Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f491a0-b666-4e9f-b0f9-6eed52968b1c/1/NdzIlf2bXyoyEME0ZUCZisW7WrI.roa
File: NdzIlf2bXyoyEME0ZUCZisW7WrI.roa (raw, json)
Hash identifier: AOrBHZ2xpWvlCtIbaA14pbmd5w/q5I1mGmPp1LEkgV8=
Subject key identifier: 35:DC:C8:95:FD:9B:5F:2A:32:10:C1:34:65:40:99:8A:C5:BB:5A:B2
Certificate issuer: /CN=5a0aa9682c683a9c1b95ce9676d51b20d39fd2ae
Certificate serial: 22C744
Authority key identifier: 5A:0A:A9:68:2C:68:3A:9C:1B:95:CE:96:76:D5:1B:20:D3:9F:D2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WgqpaCxoOpwblc6WdtUbINOf0q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f491a0-b666-4e9f-b0f9-6eed52968b1c/1/NdzIlf2bXyoyEME0ZUCZisW7WrI.roa
Signing time: Sat 01 Jan 2022 00:55:03 +0000
ROA not before: Sat 01 Jan 2022 00:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210687
IP address blocks: 185.153.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2279236 (0x22c744)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a0aa9682c683a9c1b95ce9676d51b20d39fd2ae
Validity
Not Before: Jan 1 00:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35dcc895fd9b5f2a3210c1346540998ac5bb5ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:16:62:b6:e4:fd:ee:06:26:4c:9b:a7:07:aa:
fb:7c:c4:44:fb:0b:e9:a7:4c:94:64:98:b3:c4:9d:
38:ba:7e:fe:8e:46:61:e7:53:44:6a:e4:54:04:42:
df:9c:ca:65:ee:73:9a:85:63:83:bc:35:10:59:f9:
3d:2a:15:74:47:bc:88:0e:58:4b:82:dd:fb:09:b7:
e0:ac:60:8a:81:39:71:18:59:dc:82:18:10:64:2b:
ce:a7:51:be:fa:83:6e:aa:02:54:6f:ea:03:84:92:
8b:00:14:66:b3:ed:f6:77:1c:6c:cd:84:54:b1:6e:
13:d1:df:dd:b9:fd:9a:3a:f6:d8:d8:ba:2d:a4:36:
06:60:34:7f:29:4f:5e:76:82:7c:53:05:a3:7d:84:
b5:c0:02:7a:ad:62:05:dc:e2:8e:8a:0c:ce:0e:1b:
67:4b:cb:c2:d2:09:86:05:6c:11:94:c4:ef:1a:1c:
ad:33:4b:d3:9b:44:a2:4c:f0:db:f5:64:58:fe:de:
93:df:e5:4e:03:2b:bd:08:22:35:22:4d:c0:5f:5d:
f4:6f:1a:c3:c1:d9:07:0b:0c:3f:3f:a0:eb:8d:2c:
28:b1:68:5b:26:ce:84:b7:33:db:b3:e2:8d:17:89:
33:21:d1:40:22:ee:2b:a6:bb:bb:39:6d:9d:b4:da:
69:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DC:C8:95:FD:9B:5F:2A:32:10:C1:34:65:40:99:8A:C5:BB:5A:B2
X509v3 Authority Key Identifier:
keyid:5A:0A:A9:68:2C:68:3A:9C:1B:95:CE:96:76:D5:1B:20:D3:9F:D2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WgqpaCxoOpwblc6WdtUbINOf0q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f491a0-b666-4e9f-b0f9-6eed52968b1c/1/NdzIlf2bXyoyEME0ZUCZisW7WrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f491a0-b666-4e9f-b0f9-6eed52968b1c/1/WgqpaCxoOpwblc6WdtUbINOf0q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.234.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:97:1e:7b:9d:f2:12:db:9e:c2:72:8b:96:f3:87:4c:18:d0:
ef:f9:06:f2:a2:8e:9a:30:16:16:d8:63:ea:9d:86:87:31:57:
cb:94:c6:a1:7d:54:7a:38:01:61:4d:80:5c:27:76:ab:f1:e6:
0a:02:c1:f9:da:65:fb:e0:7d:01:9f:df:74:b2:ff:3f:b8:1a:
6d:10:e5:3e:19:17:53:8b:75:80:21:22:a4:2e:82:2b:54:4d:
a9:df:0e:35:2c:85:69:f2:c1:2c:97:9f:5e:d3:29:82:f8:c3:
75:c9:82:69:8c:37:a2:22:2a:3e:9f:95:41:c6:0f:cc:58:51:
f9:2f:6a:bd:1d:e1:01:e5:a1:7a:25:7c:f1:6b:d9:34:2b:0c:
55:6b:47:a4:1e:c0:1f:1f:d5:83:c1:80:d7:e3:9d:4a:53:70:
bd:3e:35:70:0e:55:b3:77:5b:e8:a1:4d:8b:86:8b:65:7b:9b:
ae:37:a1:e1:5a:dd:69:dd:90:2d:4e:fd:38:6a:0f:23:e7:0f:
02:a1:99:bc:2c:77:ae:79:1b:b1:28:61:ce:03:9b:ef:c8:47:
85:f2:59:99:38:6a:93:81:08:58:d2:db:83:d9:25:63:1d:e7:
9b:7c:9d:f3:e5:f0:65:89:6a:27:75:5c:16:25:2c:e2:e8:1e:
53:f6:d6:37
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDIsdEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVh
MGFhOTY4MmM2ODNhOWMxYjk1Y2U5Njc2ZDUxYjIwZDM5ZmQyYWUwHhcNMjIwMTAx
MDA1NTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNWRjYzg5NWZkOWI1
ZjJhMzIxMGMxMzQ2NTQwOTk4YWM1YmI1YWIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuxZituT97gYmTJunB6r7fMRE+wvpp0yUZJizxJ04un7+jkZh
51NEauRUBELfnMpl7nOahWODvDUQWfk9KhV0R7yIDlhLgt37CbfgrGCKgTlxGFnc
ghgQZCvOp1G++oNuqgJUb+oDhJKLABRms+32dxxszYRUsW4T0d/duf2aOvbY2Lot
pDYGYDR/KU9edoJ8UwWjfYS1wAJ6rWIF3OKOigzODhtnS8vC0gmGBWwRlMTvGhyt
M0vTm0SiTPDb9WRY/t6T3+VOAyu9CCI1Ik3AX130bxrDwdkHCww/P6DrjSwosWhb
Js6EtzPbs+KNF4kzIdFAIu4rpru7OW2dtNpp6QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDXcyJX9m18qMhDBNGVAmYrFu1qyMB8GA1UdIwQYMBaAFFoKqWgsaDqcG5XO
lnbVGyDTn9KuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
V2dxcGFDeG9PcHdibGM2V2R0VWJJTk9mMHE0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZC9mNDkxYTAtYjY2Ni00ZTlmLWIwZjktNmVlZDUyOTY4YjFjLzEv
TmR6SWxmMmJYeW95RU1FMFpVQ1ppc1c3V3JJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9m
NDkxYTAtYjY2Ni00ZTlmLWIwZjktNmVlZDUyOTY4YjFjLzEvV2dxcGFDeG9PcHdi
bGM2V2R0VWJJTk9mMHE0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZnqMA0GCSqGSIb3DQEBCwUAA4IB
AQArlx57nfIS257CcouW84dMGNDv+Qbyoo6aMBYW2GPqnYaHMVfLlMahfVR6OAFh
TYBcJ3ar8eYKAsH52mX74H0Bn990sv8/uBptEOU+GRdTi3WAISKkLoIrVE2p3w41
LIVp8sEsl59e0ymC+MN1yYJpjDeiIio+n5VBxg/MWFH5L2q9HeEB5aF6JXzxa9k0
KwxVa0ekHsAfH9WDwYDX451KU3C9PjVwDlWzd1vooU2Lhotle5uuN6HhWt1p3ZAt
Tv04ag8j5w8CoZm8LHeueRuxKGHOA5vvyEeF8lmZOGqTgQhY0tuD2SVjHeebfJ3z
5fBliWondVwWJSzi6B5T9tY3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:30 2024 by rpki-client on console-ams.rpki-client.org