9b:b4:fa:fc:57:ce:0b:3f:1f:7c:dc:a4:c7:
9b:4e:46:95:02:46:50:9b:00:15:51:93:43:dc:a2:c1:a8:f7:
3d:e5:a8:95:b5:81:a7:c7:5a:9f:0b:de:32:21:fe:d6:15:8b:
7b:9b:a1:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE6wp782g2BMhEplydzckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODQ2YzhjMGRiNjVkYzc0NmVmNjRjZmQ4MmJiOWMxOTRl
MjdmNzMwHhcNMjMwMTAxMTEyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmMwYTMxMTExN2Y4NzcxMzdkZWQ5ZmQwNDBlNzNhMDdjOGIyZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBprU5SZZarSZozXkghr5ExDwqrZ
ryh3zAVH+UsvMqfvkXXV0xPWcB9sbcieilyFjw2oI/rUaXa/ppqY5n1+5UD7kekK
ycU61fV75uTBLAnSs8IsFZV46LbxzeLf7ynOoqqeO+4O5mtMIHRibgFkbxT1fl0G
2VgAaZBPskvXGMpWKhJVI/9iwbAjvRGT+iYi0xEOeWioVhrA8glW+BCl5PfJ3jbF
f9OWSe1cdTicAPPNZF71bJzu4Q8Cnduoj1cP9sbabzwoTcy+bErk2tqfdggWbAd5
gi1tYNevkPVaz2LEsRNYvJ7m7FTXHBpriKd6CNTO540hqbDAaKeJHkNZBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/AoxERf4dxN97Z/QQOc6B8iy7yMB8GA1UdIwQY
MBaAFG+EbIwNtl3HRu9kz9grucGU4n9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRSc2pBMjJYY2RHNzJUUDJDdTV3WlRpZjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS82YTAxMDItNDE3ZC00OWJmLWIxOTMt
NDhiYTkyOGZiMWJlLzEvZjhDakVSRl9oM0UzM3RuOUJBNXpvSHlMTHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS82YTAxMDItNDE3ZC00OWJmLWIxOTMtNDhiYTkyOGZiMWJl
LzEvYjRSc2pBMjJYY2RHNzJUUDJDdTV3WlRpZjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSBOMA0G
CSqGSIb3DQEBCwUAA4IBAQBgwZa2iE2biXYhEf7t6MmTlrv5aejS58Of7IUNAAHP
pijBITJXwODlxb19FMC5mkrETMOrv8EoGMp2XZCNQts/zNFru1pl5ZLAzoAzX6ol
yHD9AI0mmGXzsfr8Uq3ueo2TWXIncWsIFJfExVoqXT3gjhTij+Yi1J6dvx8FMtgc
3rW4u3MvZEGbenox6dw91toQHs0LGPhY/GPLcBJ95c2cQY4IhCBEIHgHBMBPTjVF
buAyBeri37H2zDGbeivVvK3GYYjh9dS50z+aY5u0+vxXzgs/H3zcpMebTkaVAkZQ
mwAVUZND3KLBqPc95aiVtYGnx1qfC94yIf7WFYt7m6Hy
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:39:36 2025 by rpki-client