Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/9pIB27dsyvpG7hRGuAuPbb5fhf4.roa
File: 9pIB27dsyvpG7hRGuAuPbb5fhf4.roa (raw, json)
Hash identifier: 2yDWqdIsObAaKPYxAXXAGNpKaI8joswOYXy5xxuwzio=
Subject key identifier: F6:92:01:DB:B7:6C:CA:FA:46:EE:14:46:B8:0B:8F:6D:BE:5F:85:FE
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 01856D2F36CA06B3A3D7F53EFA86E885198D
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/9pIB27dsyvpG7hRGuAuPbb5fhf4.roa
Signing time: Sun 01 Jan 2023 11:54:48 +0000
ROA not before: Sun 01 Jan 2023 11:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 84.239.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:36:ca:06:b3:a3:d7:f5:3e:fa:86:e8:85:19:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 1 11:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f69201dbb76ccafa46ee1446b80b8f6dbe5f85fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4e:08:f7:3d:65:e9:91:2d:cf:c7:d4:88:a5:
6d:ac:48:c3:79:b5:44:7e:0a:75:24:ca:18:41:06:
67:77:96:36:67:31:f4:f8:aa:d3:b0:5a:99:eb:ec:
89:c0:b5:b8:f2:33:66:f3:e0:1e:59:7a:11:30:6d:
ce:a7:56:16:31:ca:05:d8:35:76:90:1d:ea:95:0b:
d0:40:0d:94:2a:09:58:4b:24:d5:ff:e2:1c:56:ee:
7d:47:27:77:48:f7:f8:7a:dc:85:b3:15:66:5c:b1:
9b:79:13:4b:e9:b9:9b:f1:a6:73:e4:9e:fe:86:ae:
9a:c5:58:f9:63:32:54:0c:4e:e9:2c:bf:81:9e:f7:
52:5b:d0:82:2b:a5:09:11:bf:88:0c:fb:17:80:da:
26:b3:e5:ca:43:06:a3:7a:eb:ae:8f:ca:0f:7a:cf:
49:27:e8:d4:a5:b2:7e:e3:eb:c7:90:d8:ba:63:53:
64:90:cd:8d:98:89:90:18:8f:88:c4:27:2d:f0:91:
e6:42:38:f9:64:c8:20:b5:b2:c9:6a:d8:26:ff:7e:
75:f0:6d:a2:53:2f:59:4e:af:66:8b:98:5c:14:d1:
f6:41:f1:90:05:05:0b:3d:d7:b6:12:68:34:ac:fc:
89:5d:a3:c0:6c:cb:15:37:94:47:61:d3:fd:21:79:
18:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:92:01:DB:B7:6C:CA:FA:46:EE:14:46:B8:0B:8F:6D:BE:5F:85:FE
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/9pIB27dsyvpG7hRGuAuPbb5fhf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.18.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ce:50:6c:7f:6a:99:6f:cd:45:ab:3f:61:49:26:90:37:64:
e6:4b:ab:63:a9:5e:4c:99:c3:af:ab:9b:62:5d:5a:e8:79:e7:
b8:13:c0:83:a3:db:1e:e6:8f:ba:d8:8f:94:a2:81:20:c3:4e:
18:2e:23:6e:87:5c:36:69:b2:0d:cf:f5:26:eb:f4:ae:57:0b:
36:dd:76:61:ed:09:02:b9:49:fa:41:a8:d2:79:40:7a:9c:db:
95:7d:7b:d6:18:95:b3:c8:cd:a9:d5:6e:52:66:09:90:ee:d3:
54:2f:ce:3e:7c:af:60:63:79:15:18:4c:e7:d6:16:89:91:9c:
68:94:4f:e5:4f:58:3f:8e:f4:fc:18:c0:5f:de:b5:2f:7c:f2:
9e:a3:8f:05:25:76:0e:50:9c:9f:cf:87:bc:af:f8:42:ca:2b:
1c:24:88:e4:7b:be:3b:09:9b:e1:a1:2d:8d:74:a5:39:eb:c5:
1a:91:10:61:a0:82:3b:8d:b6:59:c8:bf:f6:6c:f7:a5:9c:7c:
39:42:de:a1:5d:04:e5:2c:75:0e:d5:59:5f:ed:4d:87:e9:4d:
43:63:65:e8:5e:88:b4:63:b4:03:9a:f3:5f:15:7a:27:70:1b:
ec:bc:13:53:dc:e1:e7:49:46:3e:2d:7a:de:69:b1:d3:27:b2:
2e:a5:fa:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLzbKBrOj1/U++obohRmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjMwMTAxMTE1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjkyMDFkYmI3NmNjYWZhNDZlZTE0NDZiODBiOGY2ZGJlNWY4NWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk04I9z1l6ZEtz8fUiKVtrEjDebVE
fgp1JMoYQQZnd5Y2ZzH0+KrTsFqZ6+yJwLW48jNm8+AeWXoRMG3Op1YWMcoF2DV2
kB3qlQvQQA2UKglYSyTV/+IcVu59Ryd3SPf4etyFsxVmXLGbeRNL6bmb8aZz5J7+
hq6axVj5YzJUDE7pLL+BnvdSW9CCK6UJEb+IDPsXgNoms+XKQwajeuuuj8oPes9J
J+jUpbJ+4+vHkNi6Y1NkkM2NmImQGI+IxCct8JHmQjj5ZMggtbLJatgm/3518G2i
Uy9ZTq9mi5hcFNH2QfGQBQULPde2Emg0rPyJXaPAbMsVN5RHYdP9IXkYTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPaSAdu3bMr6Ru4URrgLj22+X4X+MB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvOXBJQjI3ZHN5dnBHN2hSR3VBdVBiYjVmaGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVO8SMA0G
CSqGSIb3DQEBCwUAA4IBAQBOzlBsf2qZb81Fqz9hSSaQN2TmS6tjqV5MmcOvq5ti
XVroeee4E8CDo9se5o+62I+UooEgw04YLiNuh1w2abINz/Um6/SuVws23XZh7QkC
uUn6QajSeUB6nNuVfXvWGJWzyM2p1W5SZgmQ7tNUL84+fK9gY3kVGEzn1haJkZxo
lE/lT1g/jvT8GMBf3rUvfPKeo48FJXYOUJyfz4e8r/hCyiscJIjke747CZvhoS2N
dKU568UakRBhoII7jbZZyL/2bPelnHw5Qt6hXQTlLHUO1Vlf7U2H6U1DY2XoXoi0
Y7QDmvNfFXoncBvsvBNT3OHnSUY+LXreabHTJ7Iupfrc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:08 2025 by rpki-client