Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7iLDXCkYvlyZ0O8baChDybFQRsM.roa
File: 7iLDXCkYvlyZ0O8baChDybFQRsM.roa (raw, json)
Hash identifier: tmUJFnmBtbROmdJKk4PaGs5Yr4qxrRYok2YKqFbCp0s=
Subject key identifier: EE:22:C3:5C:29:18:BE:5C:99:D0:EF:1B:68:28:43:C9:B1:50:46:C3
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018C34B041BF796B57DF93552637FC8EBAED
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7iLDXCkYvlyZ0O8baChDybFQRsM.roa
Signing time: Mon 04 Dec 2023 11:56:55 +0000
ROA not before: Mon 04 Dec 2023 11:56:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57974
IP address blocks: 185.21.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:b0:41:bf:79:6b:57:df:93:55:26:37:fc:8e:ba:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Dec 4 11:56:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee22c35c2918be5c99d0ef1b682843c9b15046c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4d:f4:f0:72:fc:ad:8b:1c:d0:18:2e:f7:d9:
13:f9:b2:0a:33:a8:a2:7c:79:c9:ec:a7:9f:af:81:
1c:d3:f3:0c:bd:26:f5:4c:56:71:1d:b4:5a:1f:f5:
9b:b2:f9:72:3c:61:2a:56:86:8b:60:2e:2f:f7:94:
e4:20:36:f8:63:75:b7:9e:0c:67:f3:2a:66:7f:47:
d6:de:98:6f:6c:a6:46:97:84:73:7b:98:c9:60:1a:
de:04:b5:17:70:49:78:6a:5d:56:89:6f:00:51:69:
66:46:a8:35:64:a2:c7:23:e9:0a:87:a7:90:a2:ec:
17:88:09:bf:8e:5b:27:b8:90:45:d1:ae:3d:3c:7b:
26:21:54:14:21:c6:99:9e:13:31:30:4b:99:7a:be:
d1:17:14:6c:7f:2c:e3:ea:f2:13:aa:b0:b5:23:ae:
40:f9:a0:58:23:ce:dc:41:61:be:d6:eb:0c:3e:54:
11:20:e7:40:c8:50:a3:df:ab:ce:81:1e:ce:d8:e9:
76:0f:3e:51:8d:70:77:7d:6d:80:a1:60:da:0b:71:
77:43:b4:51:f2:d1:9b:bd:6d:55:7e:1b:9c:2b:9e:
c9:f7:34:ea:19:c4:72:b8:de:db:52:1c:69:94:8b:
9e:08:e1:13:2a:8b:64:61:2e:18:7c:b5:27:16:c4:
ab:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:22:C3:5C:29:18:BE:5C:99:D0:EF:1B:68:28:43:C9:B1:50:46:C3
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7iLDXCkYvlyZ0O8baChDybFQRsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
35:5e:67:2c:31:13:d4:58:7d:23:26:f3:51:cf:2b:89:8f:2d:
8e:94:21:c6:88:2a:d4:15:1b:2c:77:fb:b5:3e:c9:fb:d5:f8:
da:02:25:53:4e:19:23:94:47:fb:6b:20:5b:45:8a:a5:ad:da:
20:ca:58:ef:4c:7c:4a:78:a1:34:10:4c:49:8b:20:c2:12:86:
7f:f1:b4:20:17:f1:f9:8b:62:26:86:2d:76:ec:f0:56:3c:3a:
4f:5f:b2:8b:fe:0c:36:2a:8d:ac:da:32:d3:a2:c7:f1:24:9f:
42:5a:e5:7f:64:65:1c:bf:5a:5c:43:c4:22:54:64:c4:7f:81:
70:2b:b8:a7:0d:f6:08:87:20:70:56:06:61:a1:e5:1e:0a:93:
a7:7c:05:87:f5:74:68:6c:e3:f1:af:6a:70:88:ff:a3:5c:52:
ed:98:e1:71:fe:0f:a6:3a:cf:af:b9:2c:21:b4:5f:aa:73:c4:
56:d8:fe:1c:a2:10:6c:e6:8d:63:d8:14:8b:e5:77:54:b6:12:
c8:c2:cd:be:77:54:b9:36:c2:c0:f8:70:28:6d:f1:41:74:93:
f6:4b:a9:16:23:ed:ab:d7:5d:0a:ad:3d:f1:2f:6e:1b:9b:74:
88:63:d7:0d:ee:36:db:be:ed:4e:a4:a1:54:2b:43:3c:fb:63:
30:d7:b9:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw0sEG/eWtX35NVJjf8jrrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMjA0MTE1NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTIyYzM1YzI5MThiZTVjOTlkMGVmMWI2ODI4NDNjOWIxNTA0NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0308HL8rYsc0Bgu99kT+bIKM6ii
fHnJ7Kefr4Ec0/MMvSb1TFZxHbRaH/WbsvlyPGEqVoaLYC4v95TkIDb4Y3W3ngxn
8ypmf0fW3phvbKZGl4Rze5jJYBreBLUXcEl4al1WiW8AUWlmRqg1ZKLHI+kKh6eQ
ouwXiAm/jlsnuJBF0a49PHsmIVQUIcaZnhMxMEuZer7RFxRsfyzj6vITqrC1I65A
+aBYI87cQWG+1usMPlQRIOdAyFCj36vOgR7O2Ol2Dz5RjXB3fW2AoWDaC3F3Q7RR
8tGbvW1VfhucK57J9zTqGcRyuN7bUhxplIueCOETKotkYS4YfLUnFsSrrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4iw1wpGL5cmdDvG2goQ8mxUEbDMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvN2lMRFhDa1l2bHlaME84YmFDaER5YkZRUnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX+MA0G
CSqGSIb3DQEBCwUAA4IBAQA1XmcsMRPUWH0jJvNRzyuJjy2OlCHGiCrUFRssd/u1
Psn71fjaAiVTThkjlEf7ayBbRYqlrdogyljvTHxKeKE0EExJiyDCEoZ/8bQgF/H5
i2Imhi127PBWPDpPX7KL/gw2Ko2s2jLTosfxJJ9CWuV/ZGUcv1pcQ8QiVGTEf4Fw
K7inDfYIhyBwVgZhoeUeCpOnfAWH9XRobOPxr2pwiP+jXFLtmOFx/g+mOs+vuSwh
tF+qc8RW2P4cohBs5o1j2BSL5XdUthLIws2+d1S5NsLA+HAobfFBdJP2S6kWI+2r
110KrT3xL24bm3SIY9cN7jbbvu1OpKFUK0M8+2Mw17nW
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:15 2025 by rpki-client