Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/irq8DHPBz9Qsg9b-A2WsvMNlnpk.roa
File: irq8DHPBz9Qsg9b-A2WsvMNlnpk.roa (raw, json)
Hash identifier: deeRQprRFXXEvWClkuohVN/rLQ/ZhkStkmPwnUoGXC8=
Subject key identifier: 8A:BA:BC:0C:73:C1:CF:D4:2C:83:D6:FE:03:65:AC:BC:C3:65:9E:99
Certificate issuer: /CN=9e81ddaad88f7071612d7c3b7618e24d1a5233bb
Certificate serial: 018B05AF1B6462F1491F2D5011119F4C470B
Authority key identifier: 9E:81:DD:AA:D8:8F:70:71:61:2D:7C:3B:76:18:E2:4D:1A:52:33:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/noHdqtiPcHFhLXw7dhjiTRpSM7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/irq8DHPBz9Qsg9b-A2WsvMNlnpk.roa
Signing time: Fri 06 Oct 2023 15:50:43 +0000
ROA not before: Fri 06 Oct 2023 15:50:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61060
IP address blocks: 37.44.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:af:1b:64:62:f1:49:1f:2d:50:11:11:9f:4c:47:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e81ddaad88f7071612d7c3b7618e24d1a5233bb
Validity
Not Before: Oct 6 15:50:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ababc0c73c1cfd42c83d6fe0365acbcc3659e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f7:ca:03:ca:98:38:c9:58:04:91:31:f8:02:
89:95:74:14:4d:d7:d9:ba:bc:7c:12:81:e8:6d:dd:
bb:b5:7c:19:ca:4e:57:97:25:cd:77:3c:b0:e1:3f:
e5:6c:53:02:d0:b1:5e:17:f7:c2:fe:6b:ae:32:93:
da:8a:c6:09:c5:ae:ba:48:da:b0:87:39:a9:0d:27:
ee:5f:88:b1:e7:bc:54:80:e8:ca:5f:33:b0:0d:b1:
78:cf:dc:82:9c:e0:9c:c8:38:53:2d:d8:92:30:e9:
02:86:77:28:57:ae:c7:5a:36:3b:64:80:b3:2e:ac:
a6:2e:fc:44:45:10:32:62:4e:bf:71:48:1b:9e:a8:
b1:79:da:dd:a1:dd:59:41:bd:8c:94:50:3a:95:e9:
7a:d7:26:82:a3:b8:24:35:b5:39:4c:3d:9c:ab:5b:
22:e8:16:b0:a0:6e:b9:82:5a:0c:53:62:73:71:fd:
6c:f5:b9:e1:4b:be:9b:2f:2a:bc:6a:df:ce:b4:e9:
75:6b:00:00:60:3a:d6:5d:a8:f7:27:f7:73:03:40:
2c:3c:79:36:17:dd:4b:7f:7b:50:ef:a5:d2:94:ad:
0a:35:12:68:0e:c8:fc:e6:0a:7f:cf:d2:eb:a1:03:
5f:55:60:c6:bb:3e:d5:c3:6d:fd:b3:97:fe:8a:14:
01:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BA:BC:0C:73:C1:CF:D4:2C:83:D6:FE:03:65:AC:BC:C3:65:9E:99
X509v3 Authority Key Identifier:
keyid:9E:81:DD:AA:D8:8F:70:71:61:2D:7C:3B:76:18:E2:4D:1A:52:33:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/noHdqtiPcHFhLXw7dhjiTRpSM7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/irq8DHPBz9Qsg9b-A2WsvMNlnpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e22dc2-f406-40c9-ba5f-bf69b12a6744/1/noHdqtiPcHFhLXw7dhjiTRpSM7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.8.0/21
