Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/hid0ssXF5iF4DaqtjlkvBRqWUrk.roa
File: hid0ssXF5iF4DaqtjlkvBRqWUrk.roa (raw, json)
Hash identifier: e7J85pJ8uHzEh45q8EyuZ0di/pZ62hQ4SEtlsWTxXw8=
Subject key identifier: 86:27:74:B2:C5:C5:E6:21:78:0D:AA:AD:8E:59:2F:05:1A:96:52:B9
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018C24D534283D6C06452D3744AADF0C0764
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/hid0ssXF5iF4DaqtjlkvBRqWUrk.roa
Signing time: Fri 01 Dec 2023 10:03:21 +0000
ROA not before: Fri 01 Dec 2023 10:03:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16589
IP address blocks: 178.216.184.0/21 maxlen: 24
198.145.112.0/22 maxlen: 24
198.14.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:d5:34:28:3d:6c:06:45:2d:37:44:aa:df:0c:07:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Dec 1 10:03:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=862774b2c5c5e621780daaad8e592f051a9652b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:13:4a:ea:64:f6:fc:8e:04:b3:95:b6:58:
ca:8b:29:ff:94:18:45:33:7b:15:8c:46:d0:97:9e:
c3:d3:be:37:9f:4d:6e:22:47:09:76:ae:e3:09:65:
30:59:45:bf:17:d9:bf:2a:90:3d:18:db:80:d5:47:
6f:8f:97:8c:d2:85:2e:30:0a:d7:9a:76:d8:7c:a4:
a4:9d:ba:08:59:68:7c:b5:c4:e5:bb:4e:0f:e3:66:
b2:f9:1f:0c:86:ee:f3:30:d6:2a:9e:f8:a0:cb:cd:
5f:35:5e:1d:ba:33:89:51:c3:11:0a:89:e4:4b:15:
92:64:c7:77:50:2d:25:18:48:d8:68:5c:85:bd:b4:
4f:65:62:27:06:cd:bb:6f:59:c0:7c:86:20:15:ba:
d8:02:65:70:34:84:67:d2:80:af:7a:e5:bb:cf:64:
97:e1:d8:27:2d:30:60:19:26:62:c7:4f:4a:94:e4:
98:3d:ec:75:53:da:f9:c9:bd:b8:c6:ef:05:ae:f4:
73:a2:d9:24:53:05:bf:2f:d3:42:19:de:16:54:6c:
ee:c9:91:92:26:24:ea:97:90:1e:f7:e8:e8:3a:55:
f7:b0:41:4a:51:ef:63:b0:4e:b6:66:bf:14:87:ab:
8a:12:48:e9:d5:f4:22:74:f6:61:dc:cd:3b:48:fc:
2d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:27:74:B2:C5:C5:E6:21:78:0D:AA:AD:8E:59:2F:05:1A:96:52:B9
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/hid0ssXF5iF4DaqtjlkvBRqWUrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.216.184.0/21
198.14.16.0/20
198.145.112.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:69:8f:45:43:81:a5:22:c8:42:ad:f8:31:52:be:1c:2a:f9:
d7:aa:0a:60:2e:e8:f8:0f:12:a9:05:49:82:f9:c5:dc:56:38:
74:10:4f:7a:3d:63:a0:9e:87:17:a7:be:df:da:06:38:dc:74:
dc:a4:02:83:d4:fe:c4:9c:fe:b6:5f:9e:a9:f7:b3:fc:15:d9:
ce:87:0d:2d:02:b8:d1:d0:82:c7:75:a7:c3:7c:ae:0a:59:45:
78:c0:a3:b0:97:c3:4b:df:90:aa:fb:ae:1f:a1:f4:c2:df:3e:
f2:7c:e2:5e:fa:bc:b4:b4:fa:f0:1c:09:56:9c:6e:cf:24:7f:
60:bd:36:3c:2b:a8:00:24:5d:48:5c:b2:ca:b7:3c:a0:33:11:
87:05:96:d9:f9:7a:85:28:12:09:2d:21:77:05:b7:78:3c:ea:
86:b8:ce:b5:ec:62:f9:07:4b:99:0c:d3:db:e8:ce:95:5d:e2:
73:96:fc:02:af:b7:7e:d9:66:59:f8:29:eb:70:46:89:d3:fa:
28:5d:5d:52:19:64:9f:e2:b3:c9:c2:78:ce:85:8e:d4:98:7a:
3e:54:10:76:b5:e1:e6:84:e9:1e:af:19:09:36:db:da:e3:dc:
32:bc:bd:da:dd:b4:23:13:13:47:1a:bb:8f:5b:41:8d:a9:de:
ee:f1:45:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwk1TQoPWwGRS03RKrfDAdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMxMjAxMTAwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI3NzRiMmM1YzVlNjIxNzgwZGFhYWQ4ZTU5MmYwNTFhOTY1MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGATSupk9vyOBLOVtljKiyn/lBhF
M3sVjEbQl57D0743n01uIkcJdq7jCWUwWUW/F9m/KpA9GNuA1Udvj5eM0oUuMArX
mnbYfKSknboIWWh8tcTlu04P42ay+R8Mhu7zMNYqnvigy81fNV4dujOJUcMRConk
SxWSZMd3UC0lGEjYaFyFvbRPZWInBs27b1nAfIYgFbrYAmVwNIRn0oCveuW7z2SX
4dgnLTBgGSZix09KlOSYPex1U9r5yb24xu8FrvRzotkkUwW/L9NCGd4WVGzuyZGS
JiTql5Ae9+joOlX3sEFKUe9jsE62Zr8Uh6uKEkjp1fQidPZh3M07SPwt/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIYndLLFxeYheA2qrY5ZLwUallK5MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvaGlkMHNzWEY1aUY0RGFxdGpsa3ZCUnFXVXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDsti4AwQE
xg4QAwQCxpFwMA0GCSqGSIb3DQEBCwUAA4IBAQAqaY9FQ4GlIshCrfgxUr4cKvnX
qgpgLuj4DxKpBUmC+cXcVjh0EE96PWOgnocXp77f2gY43HTcpAKD1P7EnP62X56p
97P8FdnOhw0tArjR0ILHdafDfK4KWUV4wKOwl8NL35Cq+64fofTC3z7yfOJe+ry0
tPrwHAlWnG7PJH9gvTY8K6gAJF1IXLLKtzygMxGHBZbZ+XqFKBIJLSF3Bbd4POqG
uM617GL5B0uZDNPb6M6VXeJzlvwCr7d+2WZZ+CnrcEaJ0/ooXV1SGWSf4rPJwnjO
hY7UmHo+VBB2teHmhOkerxkJNtva49wyvL3a3bQjExNHGruPW0GNqd7u8UWL
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:10:30 2025 by rpki-client