Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3f7bcd-a7ea-4e10-ba34-4ce4d8fea6ef/1/cTQnzi64g-0KFlroctulXyktInY.roa
File: cTQnzi64g-0KFlroctulXyktInY.roa (raw, json)
Hash identifier: 81RP9+5A+co6f2EEFx1uJwJBCXYwcTXjEqxcWVYHoK0=
Subject key identifier: 71:34:27:CE:2E:B8:83:ED:0A:16:5A:E8:72:DB:A5:5F:29:2D:22:76
Certificate issuer: /CN=5fb88d91788fe9921089d9b6271e210f7f8914a2
Certificate serial: 01867ED07AE4B44F78096C8F4E8D4BAB7209
Authority key identifier: 5F:B8:8D:91:78:8F:E9:92:10:89:D9:B6:27:1E:21:0F:7F:89:14:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X7iNkXiP6ZIQidm2Jx4hD3-JFKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3f7bcd-a7ea-4e10-ba34-4ce4d8fea6ef/1/cTQnzi64g-0KFlroctulXyktInY.roa
Signing time: Thu 23 Feb 2023 15:07:17 +0000
ROA not before: Thu 23 Feb 2023 15:07:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60102
IP address blocks: 185.52.202.0/24 maxlen: 24
185.52.201.0/24 maxlen: 24
185.52.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:d0:7a:e4:b4:4f:78:09:6c:8f:4e:8d:4b:ab:72:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fb88d91788fe9921089d9b6271e210f7f8914a2
Validity
Not Before: Feb 23 15:07:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=713427ce2eb883ed0a165ae872dba55f292d2276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:85:c5:4a:11:ba:ac:77:43:d7:6e:c5:87:0a:
66:c3:dc:f6:f1:c8:e0:e6:fe:1b:bb:09:fa:27:f8:
12:e3:99:0d:ab:ba:45:75:a5:94:a8:5b:0c:3f:b8:
a2:f0:61:3e:c6:40:b7:dc:fa:b2:52:cf:bc:45:88:
7e:3f:1f:9a:3a:1c:47:b4:93:98:5e:8f:8a:60:43:
66:60:28:74:60:b5:d3:69:c9:5b:69:89:d0:35:40:
16:15:87:4c:c5:08:cc:f2:1f:90:ab:6e:34:22:26:
8f:58:94:48:2b:a1:21:8f:13:83:f4:d2:36:d2:6f:
e4:c2:da:72:fb:06:72:14:44:60:ac:0e:c9:2e:ee:
70:ac:df:c6:d6:ad:dd:ec:fa:57:72:d6:54:7d:9f:
7f:25:99:35:33:9b:f8:59:b9:24:f4:a6:11:56:c8:
16:2e:5b:dc:7d:4d:6d:52:bb:e8:96:e3:e5:3d:e4:
98:59:ac:6a:23:25:33:9e:05:a1:74:ce:c7:ff:c9:
04:69:3b:70:49:ea:c6:6a:12:60:66:34:7d:78:6e:
54:63:61:62:64:ab:ad:b4:98:ca:e2:80:a1:57:84:
c6:a0:bd:d7:56:36:ac:54:78:c2:c8:3f:ad:ba:ce:
a3:f5:85:74:65:2d:7f:4f:03:0f:3c:4b:78:1f:4d:
90:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:34:27:CE:2E:B8:83:ED:0A:16:5A:E8:72:DB:A5:5F:29:2D:22:76
X509v3 Authority Key Identifier:
keyid:5F:B8:8D:91:78:8F:E9:92:10:89:D9:B6:27:1E:21:0F:7F:89:14:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7iNkXiP6ZIQidm2Jx4hD3-JFKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3f7bcd-a7ea-4e10-ba34-4ce4d8fea6ef/1/cTQnzi64g-0KFlroctulXyktInY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3f7bcd-a7ea-4e10-ba34-4ce4d8fea6ef/1/X7iNkXiP6ZIQidm2Jx4hD3-JFKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.200.0-185.52.202.255