Signature Algorithm: sha256WithRSAEncryption
34:88:53:c2:36:fe:ba:1d:6a:e9:be:1b:0f:58:3b:19:c2:72:
5c:be:19:b8:d7:85:d7:da:17:5f:bf:e7:44:26:d9:90:16:06:
c0:32:bf:5c:1c:93:c1:6e:6b:1d:8e:a1:ef:50:95:3b:e0:16:
69:33:29:db:25:46:5f:45:94:ed:d4:42:eb:c4:f8:13:e5:0c:
30:eb:c8:92:a8:9e:85:2c:13:a0:5c:00:e0:20:27:1d:cb:e9:
d4:38:a6:e2:d8:9c:41:7c:37:fb:18:e5:a0:d1:71:19:ac:98:
7b:1a:fe:68:06:88:46:ce:e9:00:36:83:7f:92:ea:8a:79:8a:
90:0e:c5:0d:3b:07:a7:c0:ad:5f:bc:e5:17:85:63:34:71:f9:
be:c2:a0:00:c2:54:86:e7:a0:94:e4:d0:9c:a8:7a:eb:95:a5:
0f:a6:e1:7e:0d:eb:dd:03:76:1d:49:c2:9e:ae:0f:99:58:d3:
56:cf:57:08:32:d2:b7:55:42:f5:f3:4b:1d:f2:d0:55:6a:b6:
1c:9d:cd:fd:be:e5:49:81:ba:7c:16:17:11:02:0d:f3:61:0b:
86:65:f1:f8:aa:13:7e:d4:c7:2c:ee:f7:b2:89:94:39:dd:e9:
63:dc:41:2c:02:77:bc:13:4d:bd:e2:43:0d:c1:7b:6d:73:53:
fa:ef:c5:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsFrxtkYvFJHy1QERGfTEcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllODFkZGFhZDg4ZjcwNzE2MTJkN2MzYjc2MThlMjRkMWE1
MjMzYmIwHhcNMjMxMDA2MTU1MDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWJhYmMwYzczYzFjZmQ0MmM4M2Q2ZmUwMzY1YWNiY2MzNjU5ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApffKA8qYOMlYBJEx+AKJlXQUTdfZ
urx8EoHobd27tXwZyk5XlyXNdzyw4T/lbFMC0LFeF/fC/muuMpPaisYJxa66SNqw
hzmpDSfuX4ix57xUgOjKXzOwDbF4z9yCnOCcyDhTLdiSMOkChncoV67HWjY7ZICz
LqymLvxERRAyYk6/cUgbnqixedrdod1ZQb2MlFA6lel61yaCo7gkNbU5TD2cq1si
6BawoG65gloMU2Jzcf1s9bnhS76bLyq8at/OtOl1awAAYDrWXaj3J/dzA0AsPHk2
F91Lf3tQ76XSlK0KNRJoDsj85gp/z9LroQNfVWDGuz7Vw239s5f+ihQB8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIq6vAxzwc/ULIPW/gNlrLzDZZ6ZMB8GA1UdIwQY
MBaAFJ6B3arYj3BxYS18O3YY4k0aUjO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm9IZHF0aVBjSEZoTFh3N2RoamlUUnBTTTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lMjJkYzItZjQwNi00MGM5LWJhNWYt
YmY2OWIxMmE2NzQ0LzEvaXJxOERIUEJ6OVFzZzliLUEyV3N2TU5sbnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lMjJkYzItZjQwNi00MGM5LWJhNWYtYmY2OWIxMmE2NzQ0
LzEvbm9IZHF0aVBjSEZoTFh3N2RoamlUUnBTTTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJSwIMA0G
CSqGSIb3DQEBCwUAA4IBAQA0iFPCNv66HWrpvhsPWDsZwnJcvhm414XX2hdfv+dE
JtmQFgbAMr9cHJPBbmsdjqHvUJU74BZpMynbJUZfRZTt1ELrxPgT5Qww68iSqJ6F
LBOgXADgICcdy+nUOKbi2JxBfDf7GOWg0XEZrJh7Gv5oBohGzukANoN/kuqKeYqQ
DsUNOwenwK1fvOUXhWM0cfm+wqAAwlSG56CU5NCcqHrrlaUPpuF+DevdA3YdScKe
rg+ZWNNWz1cIMtK3VUL180sd8tBVarYcnc39vuVJgbp8FhcRAg3zYQuGZfH4qhN+
1Mcs7veyiZQ53elj3EEsAne8E0294kMNwXttc1P678Vo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:54 2025 by rpki-client