Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/SiC7-eGjINEClb5zFd5t3pgnxac.roa
File: SiC7-eGjINEClb5zFd5t3pgnxac.roa (raw, json)
Hash identifier: WHVlxX/F4zeW3AfhlfxFShDjiMMbrPF9m4WbKkStMsM=
Subject key identifier: 4A:20:BB:F9:E1:A3:20:D1:02:95:BE:73:15:DE:6D:DE:98:27:C5:A7
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 01856D819439E33D5A0AE262824C710BD323
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/SiC7-eGjINEClb5zFd5t3pgnxac.roa
Signing time: Sun 01 Jan 2023 13:24:46 +0000
ROA not before: Sun 01 Jan 2023 13:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34388
IP address blocks: 185.1.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:94:39:e3:3d:5a:0a:e2:62:82:4c:71:0b:d3:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Jan 1 13:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a20bbf9e1a320d10295be7315de6dde9827c5a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:8d:6a:83:24:b3:21:60:4b:9a:5c:e3:82:
eb:ab:d2:e9:e7:fd:a9:31:0f:60:32:da:88:f1:6f:
e3:b5:de:c3:9b:cd:e9:ba:96:e1:bb:22:19:06:60:
f2:dd:cd:f6:c9:06:8e:d4:94:f6:b1:c9:51:76:f7:
54:2d:8c:48:4b:20:71:0d:47:f5:29:ea:cf:ec:40:
9c:a7:69:4d:a6:bc:18:24:2f:4f:d0:5b:18:91:fb:
90:55:ba:6b:d1:cd:d6:64:c2:9d:5c:77:3f:cc:90:
8e:d0:3e:a3:1d:05:e6:05:7d:04:0a:f1:75:bc:d6:
34:96:26:73:f9:67:b4:a3:a9:08:73:90:14:a2:1e:
c8:84:84:b5:b0:41:84:c6:07:2e:bd:87:c3:3d:8f:
b0:a0:a0:89:25:5b:1f:e5:0f:7f:b8:db:95:0f:26:
86:20:8f:db:c8:d1:4b:22:c2:cc:3e:5f:29:c7:b2:
01:34:cc:9b:97:56:48:9a:6e:ce:e6:46:21:11:bb:
c9:4c:4a:8d:0f:b2:a4:8c:06:9c:b1:8a:6f:08:24:
87:01:20:37:cf:33:99:d0:71:94:98:48:15:9c:55:
aa:d0:e6:9d:34:eb:0b:5b:3c:0b:0f:71:87:03:bb:
92:05:f7:99:d9:ef:ee:3d:31:3f:ad:84:08:1f:79:
20:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:20:BB:F9:E1:A3:20:D1:02:95:BE:73:15:DE:6D:DE:98:27:C5:A7
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/SiC7-eGjINEClb5zFd5t3pgnxac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.158.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:63:f3:60:ea:b1:75:ba:05:d7:96:7b:2c:2a:2e:e2:5e:aa:
8d:52:7a:93:03:b0:6a:15:e7:91:93:d9:a6:73:e5:05:fc:f2:
47:96:02:a1:57:21:33:61:fd:1e:13:06:86:2d:ad:41:6d:e3:
25:01:30:b9:13:cc:d9:d9:86:72:03:59:08:37:7c:df:91:a9:
f3:77:4f:be:c3:e2:a1:00:2f:a3:7b:24:03:c7:23:de:df:13:
9f:3e:af:0a:6f:b8:55:92:65:e5:ed:fb:b4:01:be:0a:43:45:
43:eb:2a:34:9a:c6:7e:32:2a:cf:85:4a:5f:4b:97:2f:08:bc:
ba:a4:d2:d2:fa:75:9f:7b:23:2e:78:f2:b8:bf:c1:85:fd:09:
01:6b:47:d5:50:4e:e5:9d:33:c4:3c:ac:ce:38:2a:34:a5:aa:
f9:5a:c5:93:ab:72:4f:8f:8d:47:00:f0:2f:99:77:d8:7d:27:
0a:d3:48:8a:fa:8c:0b:4a:c5:05:94:e7:17:6f:08:75:ef:ad:
4e:63:65:49:bb:8e:1f:27:e6:72:cc:2a:bc:76:82:27:5e:4d:
83:12:2b:07:46:b2:94:0d:2d:fe:a1:1f:32:6e:74:ee:bf:a6:
15:f8:d1:7e:6c:7b:0b:4f:5c:27:53:4a:9f:11:6e:c0:f3:ed:
c5:d9:48:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgZQ54z1aCuJigkxxC9MjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjMwMTAxMTMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTIwYmJmOWUxYTMyMGQxMDI5NWJlNzMxNWRlNmRkZTk4MjdjNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr66NaoMksyFgS5pc44Lrq9Lp5/2p
MQ9gMtqI8W/jtd7Dm83pupbhuyIZBmDy3c32yQaO1JT2sclRdvdULYxISyBxDUf1
KerP7ECcp2lNprwYJC9P0FsYkfuQVbpr0c3WZMKdXHc/zJCO0D6jHQXmBX0ECvF1
vNY0liZz+We0o6kIc5AUoh7IhIS1sEGExgcuvYfDPY+woKCJJVsf5Q9/uNuVDyaG
II/byNFLIsLMPl8px7IBNMybl1ZImm7O5kYhEbvJTEqND7KkjAacsYpvCCSHASA3
zzOZ0HGUmEgVnFWq0OadNOsLWzwLD3GHA7uSBfeZ2e/uPTE/rYQIH3kguQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEogu/nhoyDRApW+cxXebd6YJ8WnMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvU2lDNy1lR2pJTkVDbGI1ekZkNXQzcGdueGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQGeMA0G
CSqGSIb3DQEBCwUAA4IBAQAcY/Ng6rF1ugXXlnssKi7iXqqNUnqTA7BqFeeRk9mm
c+UF/PJHlgKhVyEzYf0eEwaGLa1BbeMlATC5E8zZ2YZyA1kIN3zfkanzd0++w+Kh
AC+jeyQDxyPe3xOfPq8Kb7hVkmXl7fu0Ab4KQ0VD6yo0msZ+MirPhUpfS5cvCLy6
pNLS+nWfeyMuePK4v8GF/QkBa0fVUE7lnTPEPKzOOCo0par5WsWTq3JPj41HAPAv
mXfYfScK00iK+owLSsUFlOcXbwh1761OY2VJu44fJ+ZyzCq8doInXk2DEisHRrKU
DS3+oR8ybnTuv6YV+NF+bHsLT1wnU0qfEW7A8+3F2Ugz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:13 2025 by rpki-client