Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/ocG9genpmJZchftaDkDf3hJjS_M.roa
File: ocG9genpmJZchftaDkDf3hJjS_M.roa (raw, json)
Hash identifier: Iu0NjtCb+RLsJEN5WFP+FqZcZO4C9kwina3Hc+9q0X0=
Subject key identifier: A1:C1:BD:81:E9:E9:98:96:5C:85:FB:5A:0E:40:DF:DE:12:63:4B:F3
Certificate issuer: /CN=593b53fb9306346f272494928d77839cbaf9ddc7
Certificate serial: 01856DA658CEA1A1ACA20F98349B6286682E
Authority key identifier: 59:3B:53:FB:93:06:34:6F:27:24:94:92:8D:77:83:9C:BA:F9:DD:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WTtT-5MGNG8nJJSSjXeDnLr53cc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/ocG9genpmJZchftaDkDf3hJjS_M.roa
Signing time: Sun 01 Jan 2023 14:04:56 +0000
ROA not before: Sun 01 Jan 2023 14:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43128
IP address blocks: 178.218.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:58:ce:a1:a1:ac:a2:0f:98:34:9b:62:86:68:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=593b53fb9306346f272494928d77839cbaf9ddc7
Validity
Not Before: Jan 1 14:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1c1bd81e9e998965c85fb5a0e40dfde12634bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f0:5d:b9:11:27:60:4b:39:ef:0a:5c:d1:e4:
c3:72:0d:e1:03:5a:59:ed:0a:65:71:8a:4b:09:2b:
89:99:f5:b6:c5:79:c4:00:0b:5e:ae:cb:7f:aa:46:
43:d6:b2:9e:6d:c7:63:3f:fb:87:40:64:87:d3:a3:
cd:15:66:0d:2b:84:18:98:4e:6a:de:83:25:a6:d9:
88:92:76:ab:86:8b:2f:61:6c:48:ab:ae:e0:89:d5:
e1:1a:d2:16:76:15:f3:73:26:6d:75:1e:94:fb:27:
b7:c9:1b:ed:49:75:0d:cf:b4:60:4d:db:19:60:8f:
1a:c7:9e:77:ed:6f:10:1a:54:8d:58:e0:15:eb:9e:
be:9d:af:95:c4:1b:44:f9:e4:14:44:1b:94:f6:5b:
f6:18:d1:b4:b4:53:8c:73:e6:76:9b:75:60:02:fd:
d9:79:a7:e0:ff:d2:45:7f:cc:e4:dd:86:82:9d:29:
56:ea:b2:ed:65:1a:f6:5f:42:f2:b6:25:ba:78:e2:
98:b9:96:af:6e:ef:42:8b:23:41:2b:dc:32:56:3a:
ef:ae:3c:37:9f:34:15:e6:fb:06:74:56:4a:fb:33:
a0:c9:ed:17:52:54:20:28:bc:ab:24:93:d4:a4:d6:
a1:87:89:36:3a:72:24:f4:d3:ef:13:13:e8:42:46:
ac:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C1:BD:81:E9:E9:98:96:5C:85:FB:5A:0E:40:DF:DE:12:63:4B:F3
X509v3 Authority Key Identifier:
keyid:59:3B:53:FB:93:06:34:6F:27:24:94:92:8D:77:83:9C:BA:F9:DD:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WTtT-5MGNG8nJJSSjXeDnLr53cc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/ocG9genpmJZchftaDkDf3hJjS_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/12fc9e-ea3b-41c0-950e-4475a9bf250e/1/WTtT-5MGNG8nJJSSjXeDnLr53cc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.175.0/24
