Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/1O1JTmxvsigiMCxK0UQkAWvf7S0.roa
File: 1O1JTmxvsigiMCxK0UQkAWvf7S0.roa (raw, json)
Hash identifier: 9S4WGjcLvwb6auPY6QKsT/m3IQ+Z/hoCWQ7y//yxOOo=
Subject key identifier: D4:ED:49:4E:6C:6F:B2:28:22:30:2C:4A:D1:44:24:01:6B:DF:ED:2D
Certificate issuer: /CN=2becef943d34c80e0a0fd81426e6136b31508fee
Certificate serial: 01877465E996FF16B53737F3D1220D1AB97D
Authority key identifier: 2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/1O1JTmxvsigiMCxK0UQkAWvf7S0.roa
Signing time: Wed 12 Apr 2023 07:37:28 +0000
ROA not before: Wed 12 Apr 2023 07:37:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15704
IP address blocks: 185.195.179.0/24 maxlen: 24
185.195.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:65:e9:96:ff:16:b5:37:37:f3:d1:22:0d:1a:b9:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2becef943d34c80e0a0fd81426e6136b31508fee
Validity
Not Before: Apr 12 07:37:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4ed494e6c6fb22822302c4ad14424016bdfed2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3b:5f:e7:a1:81:9c:be:60:42:1c:be:98:1b:
3d:60:df:ec:01:5f:32:3e:fb:cf:38:fa:49:bb:27:
30:4a:a3:46:53:30:04:24:ac:79:43:f0:05:c8:32:
6a:b0:c6:78:35:dc:dc:49:05:c6:9a:33:bd:ad:f0:
3d:f7:32:2e:6d:39:2b:95:c5:56:27:10:95:25:07:
50:d5:0b:54:62:17:d7:41:d7:46:ae:4b:d1:cc:ff:
a0:88:62:ff:2b:6b:4b:09:a8:c9:07:49:00:e4:d1:
02:53:c8:12:cd:47:81:32:7d:62:26:d2:a3:5a:1e:
c2:4f:6d:4c:9f:b3:4a:56:35:da:8f:2f:26:d9:4b:
aa:81:b1:5c:e6:f1:35:26:49:40:31:4d:12:cd:45:
3a:7b:0b:f9:e1:ba:60:b8:46:a9:9e:91:3d:63:48:
8c:6b:42:26:98:28:41:17:cf:dd:a0:79:90:93:f4:
5b:33:22:69:72:66:33:66:53:b8:95:d5:a4:12:6e:
a4:b7:93:61:9c:c6:54:00:74:80:bf:91:c6:1b:63:
c3:bb:23:c6:e3:3d:8e:0f:4d:3b:84:93:14:f8:9d:
9d:75:80:6c:b4:00:09:3e:80:cd:98:9e:f4:e3:ca:
b7:ed:0e:4d:73:39:74:b6:b6:c9:1d:c5:b5:3b:37:
6f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:ED:49:4E:6C:6F:B2:28:22:30:2C:4A:D1:44:24:01:6B:DF:ED:2D
X509v3 Authority Key Identifier:
keyid:2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/1O1JTmxvsigiMCxK0UQkAWvf7S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/K-zvlD00yA4KD9gUJuYTazFQj-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.176.0/24
185.195.179.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:51:58:54:13:63:85:3e:51:dd:76:ab:1d:dc:61:58:22:ed:
55:c9:ca:4e:16:0f:53:a9:55:fb:73:90:8f:e6:6e:2b:f0:02:
