Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jOuP0yUMj3pneeDbDc55chK-388.roa
File: jOuP0yUMj3pneeDbDc55chK-388.roa (raw, json)
Hash identifier: gB8P2gDUEtElB/P//wguR2kw+PMKQBlMYGphqFEf+aM=
Subject key identifier: 8C:EB:8F:D3:25:0C:8F:7A:67:79:E0:DB:0D:CE:79:72:12:BE:DF:CF
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01856D940F7888953C7AD3449918E8879BE4
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jOuP0yUMj3pneeDbDc55chK-388.roa
Signing time: Sun 01 Jan 2023 13:44:57 +0000
ROA not before: Sun 01 Jan 2023 13:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:0f:78:88:95:3c:7a:d3:44:99:18:e8:87:9b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 13:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ceb8fd3250c8f7a6779e0db0dce797212bedfcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1b:c0:33:f5:9b:ec:3e:13:a8:6e:d8:b5:78:
5d:5f:6b:35:94:f5:ea:20:a3:f5:bc:d8:72:a9:30:
ac:50:1e:94:5f:4b:94:63:79:45:f4:49:f2:04:27:
a9:fd:65:1d:03:aa:2a:4a:9a:9a:66:c1:31:ac:05:
9d:ac:9d:15:15:d8:91:99:02:b0:08:d9:61:39:ff:
bf:58:37:78:56:94:f7:cc:88:97:86:0e:32:eb:c0:
84:c3:55:7d:b1:1f:88:00:c6:07:3d:64:2f:53:b7:
76:18:22:06:57:4e:df:d2:07:97:b9:58:d4:b5:64:
4e:26:b1:b6:f2:b3:8a:c1:46:d3:56:4b:b7:66:7b:
c1:99:33:56:48:f9:21:0c:44:3d:db:60:cc:10:cc:
b6:8e:87:8c:d3:37:d1:b0:73:30:ed:47:7a:e5:e5:
54:d5:03:be:82:ca:eb:d7:62:f1:71:a3:bc:a3:ae:
56:74:83:57:b7:0e:bd:ff:24:9c:a6:1b:51:e3:26:
f2:6e:2f:e3:51:12:c7:de:cb:63:6d:f5:a7:a8:84:
77:7c:91:87:5a:2c:f2:43:d6:dc:cf:12:79:c8:10:
98:87:3b:46:18:a1:74:ba:33:42:45:f8:38:71:82:
0d:09:e8:d3:f0:7b:7d:b0:9d:db:80:fb:98:82:3f:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:EB:8F:D3:25:0C:8F:7A:67:79:E0:DB:0D:CE:79:72:12:BE:DF:CF
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jOuP0yUMj3pneeDbDc55chK-388.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.201.0-37.128.203.255
46.23.96.0/24
46.23.98.0/23
185.81.216.0/23
Signature Algorithm: sha256WithRSAEncryption
78:da:73:fb:1c:ea:82:d5:09:15:94:64:0d:69:24:9e:df:2c:
c7:8b:b0:fa:51:b5:a1:70:f2:aa:00:7c:ab:7c:d9:01:bb:2b:
49:bf:de:57:41:9e:a5:81:a0:28:99:b4:1a:38:a0:82:6d:e5:
03:d7:15:54:72:38:0d:3b:18:fc:1a:58:8d:7a:0f:3e:0e:61:
20:a9:d6:ba:07:3f:d5:85:d4:b0:93:3d:11:9b:dd:1c:4f:f4:
17:1f:25:cb:f8:1d:8e:91:b6:13:a2:18:a9:6c:2a:b1:7e:1c:
e4:87:99:66:ed:38:62:71:11:56:f8:af:69:fe:8e:12:31:a3:
15:1a:58:ca:1d:2a:02:ea:f5:1b:ed:e4:21:e8:fc:1c:18:3f:
47:2d:74:44:c1:4b:64:4b:e6:a2:b3:a5:a6:22:42:38:17:08:
8b:a8:59:ca:c3:84:58:cf:d7:2c:48:0a:93:51:0b:99:a2:4c:
27:fb:1f:70:44:dd:50:41:55:c7:b4:d7:96:5b:0e:73:47:eb:
dc:f4:80:8a:00:e5:ea:2a:c7:f5:f7:29:bb:f2:d8:04:26:ec:
1c:5b:cb:46:79:4a:d8:5a:81:a5:06:73:bf:5d:47:de:65:db:
cf:b2:a7:12:96:b6:c6:46:0f:5c:09:0d:09:c1:27:a3:15:be:
7a:a8:f7:f7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVtlA94iJU8etNEmRjoh5vkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTAxMTM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2ViOGZkMzI1MGM4ZjdhNjc3OWUwZGIwZGNlNzk3MjEyYmVkZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBvAM/Wb7D4TqG7YtXhdX2s1lPXq
IKP1vNhyqTCsUB6UX0uUY3lF9EnyBCep/WUdA6oqSpqaZsExrAWdrJ0VFdiRmQKw
CNlhOf+/WDd4VpT3zIiXhg4y68CEw1V9sR+IAMYHPWQvU7d2GCIGV07f0geXuVjU
tWROJrG28rOKwUbTVku3ZnvBmTNWSPkhDEQ922DMEMy2joeM0zfRsHMw7Ud65eVU
1QO+gsrr12LxcaO8o65WdINXtw69/yScphtR4ybybi/jURLH3stjbfWnqIR3fJGH
WizyQ9bczxJ5yBCYhztGGKF0ujNCRfg4cYINCejT8Ht9sJ3bgPuYgj9gCwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIzrj9MlDI96Z3ng2w3OeXISvt/PMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvak91UDB5VU1qM3BuZWVEYkRjNTVjaEstMzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAlgMkD
BAIlgMgDBAAuF2ADBAEuF2IDBAG5UdgwDQYJKoZIhvcNAQELBQADggEBAHjac/sc
6oLVCRWUZA1pJJ7fLMeLsPpRtaFw8qoAfKt82QG7K0m/3ldBnqWBoCiZtBo4oIJt
5QPXFVRyOA07GPwaWI16Dz4OYSCp1roHP9WF1LCTPRGb3RxP9BcfJcv4HY6RthOi
GKlsKrF+HOSHmWbtOGJxEVb4r2n+jhIxoxUaWModKgLq9Rvt5CHo/BwYP0ctdETB
S2RL5qKzpaYiQjgXCIuoWcrDhFjP1yxICpNRC5miTCf7H3BE3VBBVce015ZbDnNH
69z0gIoA5eoqx/X3Kbvy2AQm7Bxby0Z5SthagaUGc79dR95l28+ypxKWtsZGD1wJ
DQnBJ6MVvnqo9/c=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:18 2025 by rpki-client