Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/0ns9tPp4mc5bRI1vByefQpmQipY.roa
File: 0ns9tPp4mc5bRI1vByefQpmQipY.roa (raw, json)
Hash identifier: Yfle5x5o7KQXjPnG8S6GO44W1+zWR1MfNzEkZ+5L6sE=
Subject key identifier: D2:7B:3D:B4:FA:78:99:CE:5B:44:8D:6F:07:27:9F:42:99:90:8A:96
Certificate issuer: /CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Certificate serial: 01856D6F704C6D3B73915AD66DA47CA90266
Authority key identifier: 0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/0ns9tPp4mc5bRI1vByefQpmQipY.roa
Signing time: Sun 01 Jan 2023 13:04:57 +0000
ROA not before: Sun 01 Jan 2023 13:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15456
IP address blocks: 62.116.128.0/18 maxlen: 24
62.116.128.0/19 maxlen: 24
85.236.32.0/19 maxlen: 24
62.116.160.0/19 maxlen: 24
185.91.244.0/22 maxlen: 24
2001:4178::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:70:4c:6d:3b:73:91:5a:d6:6d:a4:7c:a9:02:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Validity
Not Before: Jan 1 13:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d27b3db4fa7899ce5b448d6f07279f4299908a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a3:f1:97:65:1b:4c:f3:31:55:a2:08:87:8e:
91:5a:2e:2e:3e:c0:7f:cf:6e:81:b8:a9:1c:46:9a:
b9:dc:5d:3e:23:de:ef:f0:26:b0:05:e6:ed:34:a2:
6f:db:2d:cc:28:e7:15:c3:a5:fd:17:e8:df:b0:53:
14:26:22:5b:ad:52:1d:22:e9:78:20:16:e7:21:32:
8a:8a:8a:42:e4:c8:15:29:7c:0c:00:8c:2c:84:b7:
e0:09:e6:20:4c:40:fe:70:0c:6e:16:ec:ea:cb:43:
9f:3d:e6:d1:65:cc:e7:2d:32:82:3b:05:de:d0:6c:
94:93:6b:bf:65:0d:bf:5c:18:95:b1:d0:79:84:2f:
bf:45:60:2c:5e:9a:7e:95:17:ea:d6:aa:0e:e6:75:
ee:cb:0b:71:51:8d:3e:7f:cf:b1:2c:1b:2f:1d:05:
fd:06:ef:72:a7:96:b9:1b:6c:9c:75:f9:18:d4:85:
1b:69:1f:16:51:a3:c8:eb:08:19:66:1f:9b:79:36:
d9:48:b0:c9:34:03:47:bf:db:0f:7d:11:8f:9d:9e:
5b:bc:66:f2:4b:b1:ad:7e:81:d4:c2:03:73:15:40:
bf:0b:1a:97:a7:97:e0:82:cc:d2:07:18:93:33:2e:
43:61:80:96:05:b9:1c:b0:f4:94:41:6c:ad:3b:5f:
1b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7B:3D:B4:FA:78:99:CE:5B:44:8D:6F:07:27:9F:42:99:90:8A:96
X509v3 Authority Key Identifier:
keyid:0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/0ns9tPp4mc5bRI1vByefQpmQipY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.116.128.0/18
85.236.32.0/19
185.91.244.0/22
IPv6:
2001:4178::/29
Signature Algorithm: sha256WithRSAEncryption
66:ba:9a:7d:c4:f7:25:3f:5f:e8:f9:b0:6d:2a:6c:d8:9f:92:
46:c2:87:fe:fa:7a:d1:f7:1c:aa:a4:4e:6a:2e:dd:d4:3e:69:
f6:bc:9f:94:22:d9:31:06:93:0d:56:09:e2:3b:42:ff:28:a3:
af:8f:77:48:d3:57:a1:4b:ec:c8:36:78:02:09:48:ec:96:a7:
ae:b9:79:2d:77:4e:c4:23:46:74:4f:17:74:c6:57:f6:86:2d:
13:21:da:95:a7:d3:0e:7e:63:82:b1:05:26:53:7d:f0:e3:ae:
99:0d:f8:38:bf:df:9e:81:b1:e4:04:2c:59:9f:4c:01:cc:a7:
35:5f:02:6f:28:a1:9f:93:56:33:d8:96:7b:5b:26:e6:6f:4d:
76:32:c5:de:29:89:9e:c4:4f:83:1d:e8:e2:4d:9a:a6:4f:37:
04:6f:ce:2d:75:71:9f:22:58:c8:c2:23:da:2a:ea:9a:03:fc:
8e:fe:7e:97:44:2a:4c:05:d3:97:e5:12:c4:dc:89:4b:27:be:
fd:33:4c:b6:05:94:cc:d5:6c:0a:4e:3b:78:3d:7e:99:e0:4e:
67:14:99:bf:82:53:e9:a3:e1:b4:70:2e:08:47:f7:4a:d4:0a:
ad:1f:12:3f:85:96:16:9e:3a:69:a6:5b:b9:73:5f:dc:7d:9b:
6f:7d:dd:51
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtb3BMbTtzkVrWbaR8qQJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNWJlNjA1NmViMGMzNjUwYjhmZTIxZTJkNzI2YzFiODNl
YzgyYjMwHhcNMjMwMTAxMTMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdiM2RiNGZhNzg5OWNlNWI0NDhkNmYwNzI3OWY0Mjk5OTA4YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaPxl2UbTPMxVaIIh46RWi4uPsB/
z26BuKkcRpq53F0+I97v8CawBebtNKJv2y3MKOcVw6X9F+jfsFMUJiJbrVIdIul4
IBbnITKKiopC5MgVKXwMAIwshLfgCeYgTED+cAxuFuzqy0OfPebRZcznLTKCOwXe
0GyUk2u/ZQ2/XBiVsdB5hC+/RWAsXpp+lRfq1qoO5nXuywtxUY0+f8+xLBsvHQX9
Bu9yp5a5G2ycdfkY1IUbaR8WUaPI6wgZZh+beTbZSLDJNANHv9sPfRGPnZ5bvGby
S7GtfoHUwgNzFUC/CxqXp5fggszSBxiTMy5DYYCWBbkcsPSUQWytO18bDwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNJ7PbT6eJnOW0SNbwcnn0KZkIqWMB8GA1UdIwQY
MBaAFAxb5gVusMNlC4/iHi1ybBuD7IKzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQt
ZmZjN2YyYTMxOThjLzEvMG5zOXRQcDRtYzViUkkxdkJ5ZWZRcG1RaXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQtZmZjN2YyYTMxOThj
LzEvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPnSAAwQF
VewgAwQCuVv0MA0EAgACMAcDBQMgAUF4MA0GCSqGSIb3DQEBCwUAA4IBAQBmupp9
xPclP1/o+bBtKmzYn5JGwof++nrR9xyqpE5qLt3UPmn2vJ+UItkxBpMNVgniO0L/
KKOvj3dI01ehS+zINngCCUjslqeuuXktd07EI0Z0Txd0xlf2hi0TIdqVp9MOfmOC
sQUmU33w466ZDfg4v9+egbHkBCxZn0wBzKc1XwJvKKGfk1Yz2JZ7Wybmb012MsXe
KYmexE+DHejiTZqmTzcEb84tdXGfIljIwiPaKuqaA/yO/n6XRCpMBdOX5RLE3IlL
J779M0y2BZTM1WwKTjt4PX6Z4E5nFJm/glPpo+G0cC4IR/dK1AqtHxI/hZYWnjpp
plu5c1/cfZtvfd1R
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:12 2025 by rpki-client