43:20:84:67:36:11:30:6c:5a:de:b5:e7:1c:68:54:ca:cc:34:
4a:2a:58:30:7b:28:7e:64:cc:6a:dd:2f:7b:35:64:20:11:c1:
43:d9:da:0d:7e:07:ad:a4:b7:82:70:06:52:9e:61:7f:60:eb:
00:4b:38:e3:15:da:db:69:00:ab:ab:2f:a3:80:3b:f9:4e:b7:
fc:0b:d4:a9:28:00:9c:65:be:1a:aa:01:1d:7d:43:4c:93:21:
ea:70:7a:99:76:e0:95:a7:87:d3:65:47:ef:dd:b4:9b:2f:26:
1d:e9:9e:f1:74:58:e1:97:21:bb:72:fa:4e:fd:17:a5:11:9b:
88:72:63:0c:ab:17:c3:55:05:d8:1b:ea:81:12:e6:3f:31:03:
60:11:9c:e6:b9:21:24:f5:8a:20:5f:0a:8e:04:73:43:92:95:
7b:20:d1:87:fe:b6:f5:49:aa:6e:47:a9:f3:ea:fd:a9:e5:83:
a4:a8:9a:90:85:d2:c2:84:8a:fa:d8:63:24:bc:ee:6f:ff:e9:
8f:bc:0b:ac:4c:90:c1:85:f1:6a:9c:91:1d:95:05:09:ee:70:
c1:bc:7e:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd0ZemW/xa1Nzfz0SINGrl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZWNlZjk0M2QzNGM4MGUwYTBmZDgxNDI2ZTYxMzZiMzE1
MDhmZWUwHhcNMjMwNDEyMDczNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGVkNDk0ZTZjNmZiMjI4MjIzMDJjNGFkMTQ0MjQwMTZiZGZlZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTtf56GBnL5gQhy+mBs9YN/sAV8y
PvvPOPpJuycwSqNGUzAEJKx5Q/AFyDJqsMZ4NdzcSQXGmjO9rfA99zIubTkrlcVW
JxCVJQdQ1QtUYhfXQddGrkvRzP+giGL/K2tLCajJB0kA5NECU8gSzUeBMn1iJtKj
Wh7CT21Mn7NKVjXajy8m2UuqgbFc5vE1JklAMU0SzUU6ewv54bpguEapnpE9Y0iM
a0ImmChBF8/doHmQk/RbMyJpcmYzZlO4ldWkEm6kt5NhnMZUAHSAv5HGG2PDuyPG
4z2OD007hJMU+J2ddYBstAAJPoDNmJ7048q37Q5Nczl0trbJHcW1Ozdv7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNTtSU5sb7IoIjAsStFEJAFr3+0tMB8GA1UdIwQY
MBaAFCvs75Q9NMgOCg/YFCbmE2sxUI/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy16dmxEMDB5QTRLRDlnVUp1WVRhekZRai00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZmJhOTMtMjk3My00MjEzLWI2ZjEt
NDQ5MTI0YWNlMDI2LzEvMU8xSlRteHZzaWdpTUN4SzBVUWtBV3ZmN1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZmJhOTMtMjk3My00MjEzLWI2ZjEtNDQ5MTI0YWNlMDI2
LzEvSy16dmxEMDB5QTRLRDlnVUp1WVRhekZRai00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucOwAwQA
ucOzMA0GCSqGSIb3DQEBCwUAA4IBAQAMUVhUE2OFPlHddqsd3GFYIu1VycpOFg9T
qVX7c5CP5m4r8AJDIIRnNhEwbFreteccaFTKzDRKKlgweyh+ZMxq3S97NWQgEcFD
2doNfgetpLeCcAZSnmF/YOsASzjjFdrbaQCrqy+jgDv5Trf8C9SpKACcZb4aqgEd
fUNMkyHqcHqZduCVp4fTZUfv3bSbLyYd6Z7xdFjhlyG7cvpO/RelEZuIcmMMqxfD
VQXYG+qBEuY/MQNgEZzmuSEk9YogXwqOBHNDkpV7INGH/rb1SapuR6nz6v2p5YOk
qJqQhdLChIr62GMkvO5v/+mPvAusTJDBhfFqnJEdlQUJ7nDBvH5C
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:23 2025 by rpki-client