Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/cI62b5a5kFiSYgZ1KlYWagGRDSY.roa
File: cI62b5a5kFiSYgZ1KlYWagGRDSY.roa (raw, json)
Hash identifier: lo1POSqr5T4GnpRiLeLk8Fx9r3x/gAsdOxrYcIJpi8A=
Subject key identifier: 70:8E:B6:6F:96:B9:90:58:92:62:06:75:2A:56:16:6A:01:91:0D:26
Certificate issuer: /CN=854c0db0065844d9594dfe8dd8efd77ed1e493f8
Certificate serial: 018C46372B75B60BED3453E551B4ACAECAD0
Authority key identifier: 85:4C:0D:B0:06:58:44:D9:59:4D:FE:8D:D8:EF:D7:7E:D1:E4:93:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUwNsAZYRNlZTf6N2O_XftHkk_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/cI62b5a5kFiSYgZ1KlYWagGRDSY.roa
Signing time: Thu 07 Dec 2023 21:37:49 +0000
ROA not before: Thu 07 Dec 2023 21:37:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25091
IP address blocks: 185.247.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:46:37:2b:75:b6:0b:ed:34:53:e5:51:b4:ac:ae:ca:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c0db0065844d9594dfe8dd8efd77ed1e493f8
Validity
Not Before: Dec 7 21:37:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=708eb66f96b99058926206752a56166a01910d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:07:2b:9e:11:0f:c8:c3:0c:d8:38:25:5b:23:
9b:75:a6:73:15:4d:bc:71:fe:2c:4c:4d:08:d8:ee:
a2:66:03:e5:4c:b7:74:0d:6a:51:45:c5:98:ef:7c:
29:ae:46:48:b2:ca:4c:73:9f:15:1c:97:36:20:52:
cb:b7:02:be:84:43:42:a1:cd:cc:00:92:2a:48:82:
ca:9a:70:74:bb:2d:6d:9b:e4:f9:11:c1:95:66:b1:
05:65:a5:3d:98:b5:7a:f0:51:91:8a:2d:55:79:1e:
d7:0a:4c:71:64:06:84:5f:c3:a9:1c:70:59:1c:73:
ec:d9:fb:93:10:f3:93:0c:2d:9d:f6:0b:14:6f:ed:
3d:43:1a:9a:0b:80:2c:4f:cf:24:72:b5:cc:9b:6e:
07:61:ff:39:98:a8:a7:ee:f6:6a:08:e3:72:f6:10:
27:ca:fb:c6:44:a0:af:6b:fe:61:a2:f8:ae:ab:a5:
28:11:25:cc:4f:46:6e:b4:9f:9c:d7:1e:bc:57:3c:
8c:4a:12:cc:54:bf:ff:9e:3e:02:91:ad:e5:b0:83:
ea:b3:96:f8:94:28:db:26:4e:30:9f:73:bd:b9:7b:
bb:80:09:f7:c8:1e:16:39:ac:12:f1:46:3d:b9:96:
7f:fd:9f:da:17:f5:9d:96:61:91:a7:85:8f:cf:29:
5f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8E:B6:6F:96:B9:90:58:92:62:06:75:2A:56:16:6A:01:91:0D:26
X509v3 Authority Key Identifier:
keyid:85:4C:0D:B0:06:58:44:D9:59:4D:FE:8D:D8:EF:D7:7E:D1:E4:93:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUwNsAZYRNlZTf6N2O_XftHkk_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/cI62b5a5kFiSYgZ1KlYWagGRDSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/hUwNsAZYRNlZTf6N2O_XftHkk_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.196.0/22
