Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/_HPwh9VPkzYrB12f1CmJSeSIrFM.roa
File: _HPwh9VPkzYrB12f1CmJSeSIrFM.roa (raw, json)
Hash identifier: FN5dCQ9doy6ehp7tRpJqgSpcH0laVSXHo72Rj9afeUo=
Subject key identifier: FC:73:F0:87:D5:4F:93:36:2B:07:5D:9F:D4:29:89:49:E4:88:AC:53
Certificate issuer: /CN=5ea1653e177aa2955400805c8c75bd0d68583afc
Certificate serial: 01847FF306658E6E1F3FAFD72C581C65C124
Authority key identifier: 5E:A1:65:3E:17:7A:A2:95:54:00:80:5C:8C:75:BD:0D:68:58:3A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XqFlPhd6opVUAIBcjHW9DWhYOvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/_HPwh9VPkzYrB12f1CmJSeSIrFM.roa
Signing time: Wed 16 Nov 2022 10:19:03 +0000
ROA not before: Wed 16 Nov 2022 10:19:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212086
IP address blocks: 185.231.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:f3:06:65:8e:6e:1f:3f:af:d7:2c:58:1c:65:c1:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ea1653e177aa2955400805c8c75bd0d68583afc
Validity
Not Before: Nov 16 10:19:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc73f087d54f93362b075d9fd4298949e488ac53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b1:cb:5b:a1:9f:d7:99:e4:0e:13:38:4d:68:
25:46:98:0f:63:5d:f4:7b:5e:c6:f3:4b:25:b9:dd:
1f:a0:f2:cf:55:6e:8a:2d:d9:ca:9a:e3:9c:4b:bb:
67:1a:a1:5c:c1:eb:de:9a:4c:58:9a:c6:03:7d:20:
e7:23:96:cc:ea:d7:14:7f:09:7a:49:6a:f6:bf:27:
d4:c5:3b:a0:ca:ba:5f:e9:2e:ce:cd:fe:e8:43:47:
59:cf:ca:bc:63:48:10:77:2d:2e:e3:49:c8:a2:72:
87:4c:8b:36:d7:41:91:c7:b7:6f:c4:e6:28:37:87:
64:89:05:78:86:d7:f3:28:14:92:53:39:09:73:f0:
35:76:02:67:92:22:28:6a:3f:85:f1:26:67:b7:5e:
8e:86:82:d3:b3:5a:18:52:2f:f3:6e:bf:79:c2:f8:
cb:1b:3f:1a:19:a4:22:55:da:cb:5a:5a:2b:8d:62:
20:c5:9f:49:b6:c3:4a:96:d4:96:c9:79:13:2f:61:
88:33:06:97:2c:c3:35:28:2d:84:cf:05:58:30:36:
ed:0e:43:52:f7:36:45:22:1e:bb:9b:3b:db:37:f9:
a5:83:7a:e5:71:7b:2e:93:e1:11:be:bf:67:59:b9:
e6:05:ac:cc:80:49:f1:3e:7d:6d:89:6f:3d:19:c9:
44:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:73:F0:87:D5:4F:93:36:2B:07:5D:9F:D4:29:89:49:E4:88:AC:53
X509v3 Authority Key Identifier:
keyid:5E:A1:65:3E:17:7A:A2:95:54:00:80:5C:8C:75:BD:0D:68:58:3A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqFlPhd6opVUAIBcjHW9DWhYOvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/_HPwh9VPkzYrB12f1CmJSeSIrFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a4af15-7fdd-45a4-a172-1df8fa20fa9e/1/XqFlPhd6opVUAIBcjHW9DWhYOvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.64.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:12:fb:9c:11:70:c1:58:c8:fb:56:0f:e7:d6:92:43:31:36:
