Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/eeb757-5040-4bfb-a35d-a66289851cd9/1/CxH4w29p5TYY57dpf8ElrkxmO3o.roa
File: CxH4w29p5TYY57dpf8ElrkxmO3o.roa (raw, json)
Hash identifier: SQfkCN97ljswgPX/Y/ufHTr3WibCIKthxqbGRPtq8X4=
Subject key identifier: 0B:11:F8:C3:6F:69:E5:36:18:E7:B7:69:7F:C1:25:AE:4C:66:3B:7A
Certificate issuer: /CN=df7e716649dacbf6ea986023514dfe40df1a7cf0
Certificate serial: 01843EFD2B0F9C924DA71378AC887BAA7003
Authority key identifier: DF:7E:71:66:49:DA:CB:F6:EA:98:60:23:51:4D:FE:40:DF:1A:7C:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/335xZknay_bqmGAjUU3-QN8afPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/eeb757-5040-4bfb-a35d-a66289851cd9/1/CxH4w29p5TYY57dpf8ElrkxmO3o.roa
Signing time: Thu 03 Nov 2022 19:34:49 +0000
ROA not before: Thu 03 Nov 2022 19:34:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209281
IP address blocks: 185.74.223.0/24 maxlen: 24
2a04:7480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:fd:2b:0f:9c:92:4d:a7:13:78:ac:88:7b:aa:70:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df7e716649dacbf6ea986023514dfe40df1a7cf0
Validity
Not Before: Nov 3 19:34:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b11f8c36f69e53618e7b7697fc125ae4c663b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0b:34:4f:b4:3c:64:d1:1d:7a:86:e6:dc:81:
43:14:05:30:06:54:17:e0:af:b4:ae:4f:0a:9d:94:
fd:db:eb:9c:09:e7:5a:5f:7f:3d:33:4f:29:f0:78:
cd:4c:19:a7:b3:dc:52:8d:65:ef:1e:dc:87:5a:f7:
a8:2b:1f:1e:4d:61:16:b6:08:f4:36:be:7d:82:f6:
2e:93:d6:d0:19:0b:a2:fc:ef:67:a5:b4:f4:62:e4:
9e:50:ad:ab:70:80:5c:f4:fa:56:06:9d:fe:24:b3:
21:06:a3:81:31:65:c0:a7:07:09:cf:82:1b:15:d0:
88:6e:9d:55:be:0b:26:f9:f8:ba:06:29:e9:98:2a:
00:f3:68:00:6f:3e:73:3e:f6:5e:a5:e6:04:dd:3e:
c8:14:ff:ee:1a:97:9b:17:a9:ac:7c:c3:7a:f1:27:
03:43:2a:50:7f:e1:2b:6f:3a:ad:cf:87:39:36:35:
6e:c8:28:5e:20:ba:32:4d:44:78:9d:53:85:64:74:
7f:13:43:91:ba:b8:d1:e4:60:ad:88:a7:0a:b5:aa:
b8:3b:85:2a:c1:c1:08:f0:f3:b3:7c:6a:a6:a9:b9:
d3:0e:7d:27:b8:1d:cc:a4:73:c6:07:67:d0:78:88:
88:cf:a2:fd:1b:b4:b0:e9:c0:59:58:98:bd:06:d6:
5a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:11:F8:C3:6F:69:E5:36:18:E7:B7:69:7F:C1:25:AE:4C:66:3B:7A
X509v3 Authority Key Identifier:
keyid:DF:7E:71:66:49:DA:CB:F6:EA:98:60:23:51:4D:FE:40:DF:1A:7C:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/335xZknay_bqmGAjUU3-QN8afPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eeb757-5040-4bfb-a35d-a66289851cd9/1/CxH4w29p5TYY57dpf8ElrkxmO3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eeb757-5040-4bfb-a35d-a66289851cd9/1/335xZknay_bqmGAjUU3-QN8afPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.223.0/24
