Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/eO5HkexeKuZzskyCtJeu7m0pW1o.roa
File: eO5HkexeKuZzskyCtJeu7m0pW1o.roa (raw, json)
Hash identifier: 4zChIpGtJd7Js15JObjTQ9IyyMTyfyKhW5FyvaOfAXM=
Subject key identifier: 78:EE:47:91:EC:5E:2A:E6:73:B2:4C:82:B4:97:AE:EE:6D:29:5B:5A
Certificate issuer: /CN=3b413164a13c24ca77847774a6eb57105ee7809f
Certificate serial: 03B643D5
Authority key identifier: 3B:41:31:64:A1:3C:24:CA:77:84:77:74:A6:EB:57:10:5E:E7:80:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0ExZKE8JMp3hHd0putXEF7ngJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/eO5HkexeKuZzskyCtJeu7m0pW1o.roa
Signing time: Sat 01 Jan 2022 07:56:35 +0000
ROA not before: Sat 01 Jan 2022 07:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61129
IP address blocks: 185.67.157.0/24 maxlen: 24
185.67.158.0/24 maxlen: 24
185.67.159.0/24 maxlen: 24
185.67.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62276565 (0x3b643d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b413164a13c24ca77847774a6eb57105ee7809f
Validity
Not Before: Jan 1 07:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78ee4791ec5e2ae673b24c82b497aeee6d295b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c3:21:a8:30:bf:e6:9a:67:b8:4c:18:24:ad:
6c:12:4e:14:55:8b:03:00:a6:9e:e5:49:57:c7:6f:
26:36:7d:b9:a5:3d:ce:a7:59:2f:d7:ad:e3:ed:8d:
82:a2:57:d2:14:d5:a9:a3:89:a8:57:52:a6:21:02:
d7:8f:c4:3d:a8:af:6d:9e:b0:f5:1b:9d:d1:79:b5:
35:b8:62:e8:cc:93:29:14:3c:e1:2c:48:bc:c3:26:
18:34:04:9a:86:31:83:73:26:46:fc:51:53:53:2e:
0a:aa:2d:f3:d1:85:c9:8f:8a:c8:84:a0:dc:7b:61:
c1:97:9d:e7:f1:0d:71:b0:2a:5b:78:1d:1b:de:77:
85:31:97:76:9f:20:63:49:b5:3b:ea:e0:67:6f:0f:
f4:a6:2d:2e:b4:24:43:67:5b:86:f3:ef:bc:38:84:
44:b0:55:12:c8:2b:70:3a:2f:5b:f3:c2:dc:b3:11:
8b:b6:9b:7b:07:5e:88:54:0f:ed:b1:72:53:51:72:
45:19:d3:54:5a:ac:59:ea:99:4b:a9:ac:01:92:39:
d5:4c:be:e8:12:a8:ae:5d:ab:f5:cc:e3:83:d7:3a:
eb:12:cc:f2:82:9b:24:aa:46:23:f6:0b:d8:84:07:
2d:69:90:5b:4a:5e:66:ef:60:9c:c6:c7:13:0a:9e:
89:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:EE:47:91:EC:5E:2A:E6:73:B2:4C:82:B4:97:AE:EE:6D:29:5B:5A
X509v3 Authority Key Identifier:
keyid:3B:41:31:64:A1:3C:24:CA:77:84:77:74:A6:EB:57:10:5E:E7:80:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0ExZKE8JMp3hHd0putXEF7ngJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/eO5HkexeKuZzskyCtJeu7m0pW1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/O0ExZKE8JMp3hHd0putXEF7ngJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.156.0/22
