Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/5a7e46-ce1b-4955-9f39-4b311326c230/1/8Iu6cUKzlYP_2NrogD4RvxC7Xv8.roa
File: 8Iu6cUKzlYP_2NrogD4RvxC7Xv8.roa (raw, json)
Hash identifier: 57Nr7DrbViHf69wujGdML60HHxILlvalhF+3f1NxDe4=
Subject key identifier: F0:8B:BA:71:42:B3:95:83:FF:D8:DA:E8:80:3E:11:BF:10:BB:5E:FF
Certificate issuer: /CN=9a03525f68eb6b235f1de22b60b1baed2fc7ff83
Certificate serial: 01856E8B249716876D3F6A5A9B2F7431C255
Authority key identifier: 9A:03:52:5F:68:EB:6B:23:5F:1D:E2:2B:60:B1:BA:ED:2F:C7:FF:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mgNSX2jrayNfHeIrYLG67S_H_4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/5a7e46-ce1b-4955-9f39-4b311326c230/1/8Iu6cUKzlYP_2NrogD4RvxC7Xv8.roa
Signing time: Sun 01 Jan 2023 18:14:50 +0000
ROA not before: Sun 01 Jan 2023 18:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201607
IP address blocks: 185.64.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:24:97:16:87:6d:3f:6a:5a:9b:2f:74:31:c2:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a03525f68eb6b235f1de22b60b1baed2fc7ff83
Validity
Not Before: Jan 1 18:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f08bba7142b39583ffd8dae8803e11bf10bb5eff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:40:2b:0e:52:94:da:51:0a:34:5f:29:70:1d:
57:9a:6a:77:13:d6:f0:4c:47:bf:21:74:79:72:e1:
1e:f1:48:2b:df:3b:6e:8a:f2:5f:7d:bc:29:c4:99:
db:11:ab:fe:cf:50:d4:9b:49:ae:00:92:9e:e8:62:
80:b3:39:3e:36:af:da:90:62:79:ca:22:7f:93:ea:
99:84:68:1d:1d:89:6c:3d:e9:b4:1a:3d:b1:84:a6:
29:fa:eb:67:00:7f:70:42:5d:14:e1:50:cd:0c:c8:
b6:88:59:fd:af:d0:e1:29:c4:de:ed:cd:a5:00:ab:
19:6a:96:75:b8:a0:34:16:1d:26:01:44:96:4e:af:
e6:81:d8:cd:67:d9:5c:53:00:77:3b:ee:f3:49:36:
5d:8a:e0:9b:a1:2a:5a:60:9b:b8:3a:c1:91:9e:95:
57:6b:bf:db:08:f1:28:61:b3:22:da:39:ac:79:4a:
ec:b6:75:e0:3e:d2:c0:12:86:2c:02:12:fa:84:27:
43:f7:f8:c6:e3:9a:5b:fc:1b:89:a0:c9:03:fd:d4:
26:e4:57:70:38:52:8a:70:42:96:9c:33:c0:cf:7b:
31:5c:8c:b4:d7:ef:7e:89:1e:58:01:15:2f:c0:4a:
53:58:d7:67:3e:37:42:d7:07:08:65:98:7d:5d:9f:
c8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8B:BA:71:42:B3:95:83:FF:D8:DA:E8:80:3E:11:BF:10:BB:5E:FF
X509v3 Authority Key Identifier:
keyid:9A:03:52:5F:68:EB:6B:23:5F:1D:E2:2B:60:B1:BA:ED:2F:C7:FF:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgNSX2jrayNfHeIrYLG67S_H_4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5a7e46-ce1b-4955-9f39-4b311326c230/1/8Iu6cUKzlYP_2NrogD4RvxC7Xv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5a7e46-ce1b-4955-9f39-4b311326c230/1/mgNSX2jrayNfHeIrYLG67S_H_4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.16.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:b0:7f:4a:23:d2:0e:2d:3c:4d:06:a0:d1:64:85:d6:aa:7d:
9a:99:61:fa:de:ef:e6:48:e7:b0:ea:d1:71:c7:15:f8:0e:6a:
cb:e6:d3:54:fb:2c:5d:d2:24:80:64:3c:a2:8f:f0:34:da:90:
cb:2f:78:29:44:f2:56:2d:6d:d9:9e:d3:7a:96:be:f9:bb:b8:
1e:0f:91:f4:fd:4b:5e:15:3e:6e:0a:12:9a:62:c1:ea:a5:8d:
f2:2a:9d:3d:b2:ab:df:01:01:c6:fa:0a:d5:f1:6f:dc:0f:30:
54:ae:09:19:10:f5:f2:ed:d8:86:6f:b7:59:7d:3f:54:f9:3a:
91:88:e2:6e:56:a2:53:3b:30:65:58:07:a6:e6:db:1f:e3:83:
c2:85:34:d6:84:e2:7f:1c:f0:c1:82:ae:0f:36:09:58:48:92:
b5:13:94:d3:8a:44:87:64:c1:cb:0d:8a:fe:02:ac:78:ae:b4:
87:5a:48:1d:3c:d2:c0:83:58:f0:08:41:cd:ad:f6:7c:a2:92:
62:9e:a1:12:62:3f:de:85:42:42:fb:86:ae:86:23:8d:31:ed:
12:fa:8a:0c:78:77:17:e5:ca:b4:64:8b:b9:44:04:0d:9f:66:
ac:88:c1:68:fb:c5:45:ea:72:1e:4a:b6:2a:f4:20:3c:82:b0:
7e:72:3a:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuiySXFodtP2pamy90McJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMDM1MjVmNjhlYjZiMjM1ZjFkZTIyYjYwYjFiYWVkMmZj
N2ZmODMwHhcNMjMwMTAxMTgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDhiYmE3MTQyYjM5NTgzZmZkOGRhZTg4MDNlMTFiZjEwYmI1ZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0ArDlKU2lEKNF8pcB1Xmmp3E9bw
TEe/IXR5cuEe8Ugr3ztuivJffbwpxJnbEav+z1DUm0muAJKe6GKAszk+Nq/akGJ5
yiJ/k+qZhGgdHYlsPem0Gj2xhKYp+utnAH9wQl0U4VDNDMi2iFn9r9DhKcTe7c2l
AKsZapZ1uKA0Fh0mAUSWTq/mgdjNZ9lcUwB3O+7zSTZdiuCboSpaYJu4OsGRnpVX
a7/bCPEoYbMi2jmseUrstnXgPtLAEoYsAhL6hCdD9/jG45pb/BuJoMkD/dQm5Fdw
OFKKcEKWnDPAz3sxXIy01+9+iR5YARUvwEpTWNdnPjdC1wcIZZh9XZ/IBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPCLunFCs5WD/9ja6IA+Eb8Qu17/MB8GA1UdIwQY
MBaAFJoDUl9o62sjXx3iK2Cxuu0vx/+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWdOU1gyanJheU5mSGVJcllMRzY3U19IXzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81YTdlNDYtY2UxYi00OTU1LTlmMzkt
NGIzMTEzMjZjMjMwLzEvOEl1NmNVS3psWVBfMk5yb2dENFJ2eEM3WHY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81YTdlNDYtY2UxYi00OTU1LTlmMzktNGIzMTEzMjZjMjMw
LzEvbWdOU1gyanJheU5mSGVJcllMRzY3U19IXzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUAQMA0G
CSqGSIb3DQEBCwUAA4IBAQCqsH9KI9IOLTxNBqDRZIXWqn2amWH63u/mSOew6tFx
xxX4DmrL5tNU+yxd0iSAZDyij/A02pDLL3gpRPJWLW3ZntN6lr75u7geD5H0/Ute
FT5uChKaYsHqpY3yKp09sqvfAQHG+grV8W/cDzBUrgkZEPXy7diGb7dZfT9U+TqR
iOJuVqJTOzBlWAem5tsf44PChTTWhOJ/HPDBgq4PNglYSJK1E5TTikSHZMHLDYr+
Aqx4rrSHWkgdPNLAg1jwCEHNrfZ8opJinqESYj/ehUJC+4auhiONMe0S+ooMeHcX
5cq0ZIu5RAQNn2asiMFo+8VF6nIeSrYq9CA8grB+cjqn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:58 2025 by rpki-client