Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/34b93c-a03d-4ada-83fc-bc637a8512b1/1/834aRJTXgpVWGsikXPAM-e76XeU.roa
File: 834aRJTXgpVWGsikXPAM-e76XeU.roa (raw, json)
Hash identifier: shWUC5OfKDPUPYNtpFexLbUDcjXJFNzcIfThF57YcPU=
Subject key identifier: F3:7E:1A:44:94:D7:82:95:56:1A:C8:A4:5C:F0:0C:F9:EE:FA:5D:E5
Certificate issuer: /CN=23ee5e71409b21fd5c820f3d3ac3fdc0fce75a0b
Certificate serial: 0185718331CB05DB0DE981BC5021ABA67579
Authority key identifier: 23:EE:5E:71:40:9B:21:FD:5C:82:0F:3D:3A:C3:FD:C0:FC:E7:5A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-5ecUCbIf1cgg89OsP9wPznWgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/34b93c-a03d-4ada-83fc-bc637a8512b1/1/834aRJTXgpVWGsikXPAM-e76XeU.roa
Signing time: Mon 02 Jan 2023 08:05:01 +0000
ROA not before: Mon 02 Jan 2023 08:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.210.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:31:cb:05:db:0d:e9:81:bc:50:21:ab:a6:75:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ee5e71409b21fd5c820f3d3ac3fdc0fce75a0b
Validity
Not Before: Jan 2 08:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f37e1a4494d78295561ac8a45cf00cf9eefa5de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:32:8e:b1:54:be:9b:19:a1:30:fa:e6:81:31:
c4:f8:d8:84:3b:f1:34:76:2d:c2:56:e5:11:a3:0c:
05:0d:47:0a:4b:33:cf:ca:a3:7e:8a:e3:a8:96:85:
c6:66:97:05:e5:96:de:61:7e:d2:1d:5f:55:d6:18:
03:1e:8e:6a:5e:57:1a:f8:83:38:ea:c4:e7:27:e6:
1b:f0:bc:35:c6:28:ca:ba:90:dc:9b:af:0a:f4:86:
1c:ca:88:be:2b:b3:ce:cc:3a:43:29:d3:8c:52:db:
f1:8d:19:2e:03:f5:7a:2e:0f:9f:c2:83:08:e5:86:
fa:a8:0a:86:c8:0d:28:62:46:1e:1c:b6:3b:de:59:
98:53:a5:d6:4f:44:33:b7:5a:c4:8b:bd:76:d0:c1:
ab:b5:85:14:b9:1d:98:42:b8:6b:76:70:54:03:5d:
60:ea:8c:08:99:ab:05:36:7f:cb:5c:d5:14:6c:66:
bd:3f:9c:5e:ef:58:05:c7:9f:a0:1e:4b:ae:30:85:
cb:90:2c:7c:1d:93:1d:f6:b3:eb:93:bd:ac:15:99:
f8:75:36:38:18:31:45:a6:7f:f1:57:d8:25:7f:6a:
a3:fc:73:05:0c:11:28:67:04:9c:6f:cd:59:5d:d6:
b8:96:b3:e9:45:75:26:c4:80:c8:e7:25:73:b8:e3:
14:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:7E:1A:44:94:D7:82:95:56:1A:C8:A4:5C:F0:0C:F9:EE:FA:5D:E5
X509v3 Authority Key Identifier:
keyid:23:EE:5E:71:40:9B:21:FD:5C:82:0F:3D:3A:C3:FD:C0:FC:E7:5A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-5ecUCbIf1cgg89OsP9wPznWgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/34b93c-a03d-4ada-83fc-bc637a8512b1/1/834aRJTXgpVWGsikXPAM-e76XeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/34b93c-a03d-4ada-83fc-bc637a8512b1/1/I-5ecUCbIf1cgg89OsP9wPznWgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.156.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:c3:94:03:b8:1a:eb:df:5a:cd:37:e4:9b:45:75:be:2f:5d:
cd:ec:1c:da:71:c6:e8:41:04:ec:9e:3c:d7:86:00:09:cd:67:
3a:c8:e4:0a:ac:70:33:de:ae:07:9c:0f:19:93:c5:90:5c:e4:
b0:5c:94:7a:da:13:d5:ff:6e:91:cf:a4:d3:1b:13:d2:a6:23:
e3:72:19:47:0c:22:22:61:3e:e6:2c:8d:66:49:a1:79:fb:98:
a9:84:d6:16:d2:82:a9:00:1c:8b:d6:28:49:99:8a:bd:20:c8:
39:66:89:55:c5:6f:81:b0:f7:f5:2f:87:f9:2e:dc:5b:80:d7:
46:f5:4a:2e:9c:a7:2f:4a:e3:51:80:64:a5:99:4d:75:34:23:
6e:91:67:2e:31:40:b4:5b:70:82:6f:fa:a1:0d:c9:0f:81:a2:
3e:62:8e:90:1e:37:82:58:4d:6b:e2:49:29:54:d8:c9:5c:fb:
e2:fa:55:1b:39:3d:9d:dc:43:fa:2b:5d:dd:0b:8f:63:17:59:
a6:97:81:a6:72:e1:33:65:a4:53:01:01:af:da:df:36:38:6b:
f4:a0:c1:91:02:f8:8c:e2:0a:8b:a0:17:86:8f:74:db:b5:61:
c0:23:a0:f6:e8:04:62:68:f5:12:ca:6d:8c:48:7f:d8:3c:12:
91:a1:06:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgzHLBdsN6YG8UCGrpnV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZWU1ZTcxNDA5YjIxZmQ1YzgyMGYzZDNhYzNmZGMwZmNl
NzVhMGIwHhcNMjMwMTAyMDgwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzdlMWE0NDk0ZDc4Mjk1NTYxYWM4YTQ1Y2YwMGNmOWVlZmE1ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTKOsVS+mxmhMPrmgTHE+NiEO/E0
di3CVuURowwFDUcKSzPPyqN+iuOoloXGZpcF5ZbeYX7SHV9V1hgDHo5qXlca+IM4
6sTnJ+Yb8Lw1xijKupDcm68K9IYcyoi+K7POzDpDKdOMUtvxjRkuA/V6Lg+fwoMI
5Yb6qAqGyA0oYkYeHLY73lmYU6XWT0Qzt1rEi7120MGrtYUUuR2YQrhrdnBUA11g
6owImasFNn/LXNUUbGa9P5xe71gFx5+gHkuuMIXLkCx8HZMd9rPrk72sFZn4dTY4
GDFFpn/xV9glf2qj/HMFDBEoZwScb81ZXda4lrPpRXUmxIDI5yVzuOMUSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPN+GkSU14KVVhrIpFzwDPnu+l3lMB8GA1UdIwQY
MBaAFCPuXnFAmyH9XIIPPTrD/cD851oLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS01ZWNVQ2JJZjFjZ2c4OU9zUDl3UHpuV2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNGI5M2MtYTAzZC00YWRhLTgzZmMt
YmM2MzdhODUxMmIxLzEvODM0YVJKVFhncFZXR3Npa1hQQU0tZTc2WGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNGI5M2MtYTAzZC00YWRhLTgzZmMtYmM2MzdhODUxMmIx
LzEvSS01ZWNVQ2JJZjFjZ2c4OU9zUDl3UHpuV2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKcMA0G
CSqGSIb3DQEBCwUAA4IBAQChw5QDuBrr31rNN+SbRXW+L13N7BzaccboQQTsnjzX
hgAJzWc6yOQKrHAz3q4HnA8Zk8WQXOSwXJR62hPV/26Rz6TTGxPSpiPjchlHDCIi
YT7mLI1mSaF5+5iphNYW0oKpAByL1ihJmYq9IMg5ZolVxW+BsPf1L4f5LtxbgNdG
9UounKcvSuNRgGSlmU11NCNukWcuMUC0W3CCb/qhDckPgaI+Yo6QHjeCWE1r4kkp
VNjJXPvi+lUbOT2d3EP6K13dC49jF1mml4GmcuEzZaRTAQGv2t82OGv0oMGRAviM
4gqLoBeGj3TbtWHAI6D26ARiaPUSym2MSH/YPBKRoQbq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:17 2025 by rpki-client