Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/CWKiAvDphc2w_IevGbKoRqKAk7o.roa
File: CWKiAvDphc2w_IevGbKoRqKAk7o.roa (raw, json)
Hash identifier: w1fItCP0EPaw9bKgjPSw1/T7qikmVbqDzkE4vkI9pP8=
Subject key identifier: 09:62:A2:02:F0:E9:85:CD:B0:FC:87:AF:19:B2:A8:46:A2:80:93:BA
Certificate issuer: /CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Certificate serial: 0185730C9F6F34EA644D0CFB23F8E80B8949
Authority key identifier: 75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/CWKiAvDphc2w_IevGbKoRqKAk7o.roa
Signing time: Mon 02 Jan 2023 15:14:45 +0000
ROA not before: Mon 02 Jan 2023 15:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393960
IP address blocks: 185.177.228.0/24 maxlen: 24
185.177.231.0/24 maxlen: 24
185.177.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:9f:6f:34:ea:64:4d:0c:fb:23:f8:e8:0b:89:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Validity
Not Before: Jan 2 15:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0962a202f0e985cdb0fc87af19b2a846a28093ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f8:61:be:bb:03:c8:a2:19:84:c7:a9:77:4d:
97:04:3f:b3:6a:cb:96:77:55:e8:c5:03:3f:9f:17:
cf:17:a8:17:00:d4:5c:da:d8:2a:1f:06:b0:a2:ca:
aa:56:8d:8c:19:8d:3e:d1:ce:5c:52:9d:c4:9f:c1:
b6:74:d7:3b:cd:96:d3:18:37:35:bd:15:69:f8:17:
87:84:87:30:82:ac:c2:ec:e6:d7:1b:f5:f1:da:44:
aa:31:dc:1c:c5:c9:d5:5f:e4:96:c0:8c:10:59:85:
6b:35:b2:98:ba:f2:bd:3c:61:c7:a4:20:55:8d:db:
78:35:db:71:2e:90:1a:c1:1d:e1:6d:26:f3:63:e6:
83:71:4b:4d:44:6c:5e:ca:4b:33:ee:11:48:8f:ba:
65:8b:15:21:79:42:94:6c:52:49:72:4f:34:cc:0e:
28:9c:7d:2f:a5:8f:bb:49:67:09:66:43:12:0f:54:
f8:17:5f:5d:25:0d:f4:94:74:40:4b:fd:4b:6a:af:
d3:da:33:ca:63:16:c5:88:45:a6:99:7e:a6:3e:ec:
f2:56:02:1e:68:6d:be:0a:ac:e2:78:01:e5:82:67:
9d:2c:3c:e7:7f:89:92:00:a0:88:47:ac:80:55:66:
fa:30:2e:f6:d2:88:b4:c6:b0:6f:d2:1b:21:62:51:
ca:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:62:A2:02:F0:E9:85:CD:B0:FC:87:AF:19:B2:A8:46:A2:80:93:BA
X509v3 Authority Key Identifier:
keyid:75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/CWKiAvDphc2w_IevGbKoRqKAk7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.228.0/24
185.177.230.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:66:bc:e1:e1:b0:51:20:38:cb:8a:92:4f:22:13:41:7c:5f:
1f:42:5c:93:01:0c:55:2b:c7:54:b3:26:af:fd:8b:7c:4b:3e:
fa:96:c5:2b:ca:84:0e:4c:40:b2:5c:24:45:90:96:5d:51:e0:
57:d5:2b:d6:33:0e:89:03:78:4d:33:4e:40:6b:9a:56:59:76:
fe:a7:62:78:1f:f1:56:81:c9:8b:f3:cb:79:7f:49:ee:14:ae:
28:03:63:95:d7:fc:58:56:39:a5:51:cc:98:81:8c:33:94:01:
fc:4c:fd:61:0e:a5:0f:65:e7:1d:82:0d:5b:38:be:86:57:2d:
2a:c1:10:3a:7c:6a:3c:4b:be:24:aa:15:83:7f:33:ae:fc:2c:
08:e0:f6:9d:28:c9:ca:41:6c:7c:4b:a9:b7:64:8a:5b:6f:56:
98:5d:6d:29:71:2f:32:55:de:28:d4:57:9b:ec:3a:24:a5:3c:
d1:7e:8c:76:be:d4:cb:5d:62:6a:6e:7d:47:de:67:d4:9f:2f:
14:53:a8:96:35:b1:d7:e0:55:ad:2b:80:83:05:21:f8:9b:ea:
84:2d:e8:89:af:3a:2d:d0:32:5a:4a:4b:dd:58:b5:f4:fd:47:
99:9f:c2:fa:10:84:db:89:31:e7:58:4f:1b:ae:04:a0:25:4e:
10:22:78:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzDJ9vNOpkTQz7I/joC4lJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NTRhYzRjN2Y0NTFjNWJiOTM4MmZiY2Q0NmQ3MGM0YzBm
OWRlNTYwHhcNMjMwMTAyMTUxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTYyYTIwMmYwZTk4NWNkYjBmYzg3YWYxOWIyYTg0NmEyODA5M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPhhvrsDyKIZhMepd02XBD+zasuW
d1XoxQM/nxfPF6gXANRc2tgqHwawosqqVo2MGY0+0c5cUp3En8G2dNc7zZbTGDc1
vRVp+BeHhIcwgqzC7ObXG/Xx2kSqMdwcxcnVX+SWwIwQWYVrNbKYuvK9PGHHpCBV
jdt4NdtxLpAawR3hbSbzY+aDcUtNRGxeyksz7hFIj7plixUheUKUbFJJck80zA4o
nH0vpY+7SWcJZkMSD1T4F19dJQ30lHRAS/1Laq/T2jPKYxbFiEWmmX6mPuzyVgIe
aG2+CqzieAHlgmedLDznf4mSAKCIR6yAVWb6MC720oi0xrBv0hshYlHKuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAliogLw6YXNsPyHrxmyqEaigJO6MB8GA1UdIwQY
MBaAFHVUrEx/RRxbuTgvvNRtcMTA+d5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4Mjgt
ZDkzMzdkYjM5ZDFmLzEvQ1dLaUF2RHBoYzJ3X0lldkdiS29ScUtBazdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4MjgtZDkzMzdkYjM5ZDFm
LzEvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAubHkAwQB
ubHmMA0GCSqGSIb3DQEBCwUAA4IBAQCcZrzh4bBRIDjLipJPIhNBfF8fQlyTAQxV
K8dUsyav/Yt8Sz76lsUryoQOTECyXCRFkJZdUeBX1SvWMw6JA3hNM05Aa5pWWXb+
p2J4H/FWgcmL88t5f0nuFK4oA2OV1/xYVjmlUcyYgYwzlAH8TP1hDqUPZecdgg1b
OL6GVy0qwRA6fGo8S74kqhWDfzOu/CwI4PadKMnKQWx8S6m3ZIpbb1aYXW0pcS8y
Vd4o1Feb7DokpTzRfox2vtTLXWJqbn1H3mfUny8UU6iWNbHX4FWtK4CDBSH4m+qE
LeiJrzot0DJaSkvdWLX0/UeZn8L6EITbiTHnWE8brgSgJU4QInhp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:07 2025 by rpki-client