Signature Algorithm: sha256WithRSAEncryption
47:db:c2:c4:54:71:ca:ef:80:54:66:af:61:ce:72:bc:6f:69:
98:31:b8:7b:d3:fe:02:c9:1b:db:a9:e7:c8:c8:03:1f:99:0b:
36:a8:63:63:17:63:7f:40:68:24:ab:22:af:ea:6a:48:80:be:
db:1a:f7:82:a1:47:59:f1:e9:36:05:25:f5:9f:80:a0:f1:82:
94:80:94:11:cc:ef:5a:20:25:30:63:ab:19:21:b5:c9:97:8c:
7b:20:1b:21:02:ae:7f:7c:18:ac:30:bb:cd:a4:c3:e7:70:80:
cb:38:25:39:4b:fa:7b:3a:99:6e:92:32:16:cb:cd:c7:77:ae:
5a:52:6e:53:e0:a6:fb:f7:51:50:c7:a2:9b:dd:84:85:2f:37:
20:50:7a:e3:3a:aa:30:6a:80:1a:57:fa:f7:51:8e:ad:d7:80:
c3:79:0a:e0:c7:b8:51:5d:3c:6a:38:24:d6:e4:2c:df:0f:0d:
ca:1a:9f:ec:30:45:af:aa:76:e8:80:14:6d:28:e5:dd:8f:f2:
b1:a4:9a:28:64:47:0e:80:dc:ce:d7:ca:de:b1:f4:48:f3:f5:
d5:83:a0:84:43:64:43:d8:ea:98:50:76:26:0f:e4:83:68:32:
e4:44:21:75:c4:22:1c:1f:93:58:df:a5:36:9c:6e:00:de:1b:
70:14:d6:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxGNyt1tgvtNFPlUbSsrsrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGMwZGIwMDY1ODQ0ZDk1OTRkZmU4ZGQ4ZWZkNzdlZDFl
NDkzZjgwHhcNMjMxMjA3MjEzNzQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhlYjY2Zjk2Yjk5MDU4OTI2MjA2NzUyYTU2MTY2YTAxOTEwZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AcrnhEPyMMM2DglWyObdaZzFU28
cf4sTE0I2O6iZgPlTLd0DWpRRcWY73wprkZIsspMc58VHJc2IFLLtwK+hENCoc3M
AJIqSILKmnB0uy1tm+T5EcGVZrEFZaU9mLV68FGRii1VeR7XCkxxZAaEX8OpHHBZ
HHPs2fuTEPOTDC2d9gsUb+09QxqaC4AsT88kcrXMm24HYf85mKin7vZqCONy9hAn
yvvGRKCva/5hoviuq6UoESXMT0ZutJ+c1x68VzyMShLMVL//nj4Cka3lsIPqs5b4
lCjbJk4wn3O9uXu7gAn3yB4WOawS8UY9uZZ//Z/aF/WdlmGRp4WPzylfewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCOtm+WuZBYkmIGdSpWFmoBkQ0mMB8GA1UdIwQY
MBaAFIVMDbAGWETZWU3+jdjv137R5JP4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV3TnNBWllSTmxaVGY2TjJPX1hmdEhra19nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lYzY3ZGItYzdhMS00OGE2LWFiOTQt
NjBiOTM1OTViYWM5LzEvY0k2MmI1YTVrRmlTWWdaMUtsWVdhZ0dSRFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lYzY3ZGItYzdhMS00OGE2LWFiOTQtNjBiOTM1OTViYWM5
LzEvaFV3TnNBWllSTmxaVGY2TjJPX1hmdEhra19nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuffEMA0G
CSqGSIb3DQEBCwUAA4IBAQBH28LEVHHK74BUZq9hznK8b2mYMbh70/4CyRvbqefI
yAMfmQs2qGNjF2N/QGgkqyKv6mpIgL7bGveCoUdZ8ek2BSX1n4Cg8YKUgJQRzO9a
ICUwY6sZIbXJl4x7IBshAq5/fBisMLvNpMPncIDLOCU5S/p7OplukjIWy83Hd65a
Um5T4Kb791FQx6Kb3YSFLzcgUHrjOqowaoAaV/r3UY6t14DDeQrgx7hRXTxqOCTW
5CzfDw3KGp/sMEWvqnbogBRtKOXdj/KxpJooZEcOgNzO18resfRI8/XVg6CEQ2RD
2OqYUHYmD+SDaDLkRCF1xCIcH5NY36U2nG4A3htwFNYJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:34 2025 by rpki-client