Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/56f2e9-72aa-4a41-8946-182432a96dbd/1/0xeM2NEQsLi9pOlr8I0CkjH0fQM.roa
File: 0xeM2NEQsLi9pOlr8I0CkjH0fQM.roa (raw, json)
Hash identifier: QPA2ZqDsokJh/X+58SnqcExQju7p/vWvqjbodEFMzk0=
Subject key identifier: D3:17:8C:D8:D1:10:B0:B8:BD:A4:E9:6B:F0:8D:02:92:31:F4:7D:03
Certificate issuer: /CN=daac15b782bc32747b538dec2a222416cd684825
Certificate serial: 0772679F
Authority key identifier: DA:AC:15:B7:82:BC:32:74:7B:53:8D:EC:2A:22:24:16:CD:68:48:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2qwVt4K8MnR7U43sKiIkFs1oSCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/56f2e9-72aa-4a41-8946-182432a96dbd/1/0xeM2NEQsLi9pOlr8I0CkjH0fQM.roa
Signing time: Sat 01 Jan 2022 05:01:40 +0000
ROA not before: Sat 01 Jan 2022 05:01:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201953
IP address blocks: 185.253.228.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124938143 (0x772679f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daac15b782bc32747b538dec2a222416cd684825
Validity
Not Before: Jan 1 05:01:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3178cd8d110b0b8bda4e96bf08d029231f47d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:59:7f:20:84:97:70:2c:96:e2:5c:d6:50:9e:
07:2c:cf:0a:97:88:b0:cf:db:66:4c:8e:ef:a5:ce:
59:aa:c1:38:fb:1d:40:1b:33:24:4d:87:c6:da:ab:
82:69:41:82:3e:c0:90:b7:4b:55:b5:2b:4f:5a:5d:
0a:5f:4a:a3:a5:dc:d0:97:20:af:73:9a:d3:ff:42:
52:4d:94:a6:90:79:0e:87:88:75:b9:5d:bf:08:64:
21:76:e9:10:77:4f:4c:6d:d6:bb:98:ee:3f:e6:57:
d9:fa:c8:bd:7e:0c:7f:7b:a1:62:43:14:76:6e:bd:
f1:d2:eb:45:e1:de:86:83:3b:2d:c8:04:50:77:8c:
d3:e3:84:18:31:48:bb:37:36:5d:4b:09:2d:33:14:
d4:c7:e2:8c:84:2f:5a:1b:d1:fc:30:cc:10:0e:12:
24:52:96:47:0e:77:c2:dd:b4:41:89:7e:a8:a7:1f:
58:9f:a9:bb:7f:1c:23:2b:7b:3d:6b:19:23:96:64:
97:1d:e5:04:b7:eb:30:75:df:0e:cc:c0:cd:e2:6f:
c1:98:9b:38:45:09:00:f8:a8:c8:b9:b6:41:44:d2:
ee:78:fd:42:ec:ee:cb:1c:bf:d0:ff:c2:11:9b:09:
ce:d0:af:26:a3:6d:ca:4b:94:90:48:bc:f0:44:40:
b8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:17:8C:D8:D1:10:B0:B8:BD:A4:E9:6B:F0:8D:02:92:31:F4:7D:03
X509v3 Authority Key Identifier:
keyid:DA:AC:15:B7:82:BC:32:74:7B:53:8D:EC:2A:22:24:16:CD:68:48:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qwVt4K8MnR7U43sKiIkFs1oSCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/56f2e9-72aa-4a41-8946-182432a96dbd/1/0xeM2NEQsLi9pOlr8I0CkjH0fQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/56f2e9-72aa-4a41-8946-182432a96dbd/1/2qwVt4K8MnR7U43sKiIkFs1oSCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.228.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:93:eb:d3:b0:15:bb:ba:1c:89:d2:2c:7c:e3:a1:71:d1:de:
