Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Iggj3_6xEM-v_7YW3Mgulz131vo.roa
File: Iggj3_6xEM-v_7YW3Mgulz131vo.roa (raw, json)
Hash identifier: SC6d27N1ncbzZmx5Geqn49papdzctN9UooCyPZXasqs=
Subject key identifier: 22:08:23:DF:FE:B1:10:CF:AF:FF:B6:16:DC:C8:2E:97:3D:77:D6:FA
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018A6488986AC2751FFCA2F85CABF0E0004D
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Iggj3_6xEM-v_7YW3Mgulz131vo.roa
Signing time: Tue 05 Sep 2023 08:49:47 +0000
ROA not before: Tue 05 Sep 2023 08:49:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/24 maxlen: 24
46.175.130.0/24 maxlen: 24
185.110.63.0/24 maxlen: 24
123.253.213.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
141.98.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:88:98:6a:c2:75:1f:fc:a2:f8:5c:ab:f0:e0:00:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Sep 5 08:49:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=220823dffeb110cfafffb616dcc82e973d77d6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:dd:a0:de:fd:7e:15:1e:65:4c:1c:fa:fa:85:
c0:1b:51:6a:12:97:a1:a5:7c:e7:2a:b0:14:20:5b:
ea:96:99:ba:bb:33:7a:84:ea:6a:57:9d:60:84:a8:
59:8a:bf:c7:84:17:68:5e:98:66:7a:00:11:55:96:
bb:8a:be:e2:77:70:76:da:a8:2e:0b:31:21:55:b9:
5c:d8:a0:81:a7:f0:9e:39:61:16:08:1d:78:3e:36:
41:37:c3:02:24:3a:ad:2d:f2:e4:70:97:36:0c:47:
f9:4a:94:a3:7c:7b:50:b2:ad:7a:78:20:76:86:b1:
20:f0:f6:fc:49:98:d7:4c:eb:07:15:b2:d8:80:e5:
30:c0:b0:ed:8d:97:b6:04:ae:85:fc:87:3a:35:2c:
b1:c7:0b:9e:df:7d:51:3c:f7:14:06:24:6f:ab:9d:
d0:c3:4e:3e:c9:a1:2f:ae:95:7a:2c:ba:3e:e7:73:
1c:ed:2f:0a:54:76:3b:46:6e:8f:83:cc:a1:51:4b:
2b:ba:88:35:ab:5c:c8:16:05:23:d1:7a:6b:00:27:
bb:70:87:ae:5e:f1:e4:5b:f6:9d:65:55:ea:5a:8e:
f8:82:58:a4:f4:30:68:8f:c2:81:35:07:3d:fe:2e:
0b:4d:d5:c8:8a:5f:91:cf:e7:2c:14:1d:6b:c1:55:
58:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:08:23:DF:FE:B1:10:CF:AF:FF:B6:16:DC:C8:2E:97:3D:77:D6:FA
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Iggj3_6xEM-v_7YW3Mgulz131vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.130.0/24
123.253.212.0/23
141.98.137.0/24
141.98.139.0/24
185.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
56:39:67:29:b4:93:c8:de:9c:ae:a1:4e:d8:96:1d:5c:9e:bf:
0b:34:7a:b2:14:a9:ae:fe:6a:05:24:2b:15:3d:f5:82:7a:78:
85:7e:3e:db:7c:93:36:13:87:ea:22:0c:9b:fa:8d:1a:d8:89:
61:1a:c7:ff:82:06:86:35:37:b8:f5:79:1c:66:29:79:50:6c:
a5:05:e0:7c:a5:ab:b3:8c:e3:d6:44:a3:b6:9c:96:5f:28:39:
14:80:05:81:b4:a9:4c:f7:45:a7:92:27:73:21:4f:92:22:aa:
3c:e1:44:99:e1:06:bc:33:5a:d1:48:b6:2e:96:53:3e:d1:2b:
f9:81:b7:f7:5f:b0:09:a8:b1:dc:20:37:54:5b:3b:cb:1c:3b:
fc:6e:78:7b:63:36:e8:77:a6:ba:b6:e1:51:32:d8:b8:03:ab:
0e:6f:c0:54:cd:30:7b:cb:e8:2d:50:ab:3b:98:ad:60:b7:dc:
b0:2b:2e:fb:8c:8b:4c:a3:e0:48:65:23:fd:e9:2b:81:a5:a8:
ae:1c:d1:6c:3f:d6:59:28:41:cf:73:9c:4c:b1:4e:42:23:c0:
e5:5a:71:1e:7e:95:80:ea:72:2d:e9:53:e2:69:7a:79:12:37:
37:3a:63:f7:20:e5:1d:30:10:9b:9c:77:a2:ca:5a:a2:39:7c:
c3:57:c8:a6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpkiJhqwnUf/KL4XKvw4ABNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwOTA1MDg0OTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjA4MjNkZmZlYjExMGNmYWZmZmI2MTZkY2M4MmU5NzNkNzdkNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn92g3v1+FR5lTBz6+oXAG1FqEpeh
pXznKrAUIFvqlpm6uzN6hOpqV51ghKhZir/HhBdoXphmegARVZa7ir7id3B22qgu
CzEhVblc2KCBp/CeOWEWCB14PjZBN8MCJDqtLfLkcJc2DEf5SpSjfHtQsq16eCB2
hrEg8Pb8SZjXTOsHFbLYgOUwwLDtjZe2BK6F/Ic6NSyxxwue331RPPcUBiRvq53Q
w04+yaEvrpV6LLo+53Mc7S8KVHY7Rm6Pg8yhUUsruog1q1zIFgUj0XprACe7cIeu
XvHkW/adZVXqWo74glik9DBoj8KBNQc9/i4LTdXIil+Rz+csFB1rwVVYcwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCIII9/+sRDPr/+2FtzILpc9d9b6MB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvSWdnajNfNnhFTS12XzdZVzNNZ3VsejEzMXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALq+CAwQB
e/3UAwQAjWKJAwQAjWKLAwQAuW4/MA0GCSqGSIb3DQEBCwUAA4IBAQBWOWcptJPI
3pyuoU7Ylh1cnr8LNHqyFKmu/moFJCsVPfWCeniFfj7bfJM2E4fqIgyb+o0a2Ilh
Gsf/ggaGNTe49XkcZil5UGylBeB8pauzjOPWRKO2nJZfKDkUgAWBtKlM90Wnkidz
IU+SIqo84USZ4Qa8M1rRSLYullM+0Sv5gbf3X7AJqLHcIDdUWzvLHDv8bnh7Yzbo
d6a6tuFRMti4A6sOb8BUzTB7y+gtUKs7mK1gt9ywKy77jItMo+BIZSP96SuBpaiu
HNFsP9ZZKEHPc5xMsU5CI8DlWnEefpWA6nIt6VPiaXp5Ejc3OmP3IOUdMBCbnHei
ylqiOXzDV8im
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:03 2025 by rpki-client