Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/rcEWU4oKAG2c8_WzAlh8qM-rP0Y.roa
File: rcEWU4oKAG2c8_WzAlh8qM-rP0Y.roa (raw, json)
Hash identifier: wCZ+N6R3BxKItN8/vMSBet9RSEKM5sMxmnximZai22M=
Subject key identifier: AD:C1:16:53:8A:0A:00:6D:9C:F3:F5:B3:02:58:7C:A8:CF:AB:3F:46
Certificate issuer: /CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Certificate serial: 01856D5D287AB9EFCE627C49CBC4B9F5A250
Authority key identifier: 5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/rcEWU4oKAG2c8_WzAlh8qM-rP0Y.roa
Signing time: Sun 01 Jan 2023 12:44:59 +0000
ROA not before: Sun 01 Jan 2023 12:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.110.253.0/24 maxlen: 24
185.110.254.0/24 maxlen: 24
185.119.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:28:7a:b9:ef:ce:62:7c:49:cb:c4:b9:f5:a2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Validity
Not Before: Jan 1 12:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adc116538a0a006d9cf3f5b302587ca8cfab3f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a9:22:90:75:ca:c2:17:42:13:7a:ee:68:56:
a6:56:c8:b6:e0:d5:f1:08:bb:c6:9f:48:50:b3:d2:
30:e5:ec:aa:1a:32:8a:bd:e4:c1:aa:85:d5:37:8d:
cc:32:a9:86:9a:d3:a7:bf:1b:5b:77:5c:94:ac:71:
16:ae:f6:49:d7:dd:1c:18:88:d1:52:29:01:9f:b4:
1f:31:92:5d:35:11:1b:c1:4b:63:77:47:ef:2d:4a:
af:c8:47:2c:3c:14:b1:e6:96:86:cb:49:55:29:80:
85:1a:75:09:6f:f0:7b:48:80:f1:b3:ac:0d:99:fc:
64:87:9a:ad:7f:26:82:52:6c:60:d7:1f:73:43:e4:
12:78:70:b7:1e:59:c1:14:cd:51:b9:f8:5c:d1:ed:
97:bb:e9:1e:67:93:cb:23:18:87:6a:2e:17:7f:04:
bb:5b:63:41:08:49:2b:95:c6:a1:30:2a:5c:06:0f:
c7:7f:bf:51:04:29:71:e0:35:5c:89:9a:ea:8e:2b:
e6:08:e4:e9:2b:d3:3b:36:b5:d7:1a:31:84:30:ef:
27:c0:10:36:c6:3e:ef:6e:68:71:d5:9d:41:eb:57:
37:c9:5e:b1:9b:67:c9:cd:88:51:b3:8e:72:72:00:
eb:bb:f2:b7:3d:96:14:67:64:45:0a:28:a0:1f:3b:
48:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C1:16:53:8A:0A:00:6D:9C:F3:F5:B3:02:58:7C:A8:CF:AB:3F:46
X509v3 Authority Key Identifier:
keyid:5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/rcEWU4oKAG2c8_WzAlh8qM-rP0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.253.0-185.110.254.255
185.119.164.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e0:9e:a1:84:b1:92:0f:ee:70:d5:be:0c:ec:52:76:ea:ca:
f3:cb:25:0f:94:06:69:d8:87:83:c7:e7:f3:0d:20:1b:27:0b:
73:9a:f2:cb:d5:85:aa:90:00:09:fc:ca:c3:0f:21:6c:f1:3b:
eb:79:cb:02:84:c4:ec:4f:98:22:b1:2b:10:c9:5f:89:8f:a8:
70:f4:a8:81:45:21:26:b2:ac:af:2b:90:44:95:51:47:65:d8:
87:4a:88:51:ee:dc:6f:1f:ef:56:58:cb:fc:58:70:7d:64:02:
bd:25:2c:46:3d:7e:f4:41:90:38:7f:0d:f0:ba:40:f1:6d:e4:
ce:ee:b3:29:3c:4c:e5:a7:76:6c:fe:97:b6:48:d0:28:05:3e:
53:82:83:c7:58:d1:d7:91:6e:ac:08:a0:2b:49:05:aa:59:49:
3f:ea:03:c2:98:7f:2e:39:65:6a:a2:5a:f1:0a:d5:0d:86:83:
e9:f9:d6:f1:3e:de:51:5a:fc:82:f4:6d:68:74:24:2b:69:c1:
5f:23:b0:54:77:21:84:51:b6:d9:85:94:33:3d:f1:75:e6:73:
8f:52:29:60:c8:b5:62:48:c0:f0:79:74:69:34:2d:b6:ff:44:
6b:d9:24:70:80:32:1b:21:29:de:ac:a5:21:44:fd:5d:84:d4:
6a:1a:98:67
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtXSh6ue/OYnxJy8S59aJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViN2E5MDVlMjVhNGQ1Y2NjYjJlZWJlNGUyZDVjMzkyMDgx
OTc1OGUwHhcNMjMwMTAxMTI0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGMxMTY1MzhhMGEwMDZkOWNmM2Y1YjMwMjU4N2NhOGNmYWIzZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnakikHXKwhdCE3ruaFamVsi24NXx
CLvGn0hQs9Iw5eyqGjKKveTBqoXVN43MMqmGmtOnvxtbd1yUrHEWrvZJ190cGIjR
UikBn7QfMZJdNREbwUtjd0fvLUqvyEcsPBSx5paGy0lVKYCFGnUJb/B7SIDxs6wN
mfxkh5qtfyaCUmxg1x9zQ+QSeHC3HlnBFM1Rufhc0e2Xu+keZ5PLIxiHai4XfwS7
W2NBCEkrlcahMCpcBg/Hf79RBClx4DVciZrqjivmCOTpK9M7NrXXGjGEMO8nwBA2
xj7vbmhx1Z1B61c3yV6xm2fJzYhRs45ycgDru/K3PZYUZ2RFCiigHztIDwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFK3BFlOKCgBtnPP1swJYfKjPqz9GMB8GA1UdIwQY
MBaAFFt6kF4lpNXMyy7r5OLVw5IIGXWOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEt
NzNhM2QwN2QyYzMxLzEvcmNFV1U0b0tBRzJjOF9XekFsaDhxTS1yUDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEtNzNhM2QwN2QyYzMx
LzEvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5bv0D
BAC5bv4DBAC5d6QwDQYJKoZIhvcNAQELBQADggEBADrgnqGEsZIP7nDVvgzsUnbq
yvPLJQ+UBmnYh4PH5/MNIBsnC3Oa8svVhaqQAAn8ysMPIWzxO+t5ywKExOxPmCKx
KxDJX4mPqHD0qIFFISayrK8rkESVUUdl2IdKiFHu3G8f71ZYy/xYcH1kAr0lLEY9
fvRBkDh/DfC6QPFt5M7usyk8TOWndmz+l7ZI0CgFPlOCg8dY0deRbqwIoCtJBapZ
ST/qA8KYfy45ZWqiWvEK1Q2Gg+n51vE+3lFa/IL0bWh0JCtpwV8jsFR3IYRRttmF
lDM98XXmc49SKWDItWJIwPB5dGk0Lbb/RGvZJHCAMhshKd6spSFE/V2E1GoamGc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:17:37 2025 by rpki-client