Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DFEebxCxDn6pAsAbr9EjRBR5oEA.roa
File: DFEebxCxDn6pAsAbr9EjRBR5oEA.roa (raw, json)
Hash identifier: mDBkOQQN2YSOtQrMfMwdi4did1WAlypb+VIRyfMRA7I=
Subject key identifier: 0C:51:1E:6F:10:B1:0E:7E:A9:02:C0:1B:AF:D1:23:44:14:79:A0:40
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01856D94171EB7AF739B419D61796AACF7F8
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DFEebxCxDn6pAsAbr9EjRBR5oEA.roa
Signing time: Sun 01 Jan 2023 13:44:59 +0000
ROA not before: Sun 01 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208226
IP address blocks: 88.151.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:17:1e:b7:af:73:9b:41:9d:61:79:6a:ac:f7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c511e6f10b10e7ea902c01bafd123441479a040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c9:71:c0:06:58:6c:bc:20:53:6b:d3:92:5c:
a4:60:7b:f1:ec:ca:27:fb:f1:67:4e:8b:3f:32:10:
56:78:98:81:c4:1d:24:85:ea:6a:91:88:9f:6d:c7:
d5:7c:66:30:b4:bb:d6:74:7c:a6:e0:a0:b7:d1:e9:
df:1f:58:ab:de:0d:51:88:5e:b0:f2:35:5c:6d:71:
9b:00:e7:60:8c:b6:5b:9c:5d:a7:86:f6:ca:05:af:
ee:39:5d:b8:84:f3:67:14:44:15:ba:0a:a6:f7:ea:
07:7f:88:1d:b0:fd:3e:e1:c1:10:62:64:e7:f8:60:
a3:ed:8f:e2:5c:27:41:4d:6e:04:4e:bf:c4:1b:f5:
3d:d6:20:b8:55:03:c1:79:b8:0b:42:89:f4:6f:de:
c6:ab:0c:08:c9:f1:77:df:24:ba:18:b4:2b:a8:7c:
22:8a:6c:ee:a2:ce:62:b5:1f:b1:d5:8f:5c:15:e4:
a7:e0:47:05:d4:0d:1e:a1:ce:35:8c:af:74:b9:82:
bb:2d:3d:b7:6b:3c:c0:6b:ec:09:ca:4f:f4:1d:aa:
d2:5a:a8:71:ff:9f:f0:b8:b8:dc:97:3c:6a:3d:50:
07:4a:8a:e0:09:e1:3a:08:d3:98:ec:7f:d3:ef:1f:
27:f1:28:51:79:48:94:8b:7c:0a:d1:4e:d6:ef:e7:
ae:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:51:1E:6F:10:B1:0E:7E:A9:02:C0:1B:AF:D1:23:44:14:79:A0:40
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DFEebxCxDn6pAsAbr9EjRBR5oEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.197.0/24
Signature Algorithm: sha256WithRSAEncryption
01:36:0a:32:3b:41:aa:9e:6e:03:64:fe:71:74:13:da:5f:b1:
03:81:cc:55:4e:29:cf:ea:e0:63:84:83:97:fd:b1:df:2b:9f:
38:6b:7a:46:58:ca:dc:f0:b7:fa:82:fc:cc:db:e4:cb:7c:f8:
0d:5e:0b:c7:1e:31:6e:db:75:ae:37:85:c3:77:d5:f2:57:b6:
60:e5:52:5b:6c:88:97:a7:b5:3a:48:d3:24:7f:ba:f4:56:bf:
67:ab:56:2f:20:29:b8:2d:4f:6d:98:dc:c2:dc:d1:d5:8c:81:
11:c8:9c:2c:2e:cd:54:45:0e:b6:a7:98:df:b3:28:91:a2:6f:
2a:ac:86:8c:37:fa:87:8d:a2:18:11:37:83:7c:e7:d5:a7:50:
30:60:0f:03:e7:18:f9:2e:0b:0e:13:aa:dd:9d:fd:b1:17:33:
28:0a:28:e0:09:d3:ce:e6:ae:61:4d:8e:c5:fb:df:11:5b:1c:
a9:af:f6:99:2d:cd:0e:55:9a:3d:29:83:f9:7f:7b:9b:1e:93:
b3:ea:ad:8e:e7:a4:a8:31:d0:fb:0c:96:ff:db:9c:39:83:14:
e8:bc:82:06:4c:ca:d8:6f:0a:5c:2c:78:71:85:9f:eb:92:74:
02:44:80:10:66:e5:d3:93:1d:4b:42:13:08:0e:b7:03:da:83:
e9:26:94:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtlBcet69zm0GdYXlqrPf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTAxMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzUxMWU2ZjEwYjEwZTdlYTkwMmMwMWJhZmQxMjM0NDE0NzlhMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyslxwAZYbLwgU2vTklykYHvx7Mon
+/FnTos/MhBWeJiBxB0khepqkYifbcfVfGYwtLvWdHym4KC30enfH1ir3g1RiF6w
8jVcbXGbAOdgjLZbnF2nhvbKBa/uOV24hPNnFEQVugqm9+oHf4gdsP0+4cEQYmTn
+GCj7Y/iXCdBTW4ETr/EG/U91iC4VQPBebgLQon0b97GqwwIyfF33yS6GLQrqHwi
imzuos5itR+x1Y9cFeSn4EcF1A0eoc41jK90uYK7LT23azzAa+wJyk/0HarSWqhx
/5/wuLjclzxqPVAHSorgCeE6CNOY7H/T7x8n8ShReUiUi3wK0U7W7+euiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxRHm8QsQ5+qQLAG6/RI0QUeaBAMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvREZFZWJ4Q3hEbjZwQXNBYnI5RWpSQlI1b0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJfFMA0G
CSqGSIb3DQEBCwUAA4IBAQABNgoyO0Gqnm4DZP5xdBPaX7EDgcxVTinP6uBjhIOX
/bHfK584a3pGWMrc8Lf6gvzM2+TLfPgNXgvHHjFu23WuN4XDd9XyV7Zg5VJbbIiX
p7U6SNMkf7r0Vr9nq1YvICm4LU9tmNzC3NHVjIERyJwsLs1URQ62p5jfsyiRom8q
rIaMN/qHjaIYETeDfOfVp1AwYA8D5xj5LgsOE6rdnf2xFzMoCijgCdPO5q5hTY7F
+98RWxypr/aZLc0OVZo9KYP5f3ubHpOz6q2O56SoMdD7DJb/25w5gxTovIIGTMrY
bwpcLHhxhZ/rknQCRIAQZuXTkx1LQhMIDrcD2oPpJpTn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:40 2025 by rpki-client