Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iheP6r2vT7es8wgCfVDDHl4G8kw.roa
File: iheP6r2vT7es8wgCfVDDHl4G8kw.roa (raw, json)
Hash identifier: cqu9MsG7aTGSeUnJzN5KMOBwXhM7z/7vnALNLz0wFSE=
Subject key identifier: 8A:17:8F:EA:BD:AF:4F:B7:AC:F3:08:02:7D:50:C3:1E:5E:06:F2:4C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAD10075D48B6A988B411E642D73CD
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iheP6r2vT7es8wgCfVDDHl4G8kw.roa
Signing time: Sun 01 Jan 2023 10:05:09 +0000
ROA not before: Sun 01 Jan 2023 10:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8280
IP address blocks: 192.71.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:d1:00:75:d4:8b:6a:98:8b:41:1e:64:2d:73:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a178feabdaf4fb7acf308027d50c31e5e06f24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3d:9d:90:57:23:b4:d8:bb:57:12:fc:88:f1:
f5:e8:f5:df:99:7b:3e:c9:77:60:00:a1:7f:08:79:
6f:d3:c5:d9:a6:69:07:32:61:da:58:df:ef:2f:24:
d1:a7:64:b9:9f:b8:4e:35:51:8c:e6:53:c3:57:8c:
92:1f:61:43:52:f4:73:b4:44:e8:ca:cc:7f:ed:0c:
71:0d:dc:e7:4e:93:8d:c3:7d:4b:2d:68:60:a1:4c:
09:36:f6:aa:c4:7d:32:06:9a:a3:cd:21:3c:51:ac:
1f:f7:dc:40:08:c0:44:ef:c3:6a:bf:c6:6c:6f:ce:
30:43:54:17:3a:f2:a7:5c:f6:64:26:84:55:3c:53:
06:cb:fe:58:77:ef:e8:8a:dd:ea:81:73:f1:40:70:
50:9b:15:d1:c9:12:03:15:cc:6f:ff:85:c4:25:46:
0c:cc:47:b7:c6:e8:6b:4b:91:e9:c9:46:cc:d1:f6:
34:b0:7f:5a:4d:96:11:1f:a9:f1:d8:e0:a9:fa:04:
38:a5:21:37:d3:1e:da:75:0c:f8:bb:a6:bd:4f:32:
3f:7b:f0:b3:1e:a3:eb:ea:7c:f8:4e:4d:77:e0:33:
a0:66:6f:0d:cc:85:df:cf:e2:32:eb:c8:71:49:ca:
67:35:7c:a1:15:2f:cb:bb:47:db:ca:f0:d6:16:46:
9b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:17:8F:EA:BD:AF:4F:B7:AC:F3:08:02:7D:50:C3:1E:5E:06:F2:4C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iheP6r2vT7es8wgCfVDDHl4G8kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.166.0/24
Signature Algorithm: sha256WithRSAEncryption
00:48:26:03:0e:5f:84:ba:0c:16:52:e0:66:0a:f5:fe:1d:42:
5e:0b:7d:1d:af:da:f0:d5:30:7f:d7:50:2e:ff:c2:e7:97:e2:
97:12:7f:f7:13:05:4a:21:4c:0f:03:cd:ed:b9:97:d2:f0:7d:
09:db:ce:d8:08:e7:06:bb:19:22:77:78:a4:1e:ae:d5:e2:30:
5a:54:f2:4d:eb:4e:86:26:1f:02:b9:02:c6:28:2b:35:c1:48:
38:85:f3:b2:01:a2:86:be:23:19:85:06:a9:a8:03:5e:07:82:
3b:d7:e3:ed:67:44:ca:93:cb:cc:a5:84:86:7f:80:6c:ca:fa:
48:ea:b6:5a:4e:e6:df:a3:7b:eb:e9:f0:9a:2f:50:0f:82:dd:
9d:a2:0a:64:2d:02:49:2e:b5:dd:ec:3c:65:d2:f6:7e:bc:f8:
74:82:c2:ae:52:0f:d0:42:1c:80:be:ba:6a:1a:5b:92:6e:81:
c4:0b:1f:24:1f:69:07:ac:9c:41:78:5b:8e:d4:bd:09:67:eb:
31:16:15:68:33:6a:93:34:18:a1:41:6d:d8:de:b9:ac:9a:ce:
53:e9:a6:a2:63:b4:10:21:93:32:5e:a5:34:13:08:0a:f6:ed:
13:24:6d:7d:38:17:a2:8f:d4:df:0c:c6:6f:d5:64:ad:24:c5:
e1:2d:76:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsytEAddSLapiLQR5kLXPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE3OGZlYWJkYWY0ZmI3YWNmMzA4MDI3ZDUwYzMxZTVlMDZmMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD2dkFcjtNi7VxL8iPH16PXfmXs+
yXdgAKF/CHlv08XZpmkHMmHaWN/vLyTRp2S5n7hONVGM5lPDV4ySH2FDUvRztETo
ysx/7QxxDdznTpONw31LLWhgoUwJNvaqxH0yBpqjzSE8Uawf99xACMBE78Nqv8Zs
b84wQ1QXOvKnXPZkJoRVPFMGy/5Yd+/oit3qgXPxQHBQmxXRyRIDFcxv/4XEJUYM
zEe3xuhrS5HpyUbM0fY0sH9aTZYRH6nx2OCp+gQ4pSE30x7adQz4u6a9TzI/e/Cz
HqPr6nz4Tk134DOgZm8NzIXfz+Iy68hxScpnNXyhFS/Lu0fbyvDWFkab7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoXj+q9r0+3rPMIAn1Qwx5eBvJMMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaWhlUDZyMnZUN2VzOHdnQ2ZWRERIbDRHOGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEemMA0G
CSqGSIb3DQEBCwUAA4IBAQAASCYDDl+EugwWUuBmCvX+HUJeC30dr9rw1TB/11Au
/8Lnl+KXEn/3EwVKIUwPA83tuZfS8H0J287YCOcGuxkid3ikHq7V4jBaVPJN606G
Jh8CuQLGKCs1wUg4hfOyAaKGviMZhQapqANeB4I71+PtZ0TKk8vMpYSGf4BsyvpI
6rZaTubfo3vr6fCaL1APgt2dogpkLQJJLrXd7Dxl0vZ+vPh0gsKuUg/QQhyAvrpq
GluSboHECx8kH2kHrJxBeFuO1L0JZ+sxFhVoM2qTNBihQW3Y3rmsms5T6aaiY7QQ
IZMyXqU0EwgK9u0TJG19OBeij9TfDMZv1WStJMXhLXZs
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:36 2025 by rpki-client