Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/026ed8-ab9c-4753-9b20-2ba9d516f944/1/v9A8oBJM7D1dFuDj7hauRlr-AMk.roa
File: v9A8oBJM7D1dFuDj7hauRlr-AMk.roa (raw, json)
Hash identifier: h9GYdT/6kPL3+MMR3U3nEvGAjxg31YOqQl5LwCmF1vI=
Subject key identifier: BF:D0:3C:A0:12:4C:EC:3D:5D:16:E0:E3:EE:16:AE:46:5A:FE:00:C9
Certificate issuer: /CN=6510c26f3a4fac700ac7b0e3490b8fa175f08ad8
Certificate serial: 064A706A
Authority key identifier: 65:10:C2:6F:3A:4F:AC:70:0A:C7:B0:E3:49:0B:8F:A1:75:F0:8A:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRDCbzpPrHAKx7DjSQuPoXXwitg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/026ed8-ab9c-4753-9b20-2ba9d516f944/1/v9A8oBJM7D1dFuDj7hauRlr-AMk.roa
Signing time: Sat 01 Jan 2022 12:54:53 +0000
ROA not before: Sat 01 Jan 2022 12:54:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202761
IP address blocks: 178.19.172.0/24 maxlen: 24
178.19.172.0/22 maxlen: 22
178.19.172.0/23 maxlen: 23
178.19.174.0/23 maxlen: 23
178.19.175.0/24 maxlen: 24
178.19.173.0/24 maxlen: 24
178.19.174.0/24 maxlen: 24
185.251.124.0/23 maxlen: 23
185.251.124.0/22 maxlen: 22
185.251.124.0/24 maxlen: 24
185.251.125.0/24 maxlen: 24
185.251.126.0/24 maxlen: 24
185.251.127.0/24 maxlen: 24
185.251.126.0/23 maxlen: 23
2a07:8cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105541738 (0x64a706a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6510c26f3a4fac700ac7b0e3490b8fa175f08ad8
Validity
Not Before: Jan 1 12:54:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfd03ca0124cec3d5d16e0e3ee16ae465afe00c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:2a:3d:0c:6b:25:92:d0:bd:95:32:73:ce:2a:
c6:2e:8b:98:b2:17:7e:26:cd:f3:06:95:ca:e5:c4:
7b:10:b4:20:27:ee:85:40:63:71:64:07:32:1f:d5:
be:52:5c:58:21:cf:16:0b:fb:63:4e:bc:6d:d7:4f:
21:06:06:e8:0a:6b:77:e5:88:2a:19:0f:fd:e0:3c:
a2:9f:f3:02:5a:dd:f1:dc:47:f7:fb:37:ae:f3:3f:
ad:0a:a8:02:b1:ff:49:4b:79:49:c0:cd:7f:b8:20:
b6:8c:e9:4c:61:b2:e3:74:c0:ec:28:fe:78:45:95:
f7:90:f8:af:8c:50:23:dc:2a:59:88:a9:1f:67:a7:
62:e9:fd:d2:72:fe:b5:cb:a0:09:d0:06:41:e9:ad:
f9:81:bc:b1:9f:63:a4:24:ec:30:dc:90:68:b6:a6:
68:f3:b6:63:ea:d1:67:ed:e0:af:2a:7c:cc:e5:97:
8d:8d:0e:af:98:f5:80:fd:9a:ca:84:b0:12:fd:91:
9a:3a:f9:e9:2c:1e:bf:d8:68:e6:d7:44:f5:a8:cf:
c7:67:de:12:8f:b5:b6:0b:8c:41:ac:1e:1a:a6:a9:
18:3f:ce:95:e0:72:2a:10:93:b4:74:0d:7e:f6:54:
37:d0:51:85:9f:f1:fe:98:58:a7:91:b6:4c:3f:60:
91:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D0:3C:A0:12:4C:EC:3D:5D:16:E0:E3:EE:16:AE:46:5A:FE:00:C9
X509v3 Authority Key Identifier:
keyid:65:10:C2:6F:3A:4F:AC:70:0A:C7:B0:E3:49:0B:8F:A1:75:F0:8A:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRDCbzpPrHAKx7DjSQuPoXXwitg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/026ed8-ab9c-4753-9b20-2ba9d516f944/1/v9A8oBJM7D1dFuDj7hauRlr-AMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/026ed8-ab9c-4753-9b20-2ba9d516f944/1/ZRDCbzpPrHAKx7DjSQuPoXXwitg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.19.172.0/22