d5:8d:d9:59:4c:80:ab:61:7a:3f:23:c6:bc:28:1a:a6:5c:d8:
ce:02:7d:4a:0e:0b:b9:a2:54:ca:09:2b:53:ce:f8:f3:b1:06:
cc:50:b6:23:7a:e9:34:6e:dd:aa:76:e3:cd:ab:37:8d:19:75:
bb:e9:72:0d:88:c8:79:ba:51:51:9d:5d:21:d1:8e:fe:b9:de:
d2:1e:40:b6:56:46:ea:da:8f:58:27:29:a5:ef:7d:1a:f5:b4:
7e:38:34:bb:ad:05:aa:bb:5a:d9:71:9b:f4:28:4e:29:80:75:
2a:b7:05:62:ba:4b:c7:2d:84:31:2d:20:87:04:73:18:e9:60:
71:9e:e4:e9:32:06:30:92:d5:45:69:e0:62:c7:7b:df:eb:46:
38:52:e3:44:fd:bd:a5:2c:7f:4b:82:ec:14:1a:36:a6:94:48:
36:f7:65:30:9e:4b:b6:8f:12:e6:9f:88:20:d2:37:da:1b:04:
9f:5e:97:fb:9a:36:5c:fe:76:b2:40:81:89:18:b0:0d:62:5a:
9f:a6:eb:55:80:0d:b3:4a:fc:15:3b:55:18:e7:4e:81:f2:5e:
6b:c9:da:39:36:57:d4:aa:d4:c4:82:91:c1:9a:8d:11:26:54:
c9:c5:63:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR/8wZljm4fP6/XLFgcZcEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTE2NTNlMTc3YWEyOTU1NDAwODA1YzhjNzViZDBkNjg1
ODNhZmMwHhcNMjIxMTE2MTAxOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzczZjA4N2Q1NGY5MzM2MmIwNzVkOWZkNDI5ODk0OWU0ODhhYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprHLW6Gf15nkDhM4TWglRpgPY130
e17G80slud0foPLPVW6KLdnKmuOcS7tnGqFcwevemkxYmsYDfSDnI5bM6tcUfwl6
SWr2vyfUxTugyrpf6S7Ozf7oQ0dZz8q8Y0gQdy0u40nIonKHTIs210GRx7dvxOYo
N4dkiQV4htfzKBSSUzkJc/A1dgJnkiIoaj+F8SZnt16OhoLTs1oYUi/zbr95wvjL
Gz8aGaQiVdrLWlorjWIgxZ9JtsNKltSWyXkTL2GIMwaXLMM1KC2EzwVYMDbtDkNS
9zZFIh67mzvbN/mlg3rlcXsuk+ERvr9nWbnmBazMgEnxPn1tiW89GclEVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxz8IfVT5M2Kwddn9QpiUnkiKxTMB8GA1UdIwQY
MBaAFF6hZT4XeqKVVACAXIx1vQ1oWDr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFGbFBoZDZvcFZVQUlCY2pIVzlEV2hZT3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hNGFmMTUtN2ZkZC00NWE0LWExNzIt
MWRmOGZhMjBmYTllLzEvX0hQd2g5VlBrellyQjEyZjFDbUpTZVNJckZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hNGFmMTUtN2ZkZC00NWE0LWExNzItMWRmOGZhMjBmYTll
LzEvWHFGbFBoZDZvcFZVQUlCY2pIVzlEV2hZT3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuedAMA0G
CSqGSIb3DQEBCwUAA4IBAQAdEvucEXDBWMj7Vg/n1pJDMTbVjdlZTICrYXo/I8a8
KBqmXNjOAn1KDgu5olTKCStTzvjzsQbMULYjeuk0bt2qduPNqzeNGXW76XINiMh5
ulFRnV0h0Y7+ud7SHkC2Vkbq2o9YJyml730a9bR+ODS7rQWqu1rZcZv0KE4pgHUq
twViukvHLYQxLSCHBHMY6WBxnuTpMgYwktVFaeBix3vf60Y4UuNE/b2lLH9LguwU
GjamlEg292Uwnku2jxLmn4gg0jfaGwSfXpf7mjZc/nayQIGJGLANYlqfputVgA2z
SvwVO1UY506B8l5rydo5NlfUqtTEgpHBmo0RJlTJxWNE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:56 2025 by rpki-client