Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9grv0a9zHqv3Nx9e2XsuUZqk84E.roa
File: 9grv0a9zHqv3Nx9e2XsuUZqk84E.roa (raw, json)
Hash identifier: cXdpLFHKPXg/hT0P6hVMfkcFPVeJHyqjRFhVJpvvzQE=
Subject key identifier: F6:0A:EF:D1:AF:73:1E:AB:F7:37:1F:5E:D9:7B:2E:51:9A:A4:F3:81
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E10F0A846E8011FBAAAE69A5BB10D6
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9grv0a9zHqv3Nx9e2XsuUZqk84E.roa
Signing time: Mon 12 Dec 2022 10:28:33 +0000
ROA not before: Mon 12 Dec 2022 10:28:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8263
IP address blocks: 188.162.0.0/16 maxlen: 24
178.176.225.0/24 maxlen: 24
178.176.224.0/24 maxlen: 24
178.176.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:0f:0a:84:6e:80:11:fb:aa:ae:69:a5:bb:10:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f60aefd1af731eabf7371f5ed97b2e519aa4f381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0f:d3:13:94:72:a0:c0:05:c7:ab:82:74:32:
d6:e6:d8:4f:9b:82:2e:53:e3:16:9f:ef:c9:ef:a1:
a2:5b:43:9f:b2:ed:35:66:7a:22:ce:71:94:d0:9f:
29:cb:a2:19:17:84:be:01:1d:24:70:00:47:1c:c8:
42:c6:f4:10:5c:72:bb:96:03:e8:c3:99:5a:db:e7:
d8:06:44:f2:ab:78:3d:0f:e3:b3:fa:32:08:96:06:
ab:0f:cb:52:85:ea:9d:20:b4:1e:c6:5e:06:ac:e8:
b4:bb:69:38:d2:eb:04:e3:1c:21:44:60:d5:e8:69:
39:cf:2f:f9:67:b3:dd:45:a3:34:7c:2a:0d:88:43:
12:3d:f8:3e:97:90:2d:7e:b3:95:69:f9:ba:85:96:
1d:7f:c2:35:2b:72:f6:87:04:85:12:17:5e:c2:95:
a2:e0:5b:fc:b3:e4:c7:c6:db:68:b4:20:f3:df:53:
98:4b:1b:09:99:26:5f:f4:20:cb:ca:99:de:26:c3:
cd:ae:f1:31:61:ab:70:d4:d9:bb:89:99:83:f8:69:
b5:a1:d1:e1:73:5d:dc:65:20:72:95:b4:34:df:d6:
93:d5:77:d2:dc:0e:4f:04:b6:6e:86:ea:09:a2:bd:
82:fa:c3:a5:72:b6:b4:42:08:9b:19:0a:f4:aa:f0:
5d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:0A:EF:D1:AF:73:1E:AB:F7:37:1F:5E:D9:7B:2E:51:9A:A4:F3:81
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9grv0a9zHqv3Nx9e2XsuUZqk84E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.176.224.0-178.176.226.255
188.162.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:0a:e3:d9:86:23:6c:4d:e7:e1:55:9f:ac:6c:dd:22:4d:38:
b4:0c:40:e1:d2:b0:56:48:d4:06:d0:e9:e3:5e:99:b0:0e:46:
95:6a:ea:e1:3e:03:ec:9a:1b:e0:36:9e:9b:63:b3:ad:30:6e:
62:42:1b:9f:78:88:fc:a0:9e:c7:08:9f:da:b5:bc:c3:15:a0:
93:bf:99:5b:c2:92:9d:a9:ae:18:11:b6:1d:80:02:84:66:97:
b9:4c:61:26:3c:6d:7d:56:72:70:95:0b:dd:b8:e9:47:25:29:
41:ce:50:d2:ad:d5:2d:8f:fc:74:54:10:ea:5c:99:5f:77:a9:
df:68:da:9c:d6:d3:bb:d6:26:5f:04:7a:5a:fa:db:ec:4f:e1:
d1:77:e6:33:5c:c9:9b:e6:f6:d1:3e:a2:b7:bf:2b:9e:3c:c7:
3d:53:bb:6e:3e:35:d6:12:6c:9f:24:e2:6b:de:f2:be:a1:5c:
91:a4:45:ce:f3:d4:1f:24:7b:17:61:8d:73:2e:b1:e0:6c:cd:
03:75:72:0b:f4:1e:81:e4:f7:10:d4:9e:52:36:dd:94:fb:08:
bb:5f:fd:52:c1:5d:b5:97:ec:86:94:8a:c0:1c:5c:84:a1:ab:
67:d0:3c:3a:42:44:1f:bd:d4:49:97:29:31:35:b0:a4:8f:ad:
95:ba:dc:fd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYUF4Q8KhG6AEfuqrmmluxDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjBhZWZkMWFmNzMxZWFiZjczNzFmNWVkOTdiMmU1MTlhYTRmMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw/TE5RyoMAFx6uCdDLW5thPm4Iu
U+MWn+/J76GiW0Ofsu01ZnoiznGU0J8py6IZF4S+AR0kcABHHMhCxvQQXHK7lgPo
w5la2+fYBkTyq3g9D+Oz+jIIlgarD8tSheqdILQexl4GrOi0u2k40usE4xwhRGDV
6Gk5zy/5Z7PdRaM0fCoNiEMSPfg+l5AtfrOVafm6hZYdf8I1K3L2hwSFEhdewpWi
4Fv8s+THxttotCDz31OYSxsJmSZf9CDLypneJsPNrvExYatw1Nm7iZmD+Gm1odHh
c13cZSBylbQ039aT1XfS3A5PBLZuhuoJor2C+sOlcra0QgibGQr0qvBduQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPYK79Gvcx6r9zcfXtl7LlGapPOBMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvOWdydjBhOXpIcXYzTng5ZTJYc3VVWnFrODRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAwDBAWysOAD
BACysOIDAwC8ojANBgkqhkiG9w0BAQsFAAOCAQEAPgrj2YYjbE3n4VWfrGzdIk04
tAxA4dKwVkjUBtDp416ZsA5GlWrq4T4D7Job4Daem2OzrTBuYkIbn3iI/KCexwif
2rW8wxWgk7+ZW8KSnamuGBG2HYAChGaXuUxhJjxtfVZycJUL3bjpRyUpQc5Q0q3V
LY/8dFQQ6lyZX3ep32janNbTu9YmXwR6Wvrb7E/h0XfmM1zJm+b20T6it78rnjzH
PVO7bj411hJsnyTia97yvqFckaRFzvPUHyR7F2GNcy6x4GzNA3VyC/QegeT3ENSe
UjbdlPsIu1/9UsFdtZfshpSKwBxchKGrZ9A8OkJEH73USZcpMTWwpI+tlbrc/Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:30 2025 by rpki-client