Signature Algorithm: sha256WithRSAEncryption
58:69:0e:a0:09:f9:dd:b9:f6:4f:8f:b0:48:d9:10:61:71:25:
71:67:4f:66:5b:c7:8a:5d:04:21:2d:a1:9f:20:ae:b8:3e:50:
67:93:2d:44:dc:8f:a4:be:61:f1:84:fd:13:c0:10:06:40:b7:
68:e7:8f:37:a5:63:c6:5e:c6:b0:3c:9b:72:1e:8a:34:a1:74:
b9:b9:c9:41:d4:5f:a2:4b:7a:59:4b:d6:84:14:e4:fe:db:1b:
42:09:95:06:05:a1:ad:de:99:23:11:51:a8:77:36:c2:ae:68:
68:5d:16:f2:88:a5:24:19:17:cd:ae:8f:6f:20:77:cd:38:b9:
35:22:2f:c1:c9:a1:a5:51:f8:87:58:18:c0:9f:d1:ad:a2:9d:
61:dc:e5:bd:ff:fc:a2:31:99:2e:fd:19:51:37:98:66:dc:aa:
2a:59:f7:0d:67:f1:41:d0:3f:8a:44:ab:bf:6f:1e:19:87:dd:
a8:d4:36:a3:a5:af:ea:91:04:ea:7e:0e:4e:3e:d7:90:0c:7d:
4d:d8:28:de:ad:4d:b5:55:ad:04:2e:fb:30:52:bb:45:d2:68:
b4:82:f9:95:db:b0:99:d1:63:93:ee:94:b0:aa:87:49:02:82:
33:c4:e7:48:91:b7:16:32:cc:c1:d7:b9:69:d2:84:41:ca:88:
14:61:54:18
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYZ+0HrktE94CWyPTo1Lq3IJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYjg4ZDkxNzg4ZmU5OTIxMDg5ZDliNjI3MWUyMTBmN2Y4
OTE0YTIwHhcNMjMwMjIzMTUwNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM0MjdjZTJlYjg4M2VkMGExNjVhZTg3MmRiYTU1ZjI5MmQyMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oXFShG6rHdD127Fhwpmw9z28cjg
5v4buwn6J/gS45kNq7pFdaWUqFsMP7ii8GE+xkC33PqyUs+8RYh+Px+aOhxHtJOY
Xo+KYENmYCh0YLXTaclbaYnQNUAWFYdMxQjM8h+Qq240IiaPWJRIK6EhjxOD9NI2
0m/kwtpy+wZyFERgrA7JLu5wrN/G1q3d7PpXctZUfZ9/JZk1M5v4Wbkk9KYRVsgW
LlvcfU1tUrvoluPlPeSYWaxqIyUzngWhdM7H/8kEaTtwSerGahJgZjR9eG5UY2Fi
ZKuttJjK4oChV4TGoL3XVjasVHjCyD+tus6j9YV0ZS1/TwMPPEt4H02QJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHE0J84uuIPtChZa6HLbpV8pLSJ2MB8GA1UdIwQY
MBaAFF+4jZF4j+mSEInZticeIQ9/iRSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDdpTmtYaVA2WklRaWRtMkp4NGhEMy1KRktJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zZjdiY2QtYTdlYS00ZTEwLWJhMzQt
NGNlNGQ4ZmVhNmVmLzEvY1RRbnppNjRnLTBLRmxyb2N0dWxYeWt0SW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zZjdiY2QtYTdlYS00ZTEwLWJhMzQtNGNlNGQ4ZmVhNmVm
LzEvWDdpTmtYaVA2WklRaWRtMkp4NGhEMy1KRktJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5NMgD
BAC5NMowDQYJKoZIhvcNAQELBQADggEBAFhpDqAJ+d259k+PsEjZEGFxJXFnT2Zb
x4pdBCEtoZ8grrg+UGeTLUTcj6S+YfGE/RPAEAZAt2jnjzelY8ZexrA8m3IeijSh
dLm5yUHUX6JLellL1oQU5P7bG0IJlQYFoa3emSMRUah3NsKuaGhdFvKIpSQZF82u
j28gd804uTUiL8HJoaVR+IdYGMCf0a2inWHc5b3//KIxmS79GVE3mGbcqipZ9w1n
8UHQP4pEq79vHhmH3ajUNqOlr+qRBOp+Dk4+15AMfU3YKN6tTbVVrQQu+zBSu0XS
aLSC+ZXbsJnRY5PulLCqh0kCgjPE50iRtxYyzMHXuWnShEHKiBRhVBg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:56 2025 by rpki-client