Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-kgEa-vIxqXPSmpFiuLvk3AxuQw.roa
File: 1-kgEa-vIxqXPSmpFiuLvk3AxuQw.roa (raw, json)
Hash identifier: 2iQ8PQPDsWSOLJjIbLhdyo1Rxt/K370PQsPXoy3NtG8=
Subject key identifier: FA:48:04:6B:EB:C8:C6:A5:CF:4A:6A:45:8A:E2:EF:93:70:31:B9:0C
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018A048DE8AEF1BC239ADECBCCD0B3AA0217
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-kgEa-vIxqXPSmpFiuLvk3AxuQw.roa
Signing time: Thu 17 Aug 2023 17:32:03 +0000
ROA not before: Thu 17 Aug 2023 17:32:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147291
IP address blocks: 185.21.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:04:8d:e8:ae:f1:bc:23:9a:de:cb:cc:d0:b3:aa:02:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Aug 17 17:32:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa48046bebc8c6a5cf4a6a458ae2ef937031b90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:38:38:96:a4:da:52:e0:4b:90:af:6a:53:89:
ea:e2:19:4d:c6:c6:34:2f:d1:89:62:bc:77:bc:30:
72:1f:dd:60:01:b6:3d:9f:cb:7c:58:62:16:c8:12:
c5:fa:1f:06:64:8a:ee:99:03:b7:ad:f6:c5:6f:81:
ec:0f:8c:b2:82:1a:6f:93:46:0f:50:31:ee:8b:6c:
97:81:a1:27:f0:2c:df:01:00:80:59:19:68:9e:d3:
4f:41:53:9e:d5:80:02:dc:49:3d:db:eb:1e:6f:61:
08:87:5a:8d:fb:41:da:05:e5:37:4a:58:70:26:3e:
ed:44:4a:e6:60:a4:55:1f:c7:e1:f9:09:42:45:2a:
55:81:3f:bd:17:93:71:88:de:8f:e5:75:b3:c1:21:
e1:a8:ba:ad:64:73:16:0d:25:d2:fe:ad:b7:d1:f6:
db:c3:e7:fd:44:ce:e6:a5:e9:a6:62:a5:64:1a:ec:
08:27:e1:67:7c:a4:1f:c2:a9:29:eb:a0:9c:c3:d8:
6c:bd:f8:66:cb:c7:a3:a1:24:13:e8:99:7a:ad:f9:
89:ca:e8:67:2b:d0:2d:df:c6:43:eb:e5:34:1c:ce:
88:4c:36:82:aa:4b:8d:f2:e6:cc:f1:f5:6d:c9:b5:
29:ad:ad:9d:71:c4:d6:f3:f4:3f:97:c3:ca:01:e2:
ae:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:48:04:6B:EB:C8:C6:A5:CF:4A:6A:45:8A:E2:EF:93:70:31:B9:0C
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-kgEa-vIxqXPSmpFiuLvk3AxuQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ca:ee:1f:fd:a9:a2:21:9f:7a:29:66:4a:86:0c:35:6f:89:
77:25:24:f4:3a:ef:23:7e:5a:4a:bf:58:c1:bd:c7:cf:4f:54:
be:6a:99:40:01:4e:9f:b3:ac:cf:bd:ba:d0:f1:dc:9f:1e:e2:
77:f0:52:6b:64:06:cc:6e:1b:f8:51:3f:74:ae:4c:b8:fe:2f:
3e:d2:62:a1:22:18:95:41:ef:8a:c4:79:1f:54:8d:d1:ea:fc:
36:d4:20:18:45:07:dd:99:05:02:7f:43:90:e1:1c:85:dc:96:
64:95:c1:10:bb:e3:59:dc:49:dd:6d:6a:19:70:67:bb:ec:62:
9b:aa:cd:54:86:57:61:5d:0b:85:4b:90:de:c8:d4:c8:aa:9f:
e5:ea:f9:46:e2:fb:65:5a:b5:08:f6:2f:f1:a4:1b:4c:f3:d4:
c9:2b:00:10:f0:42:3b:a5:6a:d0:92:8f:51:13:24:3f:52:c7:
4f:ca:46:d2:72:cf:3a:c0:38:fc:a7:a9:a5:c4:2f:85:5f:df:
5f:14:46:4b:fe:a4:dd:7e:d6:25:47:b4:39:a6:de:2d:7c:43:
46:a6:bf:68:17:d8:01:f7:2f:7a:1d:b8:6f:84:81:00:65:70:
c3:46:5d:bf:8b:75:15:32:65:85:8b:d7:1b:d9:15:a3:9b:76:
01:6d:4c:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYoEjeiu8bwjmt7LzNCzqgIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwODE3MTczMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ4MDQ2YmViYzhjNmE1Y2Y0YTZhNDU4YWUyZWY5MzcwMzFiOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTg4lqTaUuBLkK9qU4nq4hlNxsY0
L9GJYrx3vDByH91gAbY9n8t8WGIWyBLF+h8GZIrumQO3rfbFb4HsD4yyghpvk0YP
UDHui2yXgaEn8CzfAQCAWRlontNPQVOe1YAC3Ek92+seb2EIh1qN+0HaBeU3Slhw
Jj7tRErmYKRVH8fh+QlCRSpVgT+9F5NxiN6P5XWzwSHhqLqtZHMWDSXS/q230fbb
w+f9RM7mpemmYqVkGuwIJ+FnfKQfwqkp66Ccw9hsvfhmy8ejoSQT6Jl6rfmJyuhn
K9At38ZD6+U0HM6ITDaCqkuN8ubM8fVtybUpra2dccTW8/Q/l8PKAeKuzwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpIBGvryMalz0pqRYri75NwMbkMMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvMS1rZ0VhLXZJeHFYUFNtcEZpdUx2azNBeHVRdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvMWMwODRjLTk4MmQtNDA5OC1hZjQyLTM0MjViMTI1ZWFh
Ny8xL0RYSXVSUk9qbG5qWXF5T3kxa2wzVTBCUmpMay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkV/DAN
BgkqhkiG9w0BAQsFAAOCAQEAmsruH/2poiGfeilmSoYMNW+JdyUk9DrvI35aSr9Y
wb3Hz09UvmqZQAFOn7Osz7260PHcnx7id/BSa2QGzG4b+FE/dK5MuP4vPtJioSIY
lUHvisR5H1SN0er8NtQgGEUH3ZkFAn9DkOEchdyWZJXBELvjWdxJ3W1qGXBnu+xi
m6rNVIZXYV0LhUuQ3sjUyKqf5er5RuL7ZVq1CPYv8aQbTPPUySsAEPBCO6Vq0JKP
URMkP1LHT8pG0nLPOsA4/KeppcQvhV/fXxRGS/6k3X7WJUe0OabeLXxDRqa/aBfY
Afcveh24b4SBAGVww0Zdv4t1FTJlhYvXG9kVo5t2AW1M7Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:09 2025 by rpki-client