Signature Algorithm: sha256WithRSAEncryption
52:90:27:28:1c:63:f2:e0:02:7d:11:9a:6d:50:a4:2a:e7:c2:
ae:06:6f:8c:59:d6:74:18:66:19:b5:59:73:2b:38:c6:20:42:
1f:1e:9b:1a:19:1e:07:06:5c:f4:9d:e4:96:5a:08:3f:8b:f2:
d9:b2:72:6b:94:11:64:e6:42:8a:ae:9e:ef:a8:1c:7c:8a:47:
ba:51:b4:bc:48:d7:f3:01:ee:27:44:9c:4d:ae:c0:4e:43:ff:
88:9c:50:3b:0f:91:c1:df:0a:d9:18:cf:5d:ac:80:b7:92:0d:
54:63:cf:c5:dd:64:62:9f:81:16:f8:d4:f7:08:b6:c1:ad:a3:
05:84:5a:04:80:15:b0:9a:8f:c4:c0:56:89:07:f2:dd:63:67:
33:a1:3f:2a:aa:cc:6a:82:f2:a7:b9:c0:b6:b7:be:e5:70:ff:
1f:d3:f0:50:82:4a:cb:40:ff:06:e6:84:4c:8e:c0:47:d5:25:
0a:c0:78:2d:9e:0e:be:71:80:e9:92:43:60:10:8b:69:ef:95:
f6:d3:e4:d8:5f:27:95:09:df:7a:56:da:fe:6f:03:c4:8d:d2:
8c:fb:16:49:a1:f6:46:2a:fb:51:70:db:15:6f:4e:9a:62:35:
5c:c6:59:a4:03:58:eb:96:2b:c0:90:fa:cd:24:3c:33:b3:9f:
94:58:b3:ed
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7ZD1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQxMzE2NGExM2MyNGNhNzc4NDc3NzRhNmViNTcxMDVlZTc4MDlmMB4XDTIyMDEw
MTA3NTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhlZTQ3OTFlYzVl
MmFlNjczYjI0YzgyYjQ5N2FlZWU2ZDI5NWI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI3DIagwv+aaZ7hMGCStbBJOFFWLAwCmnuVJV8dvJjZ9uaU9
zqdZL9et4+2NgqJX0hTVqaOJqFdSpiEC14/EPaivbZ6w9Rud0Xm1Nbhi6MyTKRQ8
4SxIvMMmGDQEmoYxg3MmRvxRU1MuCqot89GFyY+KyISg3HthwZed5/ENcbAqW3gd
G953hTGXdp8gY0m1O+rgZ28P9KYtLrQkQ2dbhvPvvDiERLBVEsgrcDovW/PC3LMR
i7abewdeiFQP7bFyU1FyRRnTVFqsWeqZS6msAZI51Uy+6BKorl2r9czjg9c66xLM
8oKbJKpGI/YL2IQHLWmQW0peZu9gnMbHEwqeiQECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR47keR7F4q5nOyTIK0l67ubSlbWjAfBgNVHSMEGDAWgBQ7QTFkoTwkyneE
d3Sm61cQXueAnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wRXhaS0U4Sk1wM2hIZDBwdXRYRUY3bmdKOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvOWFhMDU4LTM4NGMtNDIzNC1iNDkyLWM2OGQ3ZjljNzgxOC8x
L2VPNUhrZXhlS3VaenNreUN0SmV1N20wcFcxby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
OWFhMDU4LTM4NGMtNDIzNC1iNDkyLWM2OGQ3ZjljNzgxOC8xL08wRXhaS0U4Sk1w
M2hIZDBwdXRYRUY3bmdKOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlDnDANBgkqhkiG9w0BAQsFAAOC
AQEAUpAnKBxj8uACfRGabVCkKufCrgZvjFnWdBhmGbVZcys4xiBCHx6bGhkeBwZc
9J3klloIP4vy2bJya5QRZOZCiq6e76gcfIpHulG0vEjX8wHuJ0ScTa7ATkP/iJxQ
Ow+Rwd8K2RjPXayAt5INVGPPxd1kYp+BFvjU9wi2wa2jBYRaBIAVsJqPxMBWiQfy
3WNnM6E/KqrMaoLyp7nAtre+5XD/H9PwUIJKy0D/BuaETI7AR9UlCsB4LZ4OvnGA
6ZJDYBCLae+V9tPk2F8nlQnfelba/m8DxI3SjPsWSaH2Rir7UXDbFW9OmmI1XMZZ
pANY65YrwJD6zSQ8M7OflFiz7Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:20 2025 by rpki-client