8a:a7:cd:d3:3d:57:60:e9:c6:d1:94:ea:d5:03:d2:62:fa:3d:
f4:3a:45:24:b2:df:c6:b9:1c:84:3d:9a:d3:98:23:58:68:2d:
d7:58:f1:38:95:a2:bd:7c:2c:f4:1d:1c:a7:72:f6:bc:ca:51:
1b:40:e9:db:14:e6:9c:2c:df:d6:a2:69:10:bb:1d:92:f6:79:
0d:8d:0a:57:30:2a:db:73:e7:e5:67:13:ee:3c:36:49:f5:82:
e5:b5:55:ac:92:fc:3a:df:4e:27:d7:0f:68:11:70:c3:81:a7:
39:82:a6:3f:0e:75:4e:8e:fe:96:ad:f2:2f:e9:eb:d5:65:e6:
84:de:6d:a3:9b:4a:f7:a3:8f:97:72:3a:61:51:49:ff:31:66:
b3:e9:3f:74:98:0c:80:a4:16:4d:86:33:f3:94:69:82:dc:88:
fd:f7:e7:92:95:94:da:1a:ee:02:f0:4a:8a:24:6a:dd:9a:25:
5b:21:98:19:6f:ae:d6:bc:d0:bc:96:a2:d5:87:72:f4:f4:62:
68:81:07:f1:f0:1b:f2:19:a1:35:64:79:03:a9:6e:39:9e:06:
90:71:53:e0:91:1b:7e:a4:e0:0b:b0:68:e6:7b:97:16:54:2d:
83:8a:bb:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB3JnnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFjMTViNzgyYmMzMjc0N2I1MzhkZWMyYTIyMjQxNmNkNjg0ODI1MB4XDTIyMDEw
MTA1MDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDMxNzhjZDhkMTEw
YjBiOGJkYTRlOTZiZjA4ZDAyOTIzMWY0N2QwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9ZfyCEl3AsluJc1lCeByzPCpeIsM/bZkyO76XOWarBOPsd
QBszJE2HxtqrgmlBgj7AkLdLVbUrT1pdCl9Ko6Xc0Jcgr3Oa0/9CUk2UppB5DoeI
dbldvwhkIXbpEHdPTG3Wu5juP+ZX2frIvX4Mf3uhYkMUdm698dLrReHehoM7LcgE
UHeM0+OEGDFIuzc2XUsJLTMU1MfijIQvWhvR/DDMEA4SJFKWRw53wt20QYl+qKcf
WJ+pu38cIyt7PWsZI5Zklx3lBLfrMHXfDszAzeJvwZibOEUJAPioyLm2QUTS7nj9
Quzuyxy/0P/CEZsJztCvJqNtykuUkEi88ERAuDkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTF4zY0RCwuL2k6WvwjQKSMfR9AzAfBgNVHSMEGDAWgBTarBW3grwydHtT
jewqIiQWzWhIJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxd1Z0NEs4TW5SN1U0M3NLaUlrRnMxb1NDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNTZmMmU5LTcyYWEtNGE0MS04OTQ2LTE4MjQzMmE5NmRiZC8x
LzB4ZU0yTkVRc0xpOXBPbHI4STBDa2pIMGZRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NTZmMmU5LTcyYWEtNGE0MS04OTQ2LTE4MjQzMmE5NmRiZC8xLzJxd1Z0NEs4TW5S
N1U0M3NLaUlrRnMxb1NDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn95DANBgkqhkiG9w0BAQsFAAOC
AQEACpPr07AVu7ocidIsfOOhcdHeiqfN0z1XYOnG0ZTq1QPSYvo99DpFJLLfxrkc
hD2a05gjWGgt11jxOJWivXws9B0cp3L2vMpRG0Dp2xTmnCzf1qJpELsdkvZ5DY0K
VzAq23Pn5WcT7jw2SfWC5bVVrJL8Ot9OJ9cPaBFww4GnOYKmPw51To7+lq3yL+nr
1WXmhN5to5tK96OPl3I6YVFJ/zFms+k/dJgMgKQWTYYz85RpgtyI/ffnkpWU2hru
AvBKiiRq3ZolWyGYGW+u1rzQvJai1Ydy9PRiaIEH8fAb8hmhNWR5A6luOZ4GkHFT
4JEbfqTgC7Bo5nuXFlQtg4q7zQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:02 2025 by rpki-client