Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/cbl8wn56PNoe6IZTkS9yglvPcss.roa
File: cbl8wn56PNoe6IZTkS9yglvPcss.roa (raw, json)
Hash identifier: 4Xtud2BKoaHwjY13GyKVEi5/78Zmke5pxGIUtpyr5cM=
Subject key identifier: 71:B9:7C:C2:7E:7A:3C:DA:1E:E8:86:53:91:2F:72:82:5B:CF:72:CB
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14AF851AFCC73843010598CFE40434
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/cbl8wn56PNoe6IZTkS9yglvPcss.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204259
IP address blocks: 212.110.159.0/24 maxlen: 24
185.76.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:af:85:1a:fc:c7:38:43:01:05:98:cf:e4:04:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71b97cc27e7a3cda1ee88653912f72825bcf72cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5a:e6:d2:9c:83:e0:e5:bf:0e:74:b9:77:46:
67:c8:6a:b2:69:41:b3:d2:c5:fb:9a:e5:0e:58:21:
f8:a6:a5:53:c9:72:58:68:06:d0:2d:17:07:4a:72:
94:02:13:fd:78:7d:2d:a8:38:fa:77:8b:c7:0b:a9:
2a:72:b3:28:bf:e8:23:07:88:09:d5:49:6f:37:09:
8a:68:e7:6d:0e:f5:04:a5:1e:a7:2e:b4:38:4a:83:
12:ad:d4:d0:af:db:85:a6:61:04:9d:93:7d:f2:fb:
50:b0:7a:b6:1c:78:6a:7b:88:62:1b:a6:e3:62:41:
4a:af:a3:ea:3f:25:2c:cf:55:a9:4b:08:1f:84:a1:
3d:1a:ab:b0:c2:25:19:b2:92:37:51:f2:b8:73:f5:
d7:20:c4:76:9c:f7:f8:fc:98:f5:92:fb:24:51:ff:
34:4a:9a:42:9b:5b:05:d9:0e:d6:c8:b0:eb:67:23:
86:17:83:b5:97:e0:dc:34:81:22:f6:f4:14:bf:10:
0d:0c:55:6e:33:10:55:90:bd:2e:be:55:ed:99:b2:
ba:80:b2:43:de:3d:4a:cd:6b:9f:37:cf:f4:f6:44:
ab:b2:7e:b3:7c:92:28:71:a9:5d:0d:05:a0:8d:f9:
d4:eb:e9:4f:b0:4a:4b:59:8e:8e:4a:26:fd:7c:b8:
d8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B9:7C:C2:7E:7A:3C:DA:1E:E8:86:53:91:2F:72:82:5B:CF:72:CB
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/cbl8wn56PNoe6IZTkS9yglvPcss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.83.0/24
212.110.159.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:03:ee:eb:27:91:5f:f1:c0:78:8a:8a:d4:ea:2a:93:94:e3:
f4:00:d8:7f:1a:39:85:ed:27:e4:81:ac:9e:46:2e:43:bd:24:
63:70:23:77:4e:65:35:af:f2:75:fe:e7:9a:a2:cc:0a:be:60:
77:be:c4:4f:b1:0c:90:b3:2f:94:dd:bb:5e:03:35:4c:84:73:
e3:9f:c4:c9:3f:96:c7:fe:70:e1:8a:99:b1:8e:d2:32:5c:50:
3d:29:c3:aa:75:01:21:4e:5e:28:bf:d1:90:13:f2:54:c8:72:
5d:dc:7c:7a:8e:c9:68:a2:60:f3:cc:99:c0:1e:6c:77:4b:3d:
6c:e9:db:fd:0b:7c:57:94:97:c0:b5:71:ad:eb:df:37:a0:53:
01:80:c3:12:85:35:f7:cd:60:6c:ce:d3:c2:9c:8b:2e:53:f8:
91:26:00:e8:e0:6b:2b:ec:97:f5:e1:88:f6:60:a4:ba:c3:94:
07:ae:60:d5:12:19:92:bf:8d:c7:ea:57:91:3a:aa:bd:3b:d1:
68:ba:c7:87:33:c8:7b:4b:cf:de:8a:10:c5:c7:cc:4c:25:d0:
12:4b:c8:37:02:06:c9:b1:40:28:04:c0:62:bc:15:f5:d7:73:
e5:0c:6a:15:d8:77:bc:76:77:43:70:00:84:e1:a3:56:cd:7b:
4f:ea:e8:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFK+FGvzHOEMBBZjP5AQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWI5N2NjMjdlN2EzY2RhMWVlODg2NTM5MTJmNzI4MjViY2Y3MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlrm0pyD4OW/DnS5d0ZnyGqyaUGz
0sX7muUOWCH4pqVTyXJYaAbQLRcHSnKUAhP9eH0tqDj6d4vHC6kqcrMov+gjB4gJ
1UlvNwmKaOdtDvUEpR6nLrQ4SoMSrdTQr9uFpmEEnZN98vtQsHq2HHhqe4hiG6bj
YkFKr6PqPyUsz1WpSwgfhKE9GquwwiUZspI3UfK4c/XXIMR2nPf4/Jj1kvskUf80
SppCm1sF2Q7WyLDrZyOGF4O1l+DcNIEi9vQUvxANDFVuMxBVkL0uvlXtmbK6gLJD
3j1KzWufN8/09kSrsn6zfJIocaldDQWgjfnU6+lPsEpLWY6OSib9fLjYIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHG5fMJ+ejzaHuiGU5EvcoJbz3LLMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvY2JsOHduNTZQTm9lNklaVGtTOXlnbHZQY3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUxTAwQA
1G6fMA0GCSqGSIb3DQEBCwUAA4IBAQCMA+7rJ5Ff8cB4iorU6iqTlOP0ANh/GjmF
7SfkgayeRi5DvSRjcCN3TmU1r/J1/ueaoswKvmB3vsRPsQyQsy+U3bteAzVMhHPj
n8TJP5bH/nDhipmxjtIyXFA9KcOqdQEhTl4ov9GQE/JUyHJd3Hx6jsloomDzzJnA
Hmx3Sz1s6dv9C3xXlJfAtXGt6983oFMBgMMShTX3zWBsztPCnIsuU/iRJgDo4Gsr
7Jf14Yj2YKS6w5QHrmDVEhmSv43H6leROqq9O9FouseHM8h7S8/eihDFx8xMJdAS
S8g3AgbJsUAoBMBivBX113PlDGoV2He8dndDcACE4aNWzXtP6ug6
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:05:08 2025 by rpki-client