Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/AsN8F8VaHXE8k5hQX6GlupZFPOI.roa
File: AsN8F8VaHXE8k5hQX6GlupZFPOI.roa (raw, json)
Hash identifier: Ekuh8zAkKYs6+5GyxqTodcOsW70VqZRdm68eVS3RgoE=
Subject key identifier: 02:C3:7C:17:C5:5A:1D:71:3C:93:98:50:5F:A1:A5:BA:96:45:3C:E2
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 018BCFDF910B10D3A381244F99DDD0DFDFEE
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/AsN8F8VaHXE8k5hQX6GlupZFPOI.roa
Signing time: Tue 14 Nov 2023 22:06:57 +0000
ROA not before: Tue 14 Nov 2023 22:06:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15626
IP address blocks: 185.253.0.0/24 maxlen: 24
195.28.182.0/23 maxlen: 23
2001:67c:2f6c::/48 maxlen: 48
2a0a:8c46::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cf:df:91:0b:10:d3:a3:81:24:4f:99:dd:d0:df:df:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Nov 14 22:06:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02c37c17c55a1d713c9398505fa1a5ba96453ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0d:64:af:3c:05:0c:3a:d0:35:7f:7b:93:76:
6d:78:e2:54:88:45:e6:ad:43:03:1b:8c:77:c5:9b:
99:81:53:69:5c:4a:55:85:75:10:5d:bc:ed:82:f8:
d7:2c:c0:9e:84:60:5f:ad:37:c5:c4:3e:69:25:43:
01:78:9c:1b:be:1d:25:97:78:61:d9:e3:57:c2:b6:
8e:f5:76:7c:b5:5e:3e:b2:ef:15:59:76:f9:01:22:
10:a0:66:07:a6:c0:2f:8b:b2:63:aa:ec:73:85:b0:
b2:5d:c7:a4:e9:c7:39:49:27:27:47:44:b4:eb:07:
2c:f4:b7:84:1e:f4:d2:35:bc:60:4e:a3:49:51:9e:
05:0b:66:10:e6:5d:5f:72:2b:e1:2f:81:30:d7:c8:
72:20:28:17:d0:3c:c5:d0:06:cb:31:ee:87:b2:06:
5b:85:90:36:98:0c:b0:a7:03:bd:2f:c6:cc:98:e9:
4a:27:83:6c:ff:60:0a:67:56:be:48:97:35:5c:47:
e8:7d:a2:8e:09:33:24:db:99:91:9b:60:cd:dc:91:
13:50:95:6b:3e:6c:bd:09:3a:0b:c7:55:5d:8a:b9:
37:1a:aa:03:76:d6:e4:99:b0:e2:8e:bb:7a:07:af:
ee:39:1e:8e:aa:fc:af:2a:01:15:c2:91:09:5e:1d:
93:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C3:7C:17:C5:5A:1D:71:3C:93:98:50:5F:A1:A5:BA:96:45:3C:E2
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/AsN8F8VaHXE8k5hQX6GlupZFPOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.0.0/24
195.28.182.0/23
IPv6:
2001:67c:2f6c::/48
2a0a:8c46::/32
Signature Algorithm: sha256WithRSAEncryption
b9:0b:c7:13:25:25:4d:ab:8b:41:1a:8d:1b:94:6f:8d:5d:39:
b0:59:16:6e:a2:40:d2:f7:f3:39:dd:0a:6e:7d:b5:a0:8e:32:
d8:ea:94:a1:a6:44:dd:f1:b3:68:ee:a9:5e:91:59:58:a7:ab:
ad:15:02:be:71:8c:be:6e:c5:0f:f0:f4:fb:a8:c8:66:ce:ef:
4b:41:f4:62:cc:32:78:5f:5d:bf:3c:bf:cb:eb:cd:cb:ae:26:
56:b6:f3:4f:09:05:73:22:ca:c8:a8:20:e3:24:aa:98:3c:5d:
6a:33:8b:45:fa:68:82:a4:d9:68:c7:88:70:5d:00:0f:ba:0a:
82:a3:69:ab:c4:2b:93:ba:11:0a:f9:d6:f3:d2:ff:ac:ea:cf:
76:a9:4d:84:44:b9:d4:25:e2:a6:ad:34:22:6f:5e:1c:ed:32:
8e:6d:8d:05:58:16:44:8c:c6:93:c6:0a:23:41:7e:98:d3:23:
e8:dd:f6:83:4d:1b:56:66:bd:43:37:46:e9:fb:dc:c7:ac:96:
52:d6:b1:4b:65:5b:21:23:c3:89:55:3d:2d:6f:08:31:4e:c0:
64:e2:59:5d:0e:c1:be:a3:8c:2c:25:e1:35:c8:1c:0a:b0:e4:
13:12:7f:db:0c:aa:a4:63:94:e4:33:f2:86:d3:e6:34:fd:56:
8e:77:e5:62
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYvP35ELENOjgSRPmd3Q39/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjMxMTE0MjIwNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmMzN2MxN2M1NWExZDcxM2M5Mzk4NTA1ZmExYTViYTk2NDUzY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ1krzwFDDrQNX97k3ZteOJUiEXm
rUMDG4x3xZuZgVNpXEpVhXUQXbztgvjXLMCehGBfrTfFxD5pJUMBeJwbvh0ll3hh
2eNXwraO9XZ8tV4+su8VWXb5ASIQoGYHpsAvi7JjquxzhbCyXcek6cc5SScnR0S0
6wcs9LeEHvTSNbxgTqNJUZ4FC2YQ5l1fcivhL4Ew18hyICgX0DzF0AbLMe6HsgZb
hZA2mAywpwO9L8bMmOlKJ4Ns/2AKZ1a+SJc1XEfofaKOCTMk25mRm2DN3JETUJVr
Pmy9CToLx1Vdirk3GqoDdtbkmbDijrt6B6/uOR6OqvyvKgEVwpEJXh2TZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFALDfBfFWh1xPJOYUF+hpbqWRTziMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvQXNOOEY4VmFIWEU4azVoUVg2R2x1cFpGUE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAuf0AAwQB
wxy2MBYEAgACMBADBwAgAQZ8L2wDBQAqCoxGMA0GCSqGSIb3DQEBCwUAA4IBAQC5
C8cTJSVNq4tBGo0blG+NXTmwWRZuokDS9/M53QpufbWgjjLY6pShpkTd8bNo7qle
kVlYp6utFQK+cYy+bsUP8PT7qMhmzu9LQfRizDJ4X12/PL/L683LriZWtvNPCQVz
IsrIqCDjJKqYPF1qM4tF+miCpNlox4hwXQAPugqCo2mrxCuTuhEK+dbz0v+s6s92
qU2ERLnUJeKmrTQib14c7TKObY0FWBZEjMaTxgojQX6Y0yPo3faDTRtWZr1DN0bp
+9zHrJZS1rFLZVshI8OJVT0tbwgxTsBk4lldDsG+o4wsJeE1yBwKsOQTEn/bDKqk
Y5TkM/KG0+Y0/VaOd+Vi
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:20:55 2025 by rpki-client