Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/escDZwG-Y2nQKvHiCMnjQFn3KvI.roa
File: escDZwG-Y2nQKvHiCMnjQFn3KvI.roa (raw, json)
Hash identifier: PutSOlFq+pWqNEVpWbAEKN0bYMJzJARVoMGTaEFmUrs=
Subject key identifier: 7A:C7:03:67:01:BE:63:69:D0:2A:F1:E2:08:C9:E3:40:59:F7:2A:F2
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 05360E75
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/escDZwG-Y2nQKvHiCMnjQFn3KvI.roa
Signing time: Fri 13 May 2022 05:43:03 +0000
ROA not before: Fri 13 May 2022 05:43:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 85.239.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87428725 (0x5360e75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: May 13 05:43:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ac7036701be6369d02af1e208c9e34059f72af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ed:e1:66:73:18:43:b2:cb:69:60:9c:1b:e8:
23:45:f6:42:ca:6e:51:51:e3:07:ac:96:11:45:3a:
59:2a:fd:83:e0:d7:b9:71:ee:83:9b:97:81:1a:84:
a6:c5:a4:89:cf:74:f4:85:74:22:98:a7:74:9b:6e:
c5:0a:ac:03:94:1d:58:76:06:35:4a:5c:9d:5c:94:
ff:d2:13:31:3e:86:2a:ba:77:6a:b7:12:17:a0:46:
81:49:ee:be:21:08:b5:e7:b6:d5:d5:03:0e:55:5c:
b4:19:03:7d:7e:60:7b:6a:69:4a:92:8b:50:2d:2c:
f2:7a:23:1c:f1:a2:18:dc:fb:0d:9b:19:bb:c5:6a:
ed:6f:22:18:d6:5f:0d:cb:01:fe:25:2e:34:e6:85:
15:90:b3:e1:c6:a8:ca:32:62:3e:ce:eb:4b:34:20:
6f:e0:29:41:43:71:a9:b7:72:07:f8:34:d7:5d:2d:
fd:87:e7:e9:df:4f:0d:3b:4a:5a:cf:3b:b5:1e:d4:
19:d0:e5:85:af:01:9e:7f:90:ed:1d:37:f7:f7:12:
5e:94:0f:49:a1:a8:46:7a:43:07:fe:e5:24:cf:4f:
66:81:bf:f4:45:94:e9:20:5c:d8:d1:ec:dc:8b:70:
08:f4:0f:9d:ec:16:3c:83:cd:78:0d:87:7c:06:f9:
41:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C7:03:67:01:BE:63:69:D0:2A:F1:E2:08:C9:E3:40:59:F7:2A:F2
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/escDZwG-Y2nQKvHiCMnjQFn3KvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:d9:e5:5c:e8:8f:fa:19:e8:79:4d:e0:72:28:7f:65:44:c1:
77:df:d1:e0:4a:46:70:22:39:69:cc:90:eb:e1:5f:b6:94:2e:
14:9e:dc:91:f0:36:6a:54:47:3b:7c:18:7a:c3:72:8d:94:9b:
c6:dd:35:be:13:1b:af:95:9a:18:f6:93:e3:7f:3b:3c:8d:cc:
63:87:b9:f5:06:4d:4a:9e:2a:3f:96:4e:71:d6:e7:a2:40:2a:
74:8e:7f:eb:be:75:ba:82:3b:89:c2:b2:b0:ad:74:ac:35:6c:
2d:8e:a3:12:1d:d7:42:75:a6:0d:f3:15:ae:fb:da:e4:39:d7:
65:67:72:30:12:9a:86:c7:5a:40:35:87:7d:0c:b0:a2:ae:1c:
9c:73:d8:a8:73:84:26:50:89:16:02:87:f5:4e:61:b4:08:bb:
d8:91:2b:37:fc:3a:02:05:40:2f:ae:80:96:cc:aa:83:de:16:
2c:d4:be:2b:1f:ae:7f:65:61:21:2c:37:cd:df:57:55:bf:7b:
56:3e:81:b2:13:44:62:64:eb:96:38:f2:8a:b5:2a:92:1a:40:
7d:31:33:e5:05:9d:d1:34:d7:73:99:e3:1f:a8:95:42:21:09:
e6:fd:4c:4a:c9:1e:b0:d8:dd:bc:07:61:ad:21:ce:25:26:dd:
53:09:c8:fd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBTYOdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDUx
MzA1NDMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2FjNzAzNjcwMWJl
NjM2OWQwMmFmMWUyMDhjOWUzNDA1OWY3MmFmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3t4WZzGEOyy2lgnBvoI0X2QspuUVHjB6yWEUU6WSr9g+DX
uXHug5uXgRqEpsWkic909IV0IpindJtuxQqsA5QdWHYGNUpcnVyU/9ITMT6GKrp3
arcSF6BGgUnuviEItee21dUDDlVctBkDfX5ge2ppSpKLUC0s8nojHPGiGNz7DZsZ
u8Vq7W8iGNZfDcsB/iUuNOaFFZCz4caoyjJiPs7rSzQgb+ApQUNxqbdyB/g0110t
/Yfn6d9PDTtKWs87tR7UGdDlha8Bnn+Q7R039/cSXpQPSaGoRnpDB/7lJM9PZoG/
9EWU6SBc2NHs3ItwCPQPnewWPIPNeA2HfAb5QXECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6xwNnAb5jadAq8eIIyeNAWfcq8jAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L2VzY0Rad0ctWTJuUUt2SGlDTW5qUUZuM0t2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXvljANBgkqhkiG9w0BAQsFAAOC
AQEAXtnlXOiP+hnoeU3gcih/ZUTBd9/R4EpGcCI5acyQ6+FftpQuFJ7ckfA2alRH
O3wYesNyjZSbxt01vhMbr5WaGPaT4387PI3MY4e59QZNSp4qP5ZOcdbnokAqdI5/
6751uoI7icKysK10rDVsLY6jEh3XQnWmDfMVrvva5DnXZWdyMBKahsdaQDWHfQyw
oq4cnHPYqHOEJlCJFgKH9U5htAi72JErN/w6AgVAL66Alsyqg94WLNS+Kx+uf2Vh
ISw3zd9XVb97Vj6BshNEYmTrljjyirUqkhpAfTEz5QWd0TTXc5njH6iVQiEJ5v1M
SskesNjdvAdhrSHOJSbdUwnI/Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:10 2025 by rpki-client