185.251.124.0/22
IPv6:
2a07:8cc0::/29
Signature Algorithm: sha256WithRSAEncryption
44:ce:ee:1f:38:c0:0a:ba:e1:03:16:83:37:17:44:7f:d9:f7:
58:7d:74:8a:28:f8:ab:0f:ec:ef:b0:e2:09:0f:29:4e:84:61:
51:49:d6:71:8e:02:1c:e1:7f:f0:b8:99:36:15:d6:d1:c7:76:
7e:a7:95:04:b0:bf:09:ca:41:4d:28:2e:a8:0a:66:c0:48:7b:
c9:05:d8:52:6e:1d:d7:03:ff:d4:b4:dc:f6:04:41:9d:db:95:
13:24:2e:27:47:fa:6a:08:91:9e:1b:75:81:ea:e5:2f:a3:33:
34:c6:b5:85:89:2f:24:c0:55:1b:81:b4:32:d5:e8:eb:6d:42:
58:cb:f4:22:79:36:c9:e3:82:e5:42:fb:11:25:f4:4c:1d:97:
22:a4:48:d5:73:0a:b5:b6:10:f1:64:d4:68:50:6d:10:10:2f:
f9:d3:eb:1a:7e:9b:31:a3:d2:1a:8b:8d:d1:fa:0b:66:0c:19:
df:93:c7:d1:06:2c:ba:b4:f7:89:1f:bb:9b:e3:21:52:a3:17:
72:ee:76:26:02:7c:71:07:d3:e2:32:15:8e:5f:1a:45:3a:8d:
02:a1:0c:aa:82:31:5d:cc:16:fb:7c:79:eb:c0:76:86:7d:09:
42:1a:12:78:fc:8e:c4:01:a9:b7:38:c5:92:a4:ee:df:7f:26:
99:d5:e6:99
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBkpwajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTEwYzI2ZjNhNGZhYzcwMGFjN2IwZTM0OTBiOGZhMTc1ZjA4YWQ4MB4XDTIyMDEw
MTEyNTQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZkMDNjYTAxMjRj
ZWMzZDVkMTZlMGUzZWUxNmFlNDY1YWZlMDBjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPcqPQxrJZLQvZUyc84qxi6LmLIXfibN8waVyuXEexC0ICfu
hUBjcWQHMh/VvlJcWCHPFgv7Y068bddPIQYG6Aprd+WIKhkP/eA8op/zAlrd8dxH
9/s3rvM/rQqoArH/SUt5ScDNf7ggtozpTGGy43TA7Cj+eEWV95D4r4xQI9wqWYip
H2enYun90nL+tcugCdAGQemt+YG8sZ9jpCTsMNyQaLamaPO2Y+rRZ+3gryp8zOWX
jY0Or5j1gP2ayoSwEv2Rmjr56Swev9ho5tdE9ajPx2feEo+1tguMQaweGqapGD/O
leByKhCTtHQNfvZUN9BRhZ/x/phYp5G2TD9gkQMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS/0DygEkzsPV0W4OPuFq5GWv4AyTAfBgNVHSMEGDAWgBRlEMJvOk+scArH
sONJC4+hdfCK2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pSRENienBQckhBS3g3RGpTUXVQb1hYd2l0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvMDI2ZWQ4LWFiOWMtNDc1My05YjIwLTJiYTlkNTE2Zjk0NC8x
L3Y5QThvQkpNN0QxZEZ1RGo3aGF1UmxyLUFNay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
MDI2ZWQ4LWFiOWMtNDc1My05YjIwLTJiYTlkNTE2Zjk0NC8xL1pSRENienBQckhB
S3g3RGpTUXVQb1hYd2l0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArITrAMEArn7fDANBAIAAjAHAwUD
KgeMwDANBgkqhkiG9w0BAQsFAAOCAQEARM7uHzjACrrhAxaDNxdEf9n3WH10iij4
qw/s77DiCQ8pToRhUUnWcY4CHOF/8LiZNhXW0cd2fqeVBLC/CcpBTSguqApmwEh7
yQXYUm4d1wP/1LTc9gRBnduVEyQuJ0f6agiRnht1gerlL6MzNMa1hYkvJMBVG4G0
MtXo621CWMv0Ink2yeOC5UL7ESX0TB2XIqRI1XMKtbYQ8WTUaFBtEBAv+dPrGn6b
MaPSGouN0foLZgwZ35PH0QYsurT3iR+7m+MhUqMXcu52JgJ8cQfT4jIVjl8aRTqN
AqEMqoIxXcwW+3x568B2hn0JQhoSePyOxAGptzjFkqTu338mmdXmmQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:11 2025 by rpki-client