Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/x84nJDbzb8-WHfbj8RO8CdUfS7U.roa
File: x84nJDbzb8-WHfbj8RO8CdUfS7U.roa (raw, json)
Hash identifier: 0EEoo3Y63g/AssL7yK/jROHEJdR/eGDXdQRVX+HX4T0=
Subject key identifier: C7:CE:27:24:36:F3:6F:CF:96:1D:F6:E3:F1:13:BC:09:D5:1F:4B:B5
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018A1CFAEA297CF5166CFA4042386DF966E1
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/x84nJDbzb8-WHfbj8RO8CdUfS7U.roa
Signing time: Tue 22 Aug 2023 11:22:00 +0000
ROA not before: Tue 22 Aug 2023 11:22:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 185.21.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:fa:ea:29:7c:f5:16:6c:fa:40:42:38:6d:f9:66:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Aug 22 11:22:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7ce272436f36fcf961df6e3f113bc09d51f4bb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:cc:7a:c9:46:9e:c6:03:38:11:be:5b:34:
69:e2:b3:5e:75:b8:e0:9a:97:a8:5b:21:09:ff:9d:
4f:dc:fa:a3:c7:85:bd:08:f2:08:f8:34:9f:3d:c0:
59:8b:86:af:1b:8c:7d:31:da:43:ad:ef:b8:7c:6b:
49:e5:a8:f1:39:2f:28:6a:63:a1:ef:54:2f:81:93:
e8:7b:68:14:29:0a:8d:62:af:c9:2e:d6:b7:c0:a3:
ed:2b:b7:2d:3f:61:18:8a:79:10:14:42:20:db:af:
0f:08:4c:9a:83:51:bb:41:3d:e0:c8:81:41:a7:99:
ee:93:cd:43:c3:a8:7c:d2:22:5f:5f:7a:86:94:10:
6e:92:9b:42:61:2c:f4:6a:77:05:1b:25:6d:1e:2b:
d8:43:40:a3:95:84:7f:23:1e:00:60:12:79:46:d0:
8e:73:8b:02:27:ee:07:d0:64:71:85:ca:ee:bd:80:
6a:f6:64:89:e0:57:e2:84:0e:dc:f2:17:47:87:87:
1c:e4:2c:33:0a:e4:f6:b1:f4:eb:d8:fd:ca:ab:bf:
7d:0c:03:76:93:34:04:8a:8c:c8:89:2e:ec:05:b2:
b1:8b:30:e7:3f:8f:5a:04:11:76:31:55:54:9a:f4:
33:88:71:cb:d3:2b:9f:b0:8d:75:8f:29:4d:81:b7:
91:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CE:27:24:36:F3:6F:CF:96:1D:F6:E3:F1:13:BC:09:D5:1F:4B:B5
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/x84nJDbzb8-WHfbj8RO8CdUfS7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.255.0/24
Signature Algorithm: sha256WithRSAEncryption
43:81:ef:e1:8b:7c:85:2c:10:88:e3:aa:16:bb:f6:ac:31:fa:
b6:00:e7:bf:4a:5a:12:e1:3c:bc:d1:c1:2e:80:8d:81:d9:4c:
98:8d:20:fb:5a:9b:4f:be:96:7d:4e:8e:c5:65:5d:77:c2:7f:
42:f6:82:a3:27:10:23:59:4c:4a:25:59:8c:e5:19:b9:33:e0:
7b:cc:0f:b3:eb:be:2e:96:1c:e1:d5:c6:85:50:3a:e5:1b:4c:
3b:05:1c:39:7c:93:63:8f:bd:3e:f5:7e:36:a5:ec:51:40:d2:
6b:9f:3f:90:c7:ee:e1:45:8f:d0:3b:8c:70:39:cb:75:bc:11:
9e:ed:e5:6b:a3:8d:cd:74:6e:67:bb:ff:4b:35:4c:4b:eb:50:
40:fe:fb:bb:33:bb:a2:8a:4e:54:88:0e:22:4b:dd:89:e7:f1:
0e:8b:18:e4:33:92:45:53:df:e4:a4:ad:52:47:14:db:d9:4d:
8d:d8:7e:32:ae:78:8d:9f:cc:81:1e:d0:7d:bf:6c:7c:00:95:
45:d3:ae:b1:7f:d9:f8:d6:d3:12:b1:b5:cb:06:44:be:f4:75:
24:e1:89:5c:b0:ff:c7:33:db:17:01:ec:ac:01:0e:9f:89:9a:
50:9d:3f:30:fe:5f:27:60:b2:f6:2e:e3:46:88:07:5b:75:40:
5c:ad:f0:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoc+uopfPUWbPpAQjht+WbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwODIyMTEyMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2NlMjcyNDM2ZjM2ZmNmOTYxZGY2ZTNmMTEzYmMwOWQ1MWY0YmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf/MeslGnsYDOBG+WzRp4rNedbjg
mpeoWyEJ/51P3Pqjx4W9CPII+DSfPcBZi4avG4x9MdpDre+4fGtJ5ajxOS8oamOh
71QvgZPoe2gUKQqNYq/JLta3wKPtK7ctP2EYinkQFEIg268PCEyag1G7QT3gyIFB
p5nuk81Dw6h80iJfX3qGlBBukptCYSz0ancFGyVtHivYQ0CjlYR/Ix4AYBJ5RtCO
c4sCJ+4H0GRxhcruvYBq9mSJ4FfihA7c8hdHh4cc5CwzCuT2sfTr2P3Kq799DAN2
kzQEiozIiS7sBbKxizDnP49aBBF2MVVUmvQziHHL0yufsI11jylNgbeRfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfOJyQ282/Plh324/ETvAnVH0u1MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEveDg0bkpEYnpiOC1XSGZiajhSTzhDZFVmUzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX/MA0G
CSqGSIb3DQEBCwUAA4IBAQBDge/hi3yFLBCI46oWu/asMfq2AOe/SloS4Ty80cEu
gI2B2UyYjSD7WptPvpZ9To7FZV13wn9C9oKjJxAjWUxKJVmM5Rm5M+B7zA+z674u
lhzh1caFUDrlG0w7BRw5fJNjj70+9X42pexRQNJrnz+Qx+7hRY/QO4xwOct1vBGe
7eVro43NdG5nu/9LNUxL61BA/vu7M7uiik5UiA4iS92J5/EOixjkM5JFU9/kpK1S
RxTb2U2N2H4yrniNn8yBHtB9v2x8AJVF066xf9n41tMSsbXLBkS+9HUk4YlcsP/H
M9sXAeysAQ6fiZpQnT8w/l8nYLL2LuNGiAdbdUBcrfBB
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:18 2025 by rpki-client