Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/0OkTg8exPwxDbmXqcyg42q0jj0Q.roa
File: 0OkTg8exPwxDbmXqcyg42q0jj0Q.roa (raw, json)
Hash identifier: qwHYTQz8x35JjMegbNhz6jhHTi7RjzL4AyT5fbNJxAw=
Subject key identifier: D0:E9:13:83:C7:B1:3F:0C:43:6E:65:EA:73:28:38:DA:AD:23:8F:44
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018C43CC59BBC6E48C32A74A4A8EAA8DB333
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/0OkTg8exPwxDbmXqcyg42q0jj0Q.roa
Signing time: Thu 07 Dec 2023 10:21:54 +0000
ROA not before: Thu 07 Dec 2023 10:21:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24866
IP address blocks: 178.177.40.0/24 maxlen: 24
178.177.49.0/24 maxlen: 24
178.176.227.0/24 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:cc:59:bb:c6:e4:8c:32:a7:4a:4a:8e:aa:8d:b3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 7 10:21:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0e91383c7b13f0c436e65ea732838daad238f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:f5:ea:32:53:c0:e2:22:4e:3a:69:6e:28:
a2:81:c5:78:cb:ab:a8:36:ae:b5:38:65:df:7f:c4:
98:20:28:65:b7:be:1d:03:d8:47:2e:bb:ee:7d:b8:
fa:4b:8c:a3:f8:52:b4:a4:bd:2c:68:8e:ed:19:01:
86:5b:be:28:2e:30:35:55:76:46:78:0f:f1:f4:66:
de:b1:90:d9:71:f6:bd:ff:f7:79:3a:a2:d9:cf:aa:
f4:d9:82:2b:d9:a3:c4:88:a4:24:85:75:1b:7b:da:
90:43:1d:c3:ae:48:6a:10:9f:b1:04:cf:b1:89:16:
1b:59:f5:25:a6:1c:35:85:8b:49:9d:92:50:0a:19:
64:09:cf:b0:c3:63:03:9a:ac:a2:c9:9c:2e:d1:10:
23:5c:74:68:8b:4e:fd:a3:eb:f6:96:e5:13:b3:0e:
b8:01:ab:d4:83:c8:9d:17:f2:67:88:6c:44:61:5d:
0c:28:2a:75:a2:95:83:cb:d8:c1:92:b9:48:ee:82:
7c:70:f5:79:85:b4:8b:2d:db:1a:03:02:7c:6f:ed:
2a:74:26:35:14:5c:4e:94:67:3e:e6:73:ca:57:f5:
37:91:b2:4d:ab:9e:cf:8e:f5:eb:ec:83:73:24:71:
d1:84:7a:bb:73:89:08:8a:fb:9d:31:bc:15:e4:cb:
f9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E9:13:83:C7:B1:3F:0C:43:6E:65:EA:73:28:38:DA:AD:23:8F:44
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/0OkTg8exPwxDbmXqcyg42q0jj0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.176.227.0-178.176.229.255
178.177.40.0/24
178.177.49.0/24
Signature Algorithm: sha256WithRSAEncryption
60:23:58:68:bf:c9:27:55:8d:10:1d:d6:d3:98:63:db:97:b7:
22:d4:4e:25:33:cd:e7:08:4b:48:4f:d9:1e:a4:79:69:d0:70:
0f:29:9c:29:6e:a3:42:33:88:22:83:83:05:37:06:f7:c8:71:
f5:2a:04:de:24:f9:85:94:28:63:f0:f2:47:07:31:b5:aa:f4:
b8:db:97:61:83:f8:52:27:67:93:c2:59:21:2a:3b:fc:b8:51:
21:b8:3f:fb:62:82:d2:9f:97:82:6e:47:ef:32:82:24:2d:cf:
6e:bd:ee:20:8e:fc:2d:b5:81:ec:f9:83:5a:f3:ee:ac:d9:b3:
8d:be:4b:29:49:6c:1f:12:71:ef:85:73:54:6c:3f:c1:4c:c4:
56:69:76:5f:a0:5d:98:d0:21:2a:5d:80:ef:90:da:de:8c:31:
92:cc:14:71:ef:b1:ed:b2:0b:43:0e:91:dc:0f:e7:6c:50:7b:
48:d2:93:81:9d:70:27:f9:67:df:dc:ef:2c:a5:49:a7:6b:f4:
38:eb:2e:d1:ad:fe:13:d5:ea:e6:a1:eb:d2:80:2b:c5:9e:66:
d8:43:35:07:c2:26:fc:40:85:c0:23:72:f0:d0:ca:27:10:23:
e5:43:f4:41:cf:57:69:90:80:8e:00:d5:5d:10:89:80:78:29:
cb:56:95:c5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYxDzFm7xuSMMqdKSo6qjbMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMxMjA3MTAyMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU5MTM4M2M3YjEzZjBjNDM2ZTY1ZWE3MzI4MzhkYWFkMjM4ZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIL16jJTwOIiTjppbiiigcV4y6uo
Nq61OGXff8SYIChlt74dA9hHLrvufbj6S4yj+FK0pL0saI7tGQGGW74oLjA1VXZG
eA/x9GbesZDZcfa9//d5OqLZz6r02YIr2aPEiKQkhXUbe9qQQx3DrkhqEJ+xBM+x
iRYbWfUlphw1hYtJnZJQChlkCc+ww2MDmqyiyZwu0RAjXHRoi079o+v2luUTsw64
AavUg8idF/JniGxEYV0MKCp1opWDy9jBkrlI7oJ8cPV5hbSLLdsaAwJ8b+0qdCY1
FFxOlGc+5nPKV/U3kbJNq57PjvXr7INzJHHRhHq7c4kIivudMbwV5Mv5UwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNDpE4PHsT8MQ25l6nMoONqtI49EMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvME9rVGc4ZXhQd3hEYm1YcWN5ZzQycTBqajBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACysOMD
BAGysOQDBACysSgDBACysTEwDQYJKoZIhvcNAQELBQADggEBAGAjWGi/ySdVjRAd
1tOYY9uXtyLUTiUzzecIS0hP2R6keWnQcA8pnCluo0IziCKDgwU3BvfIcfUqBN4k
+YWUKGPw8kcHMbWq9Ljbl2GD+FInZ5PCWSEqO/y4USG4P/tigtKfl4JuR+8ygiQt
z2697iCO/C21gez5g1rz7qzZs42+SylJbB8Sce+Fc1RsP8FMxFZpdl+gXZjQISpd
gO+Q2t6MMZLMFHHvse2yC0MOkdwP52xQe0jSk4GdcCf5Z9/c7yylSadr9DjrLtGt
/hPV6uah69KAK8WeZthDNQfCJvxAhcAjcvDQyicQI+VD9EHPV2mQgI4A1V0QiYB4
KctWlcU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:15 2025 by rpki-client