Signature Algorithm: sha256WithRSAEncryption
73:8d:8e:b9:87:28:29:83:18:52:5a:c9:7c:b3:8d:f2:c8:e9:
f8:5f:0a:fc:32:53:0e:4a:97:af:67:e5:32:c8:33:cd:40:0d:
9e:a7:b2:f8:2b:2a:68:bd:9c:df:40:ec:b3:57:76:79:68:2b:
b6:f6:58:6c:91:19:00:0a:b8:ef:fe:b7:53:1f:f2:99:23:33:
ed:41:27:b8:62:a8:31:a7:7d:db:e4:c9:55:ab:3e:b9:bc:9a:
6b:4e:68:e9:a0:50:b7:d9:4a:cc:25:5b:f5:aa:b9:25:aa:5a:
95:ad:4e:26:b6:df:e0:b5:93:f2:8e:8f:3c:52:e5:65:01:17:
9f:93:29:4c:80:4a:e0:e1:72:e3:d9:e7:57:1c:77:17:5e:79:
20:93:57:7f:80:c6:ad:06:da:89:b1:8b:2e:4a:40:28:65:88:
87:5f:7f:57:24:13:0d:87:64:34:79:4f:14:14:5c:bd:7a:2c:
d0:ff:a6:bb:01:07:bc:75:fe:72:6a:e8:72:ba:1d:a9:a3:04:
4a:fd:7a:6e:60:48:1a:78:b2:a5:1a:db:da:61:58:0d:bc:11:
ad:fd:f8:c8:5e:bf:93:a2:f9:c7:60:ae:0b:34:a7:e2:f4:a3:
05:c9:f1:67:5e:28:73:17:c2:b2:d2:9e:8f:2c:44:fa:4c:4a:
60:a0:e9:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpljOoaGsog+YNJtihmguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5M2I1M2ZiOTMwNjM0NmYyNzI0OTQ5MjhkNzc4MzljYmFm
OWRkYzcwHhcNMjMwMTAxMTQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWMxYmQ4MWU5ZTk5ODk2NWM4NWZiNWEwZTQwZGZkZTEyNjM0YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvBduREnYEs57wpc0eTDcg3hA1pZ
7QplcYpLCSuJmfW2xXnEAAterst/qkZD1rKebcdjP/uHQGSH06PNFWYNK4QYmE5q
3oMlptmIknarhosvYWxIq67gidXhGtIWdhXzcyZtdR6U+ye3yRvtSXUNz7RgTdsZ
YI8ax5537W8QGlSNWOAV656+na+VxBtE+eQURBuU9lv2GNG0tFOMc+Z2m3VgAv3Z
eafg/9JFf8zk3YaCnSlW6rLtZRr2X0LytiW6eOKYuZavbu9CiyNBK9wyVjrvrjw3
nzQV5vsGdFZK+zOgye0XUlQgKLyrJJPUpNahh4k2OnIk9NPvExPoQkas+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHBvYHp6ZiWXIX7Wg5A394SY0vzMB8GA1UdIwQY
MBaAFFk7U/uTBjRvJySUko13g5y6+d3HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1R0VC01TUdORzhuSkpTU2pYZURuTHI1M2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMmZjOWUtZWEzYi00MWMwLTk1MGUt
NDQ3NWE5YmYyNTBlLzEvb2NHOWdlbnBtSlpjaGZ0YURrRGYzaEpqU19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8xMmZjOWUtZWEzYi00MWMwLTk1MGUtNDQ3NWE5YmYyNTBl
LzEvV1R0VC01TUdORzhuSkpTU2pYZURuTHI1M2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstqvMA0G
CSqGSIb3DQEBCwUAA4IBAQBzjY65hygpgxhSWsl8s43yyOn4Xwr8MlMOSpevZ+Uy
yDPNQA2ep7L4KypovZzfQOyzV3Z5aCu29lhskRkACrjv/rdTH/KZIzPtQSe4Yqgx
p33b5MlVqz65vJprTmjpoFC32UrMJVv1qrklqlqVrU4mtt/gtZPyjo88UuVlARef
kylMgErg4XLj2edXHHcXXnkgk1d/gMatBtqJsYsuSkAoZYiHX39XJBMNh2Q0eU8U
FFy9eizQ/6a7AQe8df5yauhyuh2powRK/XpuYEgaeLKlGtvaYVgNvBGt/fjIXr+T
ovnHYK4LNKfi9KMFyfFnXihzF8Ky0p6PLET6TEpgoOku
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:02 2025 by rpki-client