Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pk4BMzMWkiulG9aYni6ECrWdL00.roa
File: pk4BMzMWkiulG9aYni6ECrWdL00.roa (raw, json)
Hash identifier: cCcFq/kiHDbw5oW5A6qF5Nn94jjzLntOFHEhj0MV4rg=
Subject key identifier: A6:4E:01:33:33:16:92:2B:A5:1B:D6:98:9E:2E:84:0A:B5:9D:2F:4D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01864EB41876C4E039BD74B49BF38D9FAA48
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pk4BMzMWkiulG9aYni6ECrWdL00.roa
Signing time: Tue 14 Feb 2023 06:54:30 +0000
ROA not before: Tue 14 Feb 2023 06:54:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15723
IP address blocks: 164.215.102.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:b4:18:76:c4:e0:39:bd:74:b4:9b:f3:8d:9f:aa:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 14 06:54:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a64e01333316922ba51bd6989e2e840ab59d2f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:67:8f:8f:9e:7e:7f:9d:59:71:a1:de:a0:a8:
fd:d8:da:64:37:ab:ce:2b:3f:af:61:12:ec:02:09:
e1:93:ba:05:d7:e4:26:f3:8e:b3:9c:91:4e:74:1d:
8b:ed:c1:7a:c0:ad:8b:63:17:45:fe:20:07:9f:d2:
ea:ae:d4:7e:65:40:e3:d8:0b:58:f8:cb:58:06:e4:
a5:60:4d:f2:03:af:2d:5f:9e:97:b4:c0:67:db:e6:
0a:41:16:ef:dd:32:38:37:34:fb:7a:39:01:bf:55:
ef:30:a8:a5:bd:b7:b0:63:d3:55:e7:e8:65:a8:8e:
4b:54:ee:7b:7a:0c:5d:dc:40:02:c6:76:14:a5:31:
7d:ca:f3:dd:fc:ff:73:82:6b:b5:e1:63:e5:a6:6a:
7c:fe:9a:1d:12:e3:51:47:e0:07:78:ca:95:03:0e:
e3:a7:da:18:31:b2:05:e8:7c:a9:32:ff:9c:3c:0e:
43:c0:19:0b:b1:d8:b9:ce:51:a6:ff:a1:3f:69:18:
72:3e:71:0a:35:6b:80:d0:6c:14:1c:96:7b:64:d9:
b9:33:2d:b5:e9:e3:cb:d4:f1:e3:13:f8:89:b7:98:
36:b3:ee:f5:0a:e1:dd:25:84:e2:9f:3e:ca:2a:8a:
7b:33:2f:2b:47:49:71:67:26:ab:ac:3f:28:d7:b8:
89:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4E:01:33:33:16:92:2B:A5:1B:D6:98:9E:2E:84:0A:B5:9D:2F:4D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pk4BMzMWkiulG9aYni6ECrWdL00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.212.0/24
164.215.102.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:df:d8:d6:4d:72:e7:30:77:d8:9e:36:81:bd:2d:78:72:44:
af:cb:1d:77:ee:27:6f:a6:a8:53:df:43:9c:22:00:10:84:e1:
58:fa:d2:be:8f:ff:a4:85:af:82:fe:15:4b:8b:c9:e0:f7:3b:
6c:8c:18:3b:a3:03:34:f6:e5:dd:95:5f:f9:58:e3:50:65:02:
43:d0:eb:29:32:8a:0f:46:7f:4c:65:04:28:35:52:87:ce:e8:
2c:ac:fe:22:1f:14:34:3d:a9:71:a2:e2:a4:71:1e:26:26:35:
21:f6:3c:48:10:63:c8:8c:eb:9c:46:a3:5d:59:4c:61:ee:ea:
2b:bb:a6:a2:95:b1:97:2a:1e:2d:b2:75:eb:f4:5f:c9:13:d8:
84:69:14:7e:4f:8c:0f:5d:1b:c1:19:67:bc:86:f1:0e:7e:4d:
39:b0:4d:fa:a6:46:6b:4e:41:57:26:d7:9c:95:84:82:ed:6a:
c4:ea:4c:1a:80:1c:48:0b:d4:68:d2:2f:81:7e:4d:d0:63:75:
89:98:d5:c5:e6:69:2c:31:b8:9d:f3:26:13:6f:de:6d:f8:f7:
94:fc:13:21:ed:20:50:32:a1:62:f5:1a:30:c7:88:e3:c1:28:
cb:7f:86:e4:c1:0c:be:af:9e:ed:f6:b9:e3:04:2e:62:d6:d8:
ab:e4:1f:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZOtBh2xOA5vXS0m/ONn6pIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjE0MDY1NDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjRlMDEzMzMzMTY5MjJiYTUxYmQ2OTg5ZTJlODQwYWI1OWQyZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmePj55+f51ZcaHeoKj92NpkN6vO
Kz+vYRLsAgnhk7oF1+Qm846znJFOdB2L7cF6wK2LYxdF/iAHn9LqrtR+ZUDj2AtY
+MtYBuSlYE3yA68tX56XtMBn2+YKQRbv3TI4NzT7ejkBv1XvMKilvbewY9NV5+hl
qI5LVO57egxd3EACxnYUpTF9yvPd/P9zgmu14WPlpmp8/podEuNRR+AHeMqVAw7j
p9oYMbIF6HypMv+cPA5DwBkLsdi5zlGm/6E/aRhyPnEKNWuA0GwUHJZ7ZNm5My21
6ePL1PHjE/iJt5g2s+71CuHdJYTinz7KKop7My8rR0lxZyarrD8o17iJowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKZOATMzFpIrpRvWmJ4uhAq1nS9NMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvcGs0Qk16TVdraXVsRzlhWW5pNkVDcldkTDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbc3UAwQA
pNdmMA0GCSqGSIb3DQEBCwUAA4IBAQCo39jWTXLnMHfYnjaBvS14ckSvyx137idv
pqhT30OcIgAQhOFY+tK+j/+kha+C/hVLi8ng9ztsjBg7owM09uXdlV/5WONQZQJD
0OspMooPRn9MZQQoNVKHzugsrP4iHxQ0PalxouKkcR4mJjUh9jxIEGPIjOucRqNd
WUxh7uoru6ailbGXKh4tsnXr9F/JE9iEaRR+T4wPXRvBGWe8hvEOfk05sE36pkZr
TkFXJteclYSC7WrE6kwagBxIC9Ro0i+Bfk3QY3WJmNXF5mksMbid8yYTb95t+PeU
/BMh7SBQMqFi9Rowx4jjwSjLf4bkwQy+r57t9rnjBC5i1tir5B+x
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:47 2025 by rpki-client