IPv6:
2a04:7480::/29
Signature Algorithm: sha256WithRSAEncryption
1d:5b:11:7e:85:f7:37:46:4d:4d:56:af:04:b9:50:cd:b3:c6:
cc:02:a3:19:ca:e2:c1:75:1b:56:2a:b9:1c:c1:98:2d:19:54:
a5:2a:d4:6a:9a:e3:90:3a:11:7e:51:27:84:03:1b:e7:bd:38:
32:cf:35:be:83:1e:18:b9:32:cd:78:7d:e1:6c:b6:33:de:3c:
d2:84:f4:cf:7a:5a:4a:08:b2:55:8c:f7:2a:7a:16:56:d0:6a:
cc:a2:4d:3d:14:c4:3e:75:43:66:a4:4f:c1:59:0f:fe:a3:67:
c1:e1:6b:cc:2e:32:a8:ed:f3:f8:70:fc:91:6c:7f:f0:ae:89:
4f:ca:09:c1:14:4b:59:4a:67:5f:01:14:3c:63:eb:de:dc:2e:
97:26:0e:9e:66:65:1f:7c:40:ce:26:fc:86:6e:54:af:e6:ad:
d5:19:8e:9f:d7:a5:2e:15:cb:b8:3c:06:d9:78:26:15:cf:19:
4a:96:ec:57:c9:ee:48:2d:de:16:02:02:06:c4:66:02:3b:16:
20:75:be:a8:36:81:d8:97:78:e1:8f:7e:72:ed:ca:9e:2d:c9:
18:d6:1d:2c:14:5d:73:f5:e7:85:55:47:06:d7:f2:5d:d0:19:
66:44:e4:3d:79:2d:fc:25:2f:e6:a0:31:22:ef:e1:38:27:5b:
75:bc:96:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQ+/SsPnJJNpxN4rIh7qnADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmN2U3MTY2NDlkYWNiZjZlYTk4NjAyMzUxNGRmZTQwZGYx
YTdjZjAwHhcNMjIxMTAzMTkzNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjExZjhjMzZmNjllNTM2MThlN2I3Njk3ZmMxMjVhZTRjNjYzYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngs0T7Q8ZNEdeobm3IFDFAUwBlQX
4K+0rk8KnZT92+ucCedaX389M08p8HjNTBmns9xSjWXvHtyHWveoKx8eTWEWtgj0
Nr59gvYuk9bQGQui/O9npbT0YuSeUK2rcIBc9PpWBp3+JLMhBqOBMWXApwcJz4Ib
FdCIbp1Vvgsm+fi6BinpmCoA82gAbz5zPvZepeYE3T7IFP/uGpebF6msfMN68ScD
QypQf+Erbzqtz4c5NjVuyCheILoyTUR4nVOFZHR/E0ORurjR5GCtiKcKtaq4O4Uq
wcEI8POzfGqmqbnTDn0nuB3MpHPGB2fQeIiIz6L9G7Sw6cBZWJi9BtZaPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAsR+MNvaeU2GOe3aX/BJa5MZjt6MB8GA1UdIwQY
MBaAFN9+cWZJ2sv26phgI1FN/kDfGnzwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzM1eFprbmF5X2JxbUdBalVVMy1RTjhhZlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lZWI3NTctNTA0MC00YmZiLWEzNWQt
YTY2Mjg5ODUxY2Q5LzEvQ3hINHcyOXA1VFlZNTdkcGY4RWxya3htTzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9lZWI3NTctNTA0MC00YmZiLWEzNWQtYTY2Mjg5ODUxY2Q5
LzEvMzM1eFprbmF5X2JxbUdBalVVMy1RTjhhZlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUrfMA0E
AgACMAcDBQMqBHSAMA0GCSqGSIb3DQEBCwUAA4IBAQAdWxF+hfc3Rk1NVq8EuVDN
s8bMAqMZyuLBdRtWKrkcwZgtGVSlKtRqmuOQOhF+USeEAxvnvTgyzzW+gx4YuTLN
eH3hbLYz3jzShPTPelpKCLJVjPcqehZW0GrMok09FMQ+dUNmpE/BWQ/+o2fB4WvM
LjKo7fP4cPyRbH/wrolPygnBFEtZSmdfARQ8Y+ve3C6XJg6eZmUffEDOJvyGblSv
5q3VGY6f16UuFcu4PAbZeCYVzxlKluxXye5ILd4WAgIGxGYCOxYgdb6oNoHYl3jh
j35y7cqeLckY1h0sFF1z9eeFVUcG1/Jd0BlmROQ9eS38JS/moDEi7+E4J1t1vJaP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:25 2024 by rpki-client on console-ams.rpki-client.org