Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1335d6-b4d6-4c83-8b0e-8f215c09ae72/1/7pagPpZFA-wDRMKGsITKC46y58w.roa
File: 7pagPpZFA-wDRMKGsITKC46y58w.roa (raw, json)
Hash identifier: ppeO2EBLx6lhGvcansvpqRvvhrj7l2IiszKjQy1Vfrs=
Subject key identifier: EE:96:A0:3E:96:45:03:EC:03:44:C2:86:B0:84:CA:0B:8E:B2:E7:CC
Certificate issuer: /CN=7450810f13df8d9019f157c36fbd0f6db9862992
Certificate serial: 01856D81C320290A7E7932F569C328A1169A
Authority key identifier: 74:50:81:0F:13:DF:8D:90:19:F1:57:C3:6F:BD:0F:6D:B9:86:29:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dFCBDxPfjZAZ8VfDb70PbbmGKZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1335d6-b4d6-4c83-8b0e-8f215c09ae72/1/7pagPpZFA-wDRMKGsITKC46y58w.roa
Signing time: Sun 01 Jan 2023 13:24:58 +0000
ROA not before: Sun 01 Jan 2023 13:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47455
IP address blocks: 185.144.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c3:20:29:0a:7e:79:32:f5:69:c3:28:a1:16:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7450810f13df8d9019f157c36fbd0f6db9862992
Validity
Not Before: Jan 1 13:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee96a03e964503ec0344c286b084ca0b8eb2e7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:48:d0:cd:67:66:5d:cd:73:c8:f6:4a:96:14:
bf:e5:60:ce:6e:b6:6a:27:5a:a3:77:a0:b4:b8:fc:
b8:9a:7b:8f:4e:0f:fc:43:c5:bf:33:28:bb:61:fc:
b5:3c:d5:e3:97:00:d0:e7:4d:6a:2a:a5:a0:df:a1:
3d:63:4b:ed:e7:26:94:27:2e:1c:2c:d2:52:bd:13:
9d:c7:1a:59:18:39:46:45:f9:52:a9:b6:35:da:31:
61:d9:c8:38:5f:0d:e3:03:16:46:89:51:91:43:ce:
9d:9a:0f:5b:ad:06:ad:2e:ab:40:6e:68:ce:20:4d:
63:bf:64:32:61:7c:f8:98:b6:46:9c:5a:cf:3a:21:
86:09:20:10:db:54:bf:16:c0:5b:52:15:2d:5e:9d:
50:86:91:37:d4:c9:3d:c2:02:2b:d1:d4:62:8d:1e:
ce:fc:1c:bf:1b:b0:c3:12:4b:10:b9:de:36:ad:9e:
8a:bb:10:a4:82:67:f0:b4:b3:c5:36:54:0d:cc:a8:
74:5e:d5:42:37:99:c8:95:e2:8a:1c:17:07:19:53:
0f:e8:b5:20:20:69:e8:c6:22:38:07:20:07:d8:49:
7d:e8:be:07:a9:4d:53:6a:9a:2f:fb:94:62:0c:18:
9b:2e:a0:fb:51:3e:c6:30:db:ed:49:30:e1:62:39:
49:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:96:A0:3E:96:45:03:EC:03:44:C2:86:B0:84:CA:0B:8E:B2:E7:CC
X509v3 Authority Key Identifier:
keyid:74:50:81:0F:13:DF:8D:90:19:F1:57:C3:6F:BD:0F:6D:B9:86:29:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dFCBDxPfjZAZ8VfDb70PbbmGKZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1335d6-b4d6-4c83-8b0e-8f215c09ae72/1/7pagPpZFA-wDRMKGsITKC46y58w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1335d6-b4d6-4c83-8b0e-8f215c09ae72/1/dFCBDxPfjZAZ8VfDb70PbbmGKZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:d7:1c:14:ba:93:36:9b:46:2e:4c:3c:9e:54:23:4f:6b:ba:
c9:f3:2b:52:25:80:0b:1e:39:f8:e3:72:93:f9:47:8e:bc:af:
7d:89:51:20:7f:e3:9a:45:f6:03:1f:ea:59:68:e6:08:46:c7:
ee:94:81:3d:b4:a8:28:98:0f:a1:ca:be:b0:70:17:ca:ad:6f:
29:60:79:c4:a5:a1:f7:3f:30:c9:4a:35:86:60:96:1e:75:7a:
a4:b7:fd:76:d7:85:65:f1:bc:20:9c:fa:84:e1:7a:54:d0:d1:
48:2d:a7:18:d7:b9:8f:eb:60:8b:d6:23:bf:8c:70:71:f0:dd:
95:b5:3b:08:d3:9d:d2:b0:8c:aa:f2:75:b5:0a:f2:c8:bd:d1:
0f:36:07:05:2b:c6:4c:07:37:e3:ff:bc:6c:ca:9d:7e:db:d7:
4b:bb:fb:ec:fe:ac:46:db:7d:13:82:4b:54:6f:5f:c5:54:06:
72:11:4a:00:68:e9:6b:07:00:ef:87:c5:2f:ce:41:93:26:48:
93:e5:ac:f3:47:78:3c:1b:91:2e:ae:ad:f4:f0:a8:83:e6:4d:
6e:0b:68:c1:02:42:cd:98:f7:e6:11:93:49:ea:a4:37:25:6d:
8f:76:95:f8:9b:c4:8e:f8:ff:df:e5:3b:11:85:7d:12:f0:98:
5c:1f:e0:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgcMgKQp+eTL1acMooRaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NTA4MTBmMTNkZjhkOTAxOWYxNTdjMzZmYmQwZjZkYjk4
NjI5OTIwHhcNMjMwMTAxMTMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTk2YTAzZTk2NDUwM2VjMDM0NGMyODZiMDg0Y2EwYjhlYjJlN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkjQzWdmXc1zyPZKlhS/5WDObrZq
J1qjd6C0uPy4mnuPTg/8Q8W/Myi7Yfy1PNXjlwDQ501qKqWg36E9Y0vt5yaUJy4c
LNJSvROdxxpZGDlGRflSqbY12jFh2cg4Xw3jAxZGiVGRQ86dmg9brQatLqtAbmjO
IE1jv2QyYXz4mLZGnFrPOiGGCSAQ21S/FsBbUhUtXp1QhpE31Mk9wgIr0dRijR7O
/By/G7DDEksQud42rZ6KuxCkgmfwtLPFNlQNzKh0XtVCN5nIleKKHBcHGVMP6LUg
IGnoxiI4ByAH2El96L4HqU1Tapov+5RiDBibLqD7UT7GMNvtSTDhYjlJCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6WoD6WRQPsA0TChrCEyguOsufMMB8GA1UdIwQY
MBaAFHRQgQ8T342QGfFXw2+9D225himSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEZDQkR4UGZqWkFaOFZmRGI3MFBiYm1HS1pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMzM1ZDYtYjRkNi00YzgzLThiMGUt
OGYyMTVjMDlhZTcyLzEvN3BhZ1BwWkZBLXdEUk1LR3NJVEtDNDZ5NTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xMzM1ZDYtYjRkNi00YzgzLThiMGUtOGYyMTVjMDlhZTcy
LzEvZEZDQkR4UGZqWkFaOFZmRGI3MFBiYm1HS1pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZD8MA0G
CSqGSIb3DQEBCwUAA4IBAQAM1xwUupM2m0YuTDyeVCNPa7rJ8ytSJYALHjn443KT
+UeOvK99iVEgf+OaRfYDH+pZaOYIRsfulIE9tKgomA+hyr6wcBfKrW8pYHnEpaH3
PzDJSjWGYJYedXqkt/1214Vl8bwgnPqE4XpU0NFILacY17mP62CL1iO/jHBx8N2V
tTsI053SsIyq8nW1CvLIvdEPNgcFK8ZMBzfj/7xsyp1+29dLu/vs/qxG230TgktU
b1/FVAZyEUoAaOlrBwDvh8UvzkGTJkiT5azzR3g8G5Eurq308KiD5k1uC2jBAkLN
mPfmEZNJ6qQ3JW2PdpX4m8SO+P/f5TsRhX0S8JhcH+CO
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:46:00 2025 by rpki-client