Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/NOEcuppt6uQV2bRpJ-Rnr5mGxFI.roa
File: NOEcuppt6uQV2bRpJ-Rnr5mGxFI.roa (raw, json)
Hash identifier: /riDfSGfjKtZNd9X61EShxSlLtcTHmONbXP9juWn8SE=
Subject key identifier: 34:E1:1C:BA:9A:6D:EA:E4:15:D9:B4:69:27:E4:67:AF:99:86:C4:52
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 01856FD4F6FB8F08EE40F53B7FBDBFCE94CE
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/NOEcuppt6uQV2bRpJ-Rnr5mGxFI.roa
Signing time: Mon 02 Jan 2023 00:15:05 +0000
ROA not before: Mon 02 Jan 2023 00:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42926
IP address blocks: 185.220.58.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f6:fb:8f:08:ee:40:f5:3b:7f:bd:bf:ce:94:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Jan 2 00:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34e11cba9a6deae415d9b46927e467af9986c452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5e:32:65:48:de:3d:d2:d9:5e:8e:c8:e2:5b:
46:23:43:e7:2c:66:28:87:52:11:22:4e:49:04:62:
fc:59:ae:59:49:39:59:86:68:67:1d:12:b0:40:d1:
de:79:60:e2:06:32:ce:68:46:bd:78:44:89:a9:8a:
24:29:7b:b1:a7:99:57:3e:d4:6f:0b:12:81:fb:0d:
1d:ea:27:99:d5:85:f0:4a:09:b7:63:e3:9a:56:e0:
12:0f:57:b8:46:7e:c5:47:15:9b:55:3d:81:f6:f0:
26:f6:8b:9a:06:5a:6c:db:45:d4:aa:e0:4e:5a:cb:
ae:b3:2f:b3:c5:16:fe:d8:d8:91:30:f9:ec:dc:8c:
4a:e3:3e:47:9a:f4:c8:ba:f6:f9:45:8a:a4:e9:27:
0d:a9:69:a2:84:b3:88:5c:12:1b:8a:16:fa:d0:a6:
c4:34:1f:59:f1:8b:77:a4:28:d6:af:fb:30:52:7c:
06:b7:b1:67:fc:8f:5b:a7:00:54:25:b2:9a:5f:64:
15:49:71:ec:92:a7:d0:50:b1:7d:2c:d7:52:87:8a:
b3:f8:05:36:0b:20:33:b2:d5:55:71:90:27:b6:93:
39:23:97:de:8a:4e:22:f4:fc:d7:90:fc:b4:1c:7e:
77:d7:51:05:d4:60:c8:56:a3:90:8c:f3:7d:0f:51:
78:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E1:1C:BA:9A:6D:EA:E4:15:D9:B4:69:27:E4:67:AF:99:86:C4:52
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/NOEcuppt6uQV2bRpJ-Rnr5mGxFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.58.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:23:f0:15:97:38:d3:f1:3d:56:aa:e7:7b:99:67:4c:5b:a0:
bb:85:70:52:db:23:b6:30:81:ac:10:86:01:04:b0:b2:a5:52:
9a:30:6d:32:bd:f4:46:08:8e:55:63:69:32:ec:c8:4c:a8:ea:
56:91:ee:b3:a7:5e:1d:36:80:d3:26:b0:90:4e:c3:2f:ff:81:
64:a2:d4:c4:99:97:e5:2d:fe:84:53:6f:5f:e6:2e:5f:16:1a:
93:6c:28:2a:4f:cc:f2:fe:de:2c:21:45:c3:c0:31:d0:40:40:
8a:5b:83:2a:a1:c1:1e:6c:f5:18:87:ff:6e:73:05:41:31:bf:
ec:63:2a:55:f2:af:2e:6f:d3:0c:1c:76:fa:79:75:fd:bb:ea:
45:1c:47:42:ed:91:40:4b:ef:69:fa:ea:38:c2:57:9d:da:8a:
be:f7:f1:22:dc:ea:05:e7:b2:ab:13:04:18:b9:9c:cd:92:e3:
9e:68:54:bc:40:13:56:f9:93:db:e7:6c:70:e3:7b:13:7d:fa:
a1:b5:66:61:23:7f:7d:86:64:b8:b7:62:bc:e2:8b:87:26:b0:
89:59:25:b1:0e:15:99:c0:af:3d:ad:69:63:d1:7b:25:82:6d:
a0:4e:65:f7:ff:b8:bf:d6:69:8b:c0:62:ca:22:17:e7:64:fc:
09:7e:cd:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Pb7jwjuQPU7f72/zpTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjMwMTAyMDAxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGUxMWNiYTlhNmRlYWU0MTVkOWI0NjkyN2U0NjdhZjk5ODZjNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF4yZUjePdLZXo7I4ltGI0PnLGYo
h1IRIk5JBGL8Wa5ZSTlZhmhnHRKwQNHeeWDiBjLOaEa9eESJqYokKXuxp5lXPtRv
CxKB+w0d6ieZ1YXwSgm3Y+OaVuASD1e4Rn7FRxWbVT2B9vAm9ouaBlps20XUquBO
Wsuusy+zxRb+2NiRMPns3IxK4z5HmvTIuvb5RYqk6ScNqWmihLOIXBIbihb60KbE
NB9Z8Yt3pCjWr/swUnwGt7Fn/I9bpwBUJbKaX2QVSXHskqfQULF9LNdSh4qz+AU2
CyAzstVVcZAntpM5I5feik4i9PzXkPy0HH5311EF1GDIVqOQjPN9D1F4/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDThHLqaberkFdm0aSfkZ6+ZhsRSMB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvTk9FY3VwcHQ2dVFWMmJScEotUm5yNW1HeEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudw6MA0G
CSqGSIb3DQEBCwUAA4IBAQBdI/AVlzjT8T1Wqud7mWdMW6C7hXBS2yO2MIGsEIYB
BLCypVKaMG0yvfRGCI5VY2ky7MhMqOpWke6zp14dNoDTJrCQTsMv/4FkotTEmZfl
Lf6EU29f5i5fFhqTbCgqT8zy/t4sIUXDwDHQQECKW4MqocEebPUYh/9ucwVBMb/s
YypV8q8ub9MMHHb6eXX9u+pFHEdC7ZFAS+9p+uo4wled2oq+9/Ei3OoF57KrEwQY
uZzNkuOeaFS8QBNW+ZPb52xw43sTffqhtWZhI399hmS4t2K84ouHJrCJWSWxDhWZ
wK89rWlj0Xslgm2gTmX3/7i/1mmLwGLKIhfnZPwJfs1P
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:52 2025 by rpki-client