Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/I3jJdczJwKpLu3sR6tua3KPrcus.roa
File: I3jJdczJwKpLu3sR6tua3KPrcus.roa (raw, json)
Hash identifier: G/6GVSbsYjjjq5FGw/rkurJVIrYdrwSvkDwSDoDUqtw=
Subject key identifier: 23:78:C9:75:CC:C9:C0:AA:4B:BB:7B:11:EA:DB:9A:DC:A3:EB:72:EB
Certificate issuer: /CN=f57331288d908dd762e4b56f003b448f01881d24
Certificate serial: 01857203384A4A77F1DF2BEC2FB400E955F1
Authority key identifier: F5:73:31:28:8D:90:8D:D7:62:E4:B5:6F:00:3B:44:8F:01:88:1D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/I3jJdczJwKpLu3sR6tua3KPrcus.roa
Signing time: Mon 02 Jan 2023 10:24:51 +0000
ROA not before: Mon 02 Jan 2023 10:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42244
IP address blocks: 185.191.196.0/22 maxlen: 22
2a0a:2540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:38:4a:4a:77:f1:df:2b:ec:2f:b4:00:e9:55:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57331288d908dd762e4b56f003b448f01881d24
Validity
Not Before: Jan 2 10:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2378c975ccc9c0aa4bbb7b11eadb9adca3eb72eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3f:93:8f:26:91:d3:fb:86:92:29:d8:32:fe:
48:4f:a2:86:d8:63:bc:c6:93:38:00:d5:86:e4:32:
a8:16:78:d3:6f:1b:b8:f8:7e:6c:12:4b:ab:9b:56:
d5:32:ec:56:ea:9f:60:db:ff:bc:57:95:08:bb:05:
3a:2e:05:fb:9d:77:7f:6d:1c:ea:40:be:2e:a5:13:
e9:62:b2:00:7b:43:1f:2b:b4:e1:07:2b:98:60:2d:
0e:b6:53:4a:e3:66:40:5f:a9:a9:86:dd:7e:d4:ba:
17:ad:70:34:53:7d:21:a1:d3:70:80:11:56:53:94:
c3:92:6f:56:1b:0a:fb:12:cb:ca:47:fc:b1:be:e9:
fb:bd:67:e5:ce:f8:a8:4a:57:d4:83:a8:04:00:62:
64:16:84:2c:ab:f6:ad:d4:50:0e:f8:76:8c:5f:d6:
00:88:22:b1:f8:7a:b9:92:bf:be:6c:d5:4d:c9:e2:
61:cb:11:4b:da:a5:f2:dc:7c:33:3a:e3:bf:3b:b0:
2f:47:e7:72:4f:8f:f3:b3:0c:af:7e:92:9d:d4:6a:
ef:5a:3c:dc:fa:ae:a6:79:7e:03:bb:91:6c:57:4c:
dc:92:0a:ba:06:64:ce:8a:89:c2:24:59:1d:3a:17:
2d:15:4b:2f:d9:08:b9:5c:aa:a6:4a:12:7f:76:6d:
24:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:78:C9:75:CC:C9:C0:AA:4B:BB:7B:11:EA:DB:9A:DC:A3:EB:72:EB
X509v3 Authority Key Identifier:
keyid:F5:73:31:28:8D:90:8D:D7:62:E4:B5:6F:00:3B:44:8F:01:88:1D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/I3jJdczJwKpLu3sR6tua3KPrcus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/9XMxKI2Qjddi5LVvADtEjwGIHSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.196.0/22
IPv6:
2a0a:2540::/29
Signature Algorithm: sha256WithRSAEncryption
0e:63:2e:bb:13:c3:7d:19:a4:1f:de:fd:f1:ad:67:37:80:04:
d3:4c:22:da:bf:c9:2d:ce:ce:24:19:a6:59:42:0c:7d:4a:32:
88:4d:89:8a:77:33:b4:2e:cf:e7:bc:5f:9b:2a:44:89:e8:15:
ea:25:6a:8b:25:77:da:2e:96:ba:1c:e0:41:71:86:8b:4c:52:
0d:93:be:d6:30:13:18:20:f7:c5:50:d5:08:d7:5a:f6:9e:cb:
eb:6f:15:9d:cf:c8:c3:f5:0f:bd:dc:c3:4e:30:28:c6:24:54:
b8:ce:16:28:4e:11:d8:d8:25:09:45:fc:16:c0:57:bc:3f:2c:
72:ae:40:15:ee:61:6c:24:eb:7b:7e:ff:a2:18:22:6c:62:12:
ff:4f:b8:ec:a3:ea:dc:41:90:ec:71:e7:3e:d6:47:fc:a5:97:
27:f8:1f:4d:cb:76:50:93:91:cf:2d:1a:16:8e:9e:b6:96:b4:
35:2c:b7:d4:94:4a:11:5d:7b:6e:07:ba:4d:eb:bc:90:df:77:
9f:d5:ee:ea:86:14:f6:91:fa:42:76:f4:ab:87:43:a8:a2:a9:
06:b4:36:f0:55:72:3f:61:82:ff:ca:7d:58:c0:86:70:7f:af:
1c:d4:c4:cb:d4:fd:26:5e:c3:75:55:81:5f:1a:15:b6:6c:5a:
5f:ea:8e:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyAzhKSnfx3yvsL7QA6VXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzMzMTI4OGQ5MDhkZDc2MmU0YjU2ZjAwM2I0NDhmMDE4
ODFkMjQwHhcNMjMwMTAyMTAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc4Yzk3NWNjYzljMGFhNGJiYjdiMTFlYWRiOWFkY2EzZWI3MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzz+TjyaR0/uGkinYMv5IT6KG2GO8
xpM4ANWG5DKoFnjTbxu4+H5sEkurm1bVMuxW6p9g2/+8V5UIuwU6LgX7nXd/bRzq
QL4upRPpYrIAe0MfK7ThByuYYC0OtlNK42ZAX6mpht1+1LoXrXA0U30hodNwgBFW
U5TDkm9WGwr7EsvKR/yxvun7vWflzvioSlfUg6gEAGJkFoQsq/at1FAO+HaMX9YA
iCKx+Hq5kr++bNVNyeJhyxFL2qXy3HwzOuO/O7AvR+dyT4/zswyvfpKd1GrvWjzc
+q6meX4Du5FsV0zckgq6BmTOionCJFkdOhctFUsv2Qi5XKqmShJ/dm0kBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCN4yXXMycCqS7t7Eerbmtyj63LrMB8GA1UdIwQY
MBaAFPVzMSiNkI3XYuS1bwA7RI8BiB0kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhNeEtJMlFqZGRpNUxWdkFEdEVqd0dJSFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81YWJiM2EtYjFiNi00ZDcwLWIwOTgt
OGFlYTFmNjhiNzliLzEvSTNqSmRjekp3S3BMdTNzUjZ0dWEzS1ByY3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81YWJiM2EtYjFiNi00ZDcwLWIwOTgtOGFlYTFmNjhiNzli
LzEvOVhNeEtJMlFqZGRpNUxWdkFEdEVqd0dJSFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/EMA0E
AgACMAcDBQMqCiVAMA0GCSqGSIb3DQEBCwUAA4IBAQAOYy67E8N9GaQf3v3xrWc3
gATTTCLav8ktzs4kGaZZQgx9SjKITYmKdzO0Ls/nvF+bKkSJ6BXqJWqLJXfaLpa6
HOBBcYaLTFINk77WMBMYIPfFUNUI11r2nsvrbxWdz8jD9Q+93MNOMCjGJFS4zhYo
ThHY2CUJRfwWwFe8PyxyrkAV7mFsJOt7fv+iGCJsYhL/T7jso+rcQZDscec+1kf8
pZcn+B9Ny3ZQk5HPLRoWjp62lrQ1LLfUlEoRXXtuB7pN67yQ33ef1e7qhhT2kfpC
dvSrh0OooqkGtDbwVXI/YYL/yn1YwIZwf68c1MTL1P0mXsN1VYFfGhW2bFpf6o53
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:15 2025 by rpki-client