Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/lD30GYKctTr9rBsCGM2eIJb8DQs.roa
File: lD30GYKctTr9rBsCGM2eIJb8DQs.roa (raw, json)
Hash identifier: /OC0FbtQdFcQ0xMAQu2nTjX+YsccHWCIF3ivc1otIKM=
Subject key identifier: 94:3D:F4:19:82:9C:B5:3A:FD:AC:1B:02:18:CD:9E:20:96:FC:0D:0B
Certificate issuer: /CN=229fb0fb3d278e1b280a777de200efbd08baac30
Certificate serial: 01882EA7E0BA40742151A6EE9D2D1ABA017C
Authority key identifier: 22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/lD30GYKctTr9rBsCGM2eIJb8DQs.roa
Signing time: Thu 18 May 2023 11:38:53 +0000
ROA not before: Thu 18 May 2023 11:38:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 719
IP address blocks: 185.171.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2e:a7:e0:ba:40:74:21:51:a6:ee:9d:2d:1a:ba:01:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229fb0fb3d278e1b280a777de200efbd08baac30
Validity
Not Before: May 18 11:38:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=943df419829cb53afdac1b0218cd9e2096fc0d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1f:fb:d7:49:13:eb:ae:a4:ac:4b:61:aa:c0:
5f:60:e4:e1:ad:90:3f:f9:78:e1:10:ec:d7:e9:11:
73:fb:10:09:e5:06:15:bb:78:1c:a5:cf:f9:51:95:
a6:71:c9:8a:c2:d9:6d:70:57:6e:84:e4:26:a3:0e:
26:50:a8:f0:7a:c2:d3:77:7f:9d:f1:c2:4b:0a:61:
65:db:dc:d6:10:b2:f9:a7:09:af:72:ad:e3:b4:87:
7b:a0:be:16:d1:c5:8a:d2:34:9e:33:79:0f:62:7d:
37:60:da:b9:e9:9c:23:f4:98:d3:7d:2d:7b:6b:40:
13:77:e4:e1:c9:83:83:e0:5e:01:50:24:79:72:8d:
d1:89:cb:fd:31:9b:4d:ef:19:86:d0:59:3a:28:15:
fc:ac:f1:fb:3f:8b:19:f4:cf:2a:4c:aa:0c:eb:5f:
9e:7d:b0:55:d6:ad:3a:68:5b:1b:4c:bb:32:a3:4e:
c8:dc:56:8c:b9:10:7f:f0:84:94:a2:d7:e7:3e:90:
79:a0:c3:b8:90:70:05:80:10:ab:64:1d:18:d2:68:
c5:fd:3f:80:04:1b:e1:dc:9b:a0:99:0a:57:9e:8c:
ad:80:9a:94:fb:ab:04:41:c5:c1:97:89:e9:b2:92:
7d:43:a5:99:0d:87:8b:07:09:7c:af:de:e8:4a:e5:
cd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3D:F4:19:82:9C:B5:3A:FD:AC:1B:02:18:CD:9E:20:96:FC:0D:0B
X509v3 Authority Key Identifier:
keyid:22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/lD30GYKctTr9rBsCGM2eIJb8DQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/Ip-w-z0njhsoCnd94gDvvQi6rDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.179.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:cb:a0:32:2d:fd:b0:2c:b2:94:3c:fd:36:fe:73:23:2a:ea:
ef:86:fc:98:57:8f:d2:ab:8a:81:ec:d1:29:ac:d5:3e:2f:f8:
e0:8b:1a:d1:d5:15:91:0f:f3:a8:ec:42:59:a8:cb:ab:76:53:
47:d7:77:cb:f8:e9:7e:71:ac:36:68:2b:ca:de:32:6b:af:b0:
14:2e:9c:ae:d5:72:79:7b:4b:93:a9:10:95:13:85:e9:bc:ed:
f8:da:c5:22:94:71:ce:34:2a:a5:b2:9e:8d:1f:e6:2a:ed:a4:
8c:53:8e:4b:1c:ce:8e:2b:d8:1a:88:98:b1:7a:12:f5:71:e6:
01:09:79:9f:81:8e:ba:e2:25:c4:7c:f1:e3:d2:c4:85:e4:25:
07:a9:0b:94:b6:39:62:3c:d4:51:71:3b:03:aa:5f:c7:2a:84:
86:f1:15:59:44:8d:48:a7:2d:3e:3e:30:f9:fc:fa:db:91:e6:
ce:70:42:4e:ee:95:57:c6:a4:de:cb:13:a9:eb:5f:e6:ec:12:
4c:ff:38:4c:2a:7e:77:ec:a7:6d:ff:90:58:68:db:fb:eb:d7:
fb:cd:2d:f6:e9:5e:3c:e2:9d:59:ab:4a:f4:63:82:87:08:0c:
28:9d:70:4e:5d:2a:b6:de:e4:bd:2c:8c:94:91:02:09:11:2d:
48:52:b8:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgup+C6QHQhUabunS0augF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWZiMGZiM2QyNzhlMWIyODBhNzc3ZGUyMDBlZmJkMDhi
YWFjMzAwHhcNMjMwNTE4MTEzODUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDNkZjQxOTgyOWNiNTNhZmRhYzFiMDIxOGNkOWUyMDk2ZmMwZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB/710kT666krEthqsBfYOThrZA/
+XjhEOzX6RFz+xAJ5QYVu3gcpc/5UZWmccmKwtltcFduhOQmow4mUKjwesLTd3+d
8cJLCmFl29zWELL5pwmvcq3jtId7oL4W0cWK0jSeM3kPYn03YNq56Zwj9JjTfS17
a0ATd+ThyYOD4F4BUCR5co3Ricv9MZtN7xmG0Fk6KBX8rPH7P4sZ9M8qTKoM61+e
fbBV1q06aFsbTLsyo07I3FaMuRB/8ISUotfnPpB5oMO4kHAFgBCrZB0Y0mjF/T+A
BBvh3JugmQpXnoytgJqU+6sEQcXBl4npspJ9Q6WZDYeLBwl8r97oSuXNOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQ99BmCnLU6/awbAhjNniCW/A0LMB8GA1UdIwQY
MBaAFCKfsPs9J44bKAp3feIA770IuqwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTct
N2I5ODY2MzNhYzVlLzEvbEQzMEdZS2N0VHI5ckJzQ0dNMmVJSmI4RFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTctN2I5ODY2MzNhYzVl
LzEvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuauzMA0G
CSqGSIb3DQEBCwUAA4IBAQBey6AyLf2wLLKUPP02/nMjKurvhvyYV4/Sq4qB7NEp
rNU+L/jgixrR1RWRD/Oo7EJZqMurdlNH13fL+Ol+caw2aCvK3jJrr7AULpyu1XJ5
e0uTqRCVE4XpvO342sUilHHONCqlsp6NH+Yq7aSMU45LHM6OK9gaiJixehL1ceYB
CXmfgY664iXEfPHj0sSF5CUHqQuUtjliPNRRcTsDql/HKoSG8RVZRI1Ipy0+PjD5
/PrbkebOcEJO7pVXxqTeyxOp61/m7BJM/zhMKn537Kdt/5BYaNv769f7zS326V48
4p1Zq0r0Y4KHCAwonXBOXSq23uS9LIyUkQIJES1IUrj1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:02 2025 by rpki-client