Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jSzgtljAOEz9gEs180oPjpUYJh0.roa
File: jSzgtljAOEz9gEs180oPjpUYJh0.roa (raw, json)
Hash identifier: C7DK1b2Iml+zVgcRYWcl4bJw2vNHwdpLJ2GBPL8UCKc=
Subject key identifier: 8D:2C:E0:B6:58:C0:38:4C:FD:80:4B:35:F3:4A:0F:8E:95:18:26:1D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01856D940ED0CAA1F384945E56C0FCAE6895
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jSzgtljAOEz9gEs180oPjpUYJh0.roa
Signing time: Sun 01 Jan 2023 13:44:57 +0000
ROA not before: Sun 01 Jan 2023 13:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 188.64.8.0/24 maxlen: 24
188.64.9.0/24 maxlen: 24
188.64.11.0/24 maxlen: 24
188.64.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:0e:d0:ca:a1:f3:84:94:5e:56:c0:fc:ae:68:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 13:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d2ce0b658c0384cfd804b35f34a0f8e9518261d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ec:40:9a:8b:2d:a2:af:fd:3d:66:5c:55:90:
5a:71:ea:fa:74:10:02:54:8e:c8:02:bc:d5:9d:68:
13:eb:99:bc:97:84:0b:4f:43:76:32:cd:de:cc:55:
66:d3:28:af:c6:a9:46:6f:d1:14:e9:38:2a:60:50:
00:a3:46:28:c0:3a:92:32:9e:bf:5b:46:5d:83:c7:
01:15:8e:15:eb:e8:ad:09:01:3a:c5:c2:45:2e:f9:
22:58:d4:f3:db:a7:7f:8b:00:fc:bc:09:74:4f:2a:
da:76:68:93:d5:ca:ac:f9:f7:05:69:21:28:85:d8:
ec:68:83:65:a4:5f:2c:a2:a3:ec:2c:b0:a9:a7:8b:
ed:3d:fb:be:df:0b:50:ac:05:6d:fd:58:a4:cc:a5:
8a:fa:e9:45:fb:89:5b:3f:52:01:ce:31:3b:d3:99:
a7:41:03:c6:29:f0:44:a4:6a:4a:08:e0:35:33:d1:
f6:40:cd:57:91:35:7e:04:1a:d3:8a:c9:e1:06:a3:
b8:28:e0:4d:db:27:28:5c:66:b8:98:ad:ff:29:72:
05:6b:74:8d:c0:92:d0:5f:45:e6:4f:50:6d:aa:96:
47:25:38:62:3b:2e:a1:f0:e6:ed:29:b6:38:d1:5a:
f6:81:fc:35:c4:38:31:37:59:61:c0:15:5c:d3:2e:
9b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2C:E0:B6:58:C0:38:4C:FD:80:4B:35:F3:4A:0F:8E:95:18:26:1D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/jSzgtljAOEz9gEs180oPjpUYJh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.8.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:6a:26:89:14:e9:a2:f4:52:4f:65:a3:c1:c5:5b:2d:da:c5:
6f:ba:30:96:03:e2:d7:87:2d:2f:85:6f:98:bb:41:5c:ef:b5:
38:1e:38:d5:23:25:ac:57:4b:e3:50:ac:37:40:7c:8d:59:b3:
48:5c:d3:98:18:29:44:43:50:50:ea:19:84:32:9a:63:78:25:
8c:be:15:5a:e5:09:10:08:5a:47:36:9c:f4:d4:37:fd:dd:22:
1f:16:ef:b4:40:68:5b:17:8d:a8:1b:65:4d:f3:28:c2:3d:2d:
a7:79:5d:e6:81:77:2c:25:3b:72:c2:f3:62:ce:2b:62:23:a5:
d0:9d:b3:75:61:54:0a:81:44:d6:21:3c:91:99:20:25:a4:d9:
c7:36:da:5e:7e:13:e3:a1:90:62:85:f0:78:19:c8:eb:4b:f3:
5c:20:ae:d1:28:a0:87:84:52:99:0b:7e:8f:2d:fc:6d:cd:d7:
45:21:e8:ed:80:18:90:75:f4:09:17:91:41:2e:7a:bf:7f:84:
9f:8a:cb:06:50:91:33:51:2e:d6:4c:46:e7:81:f3:fb:7c:40:
d9:6e:bf:e0:9d:45:3e:c6:66:7e:6c:6d:3a:1e:a6:d3:49:9e:
5f:e9:35:31:04:af:93:1b:8e:63:f9:8f:3c:48:f1:34:3d:bf:
75:8a:7b:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtlA7QyqHzhJReVsD8rmiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTAxMTM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJjZTBiNjU4YzAzODRjZmQ4MDRiMzVmMzRhMGY4ZTk1MTgyNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOxAmostoq/9PWZcVZBacer6dBAC
VI7IArzVnWgT65m8l4QLT0N2Ms3ezFVm0yivxqlGb9EU6TgqYFAAo0YowDqSMp6/
W0Zdg8cBFY4V6+itCQE6xcJFLvkiWNTz26d/iwD8vAl0TyradmiT1cqs+fcFaSEo
hdjsaINlpF8soqPsLLCpp4vtPfu+3wtQrAVt/VikzKWK+ulF+4lbP1IBzjE705mn
QQPGKfBEpGpKCOA1M9H2QM1XkTV+BBrTisnhBqO4KOBN2ycoXGa4mK3/KXIFa3SN
wJLQX0XmT1BtqpZHJThiOy6h8ObtKbY40Vr2gfw1xDgxN1lhwBVc0y6bTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0s4LZYwDhM/YBLNfNKD46VGCYdMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvalN6Z3RsakFPRXo5Z0VzMTgwb1BqcFVZSmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEAIMA0G
CSqGSIb3DQEBCwUAA4IBAQAcaiaJFOmi9FJPZaPBxVst2sVvujCWA+LXhy0vhW+Y
u0Fc77U4HjjVIyWsV0vjUKw3QHyNWbNIXNOYGClEQ1BQ6hmEMppjeCWMvhVa5QkQ
CFpHNpz01Df93SIfFu+0QGhbF42oG2VN8yjCPS2neV3mgXcsJTtywvNizitiI6XQ
nbN1YVQKgUTWITyRmSAlpNnHNtpefhPjoZBihfB4GcjrS/NcIK7RKKCHhFKZC36P
LfxtzddFIejtgBiQdfQJF5FBLnq/f4SfissGUJEzUS7WTEbngfP7fEDZbr/gnUU+
xmZ+bG06HqbTSZ5f6TUxBK+TG45j+Y88SPE0Pb91inuS
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:29 2025 by rpki-client