Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c41f77-b6a2-4494-a074-4fae84fa158e/1/rvICrlM5ScOCf3t56vaEBfe9QrI.roa
File: rvICrlM5ScOCf3t56vaEBfe9QrI.roa (raw, json)
Hash identifier: feo6aInTCGca61xR5auJTqoIPemtKEN5BmF8X5RnOMQ=
Subject key identifier: AE:F2:02:AE:53:39:49:C3:82:7F:7B:79:EA:F6:84:05:F7:BD:42:B2
Certificate issuer: /CN=7d2a01224b1da86480cfecbcb6c52df9812968e8
Certificate serial: 011679D4
Authority key identifier: 7D:2A:01:22:4B:1D:A8:64:80:CF:EC:BC:B6:C5:2D:F9:81:29:68:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fSoBIksdqGSAz-y8tsUt-YEpaOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/c41f77-b6a2-4494-a074-4fae84fa158e/1/rvICrlM5ScOCf3t56vaEBfe9QrI.roa
Signing time: Sat 01 Jan 2022 08:57:05 +0000
ROA not before: Sat 01 Jan 2022 08:57:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43023
IP address blocks: 185.187.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18250196 (0x11679d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2a01224b1da86480cfecbcb6c52df9812968e8
Validity
Not Before: Jan 1 08:57:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aef202ae533949c3827f7b79eaf68405f7bd42b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9d:08:e7:93:8c:0d:d5:92:a3:bf:62:65:78:
80:df:5f:2a:9e:37:1e:68:23:b0:3a:db:78:02:d3:
31:36:61:fb:b7:d2:08:ab:10:d2:55:d5:6b:e5:16:
18:f5:e2:8e:bb:62:06:02:3c:8e:33:e5:16:d0:4b:
f3:c5:1e:72:8b:bf:cb:35:a8:48:ab:00:cd:24:52:
0d:49:a3:fd:53:3c:30:37:9d:1b:f7:71:25:c1:d3:
3f:37:a5:32:7f:2e:ad:76:4b:b4:5a:ac:53:50:3c:
b8:56:18:6d:1d:fc:5d:8b:5b:8d:d7:5a:f5:e3:20:
cc:7d:5e:f1:f4:ef:05:bd:18:fa:d5:f0:46:2d:f2:
64:3f:d4:ef:f3:41:ed:0e:1e:8a:d5:c0:f1:05:ac:
3d:6e:4f:a3:ef:ee:30:b3:8b:7a:55:9f:04:26:a9:
93:fc:b1:96:4f:12:3b:3a:0f:65:26:3f:26:73:d4:
7a:57:28:6c:a3:e2:11:c1:78:5a:13:b5:9b:fe:14:
a6:d8:74:ab:4c:cb:9a:16:92:e2:c7:3f:83:ba:66:
c6:b4:52:9b:a6:68:18:2d:9a:d9:2f:e7:eb:1e:73:
99:d6:74:62:f4:ac:e8:d3:13:3a:0e:b2:7e:67:a5:
62:f4:ab:51:c7:bd:6d:60:7b:9c:da:1a:4c:d2:1c:
e3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F2:02:AE:53:39:49:C3:82:7F:7B:79:EA:F6:84:05:F7:BD:42:B2
X509v3 Authority Key Identifier:
keyid:7D:2A:01:22:4B:1D:A8:64:80:CF:EC:BC:B6:C5:2D:F9:81:29:68:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fSoBIksdqGSAz-y8tsUt-YEpaOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c41f77-b6a2-4494-a074-4fae84fa158e/1/rvICrlM5ScOCf3t56vaEBfe9QrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c41f77-b6a2-4494-a074-4fae84fa158e/1/fSoBIksdqGSAz-y8tsUt-YEpaOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.138.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f1:0e:4d:f5:75:06:2f:5b:02:5b:81:94:96:7e:6b:04:79:
2c:0b:0a:44:cb:a7:98:a6:49:dc:13:ae:1b:4c:db:a4:5c:2f:
b0:da:3f:be:1d:99:94:c7:c3:8f:cc:98:a9:3f:d2:d3:4b:9a:
42:79:ba:a6:08:f4:d7:a2:ef:8e:7a:26:4c:a7:ef:16:ba:61:
28:09:6f:88:60:2a:bf:17:b2:c3:54:ef:66:04:b1:92:9d:7c:
25:aa:3a:e0:42:67:d0:2a:e7:73:26:d7:e0:d2:29:af:4d:73:
c1:71:67:4b:d1:c8:b8:52:16:c6:53:44:74:66:80:67:93:d7:
42:53:9b:98:a8:19:3c:5e:ab:21:e0:4f:46:0b:2f:63:50:8e:
22:cf:db:49:ea:d8:f0:9b:3d:93:be:b2:00:43:57:43:0e:49:
1a:dc:79:d3:a0:27:60:4b:fb:23:d3:88:d7:2e:a3:0a:61:d7:
66:b2:d6:99:07:47:02:06:20:6b:1f:7e:57:06:66:99:f5:14:
c1:f1:31:66:61:6e:1b:7d:39:83:de:17:34:5b:41:71:64:db:
d2:4f:fa:eb:12:40:d5:da:ba:87:c0:a6:ef:d8:0d:c7:65:4e:
48:09:63:42:2e:93:c3:b7:47:3a:d9:db:07:51:d6:b6:74:f8:
5d:11:aa:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARZ51DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDJhMDEyMjRiMWRhODY0ODBjZmVjYmNiNmM1MmRmOTgxMjk2OGU4MB4XDTIyMDEw
MTA4NTcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVmMjAyYWU1MzM5
NDljMzgyN2Y3Yjc5ZWFmNjg0MDVmN2JkNDJiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKudCOeTjA3VkqO/YmV4gN9fKp43HmgjsDrbeALTMTZh+7fS
CKsQ0lXVa+UWGPXijrtiBgI8jjPlFtBL88Uecou/yzWoSKsAzSRSDUmj/VM8MDed
G/dxJcHTPzelMn8urXZLtFqsU1A8uFYYbR38XYtbjdda9eMgzH1e8fTvBb0Y+tXw
Ri3yZD/U7/NB7Q4eitXA8QWsPW5Po+/uMLOLelWfBCapk/yxlk8SOzoPZSY/JnPU
elcobKPiEcF4WhO1m/4Upth0q0zLmhaS4sc/g7pmxrRSm6ZoGC2a2S/n6x5zmdZ0
YvSs6NMTOg6yfmelYvSrUce9bWB7nNoaTNIc47kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSu8gKuUzlJw4J/e3nq9oQF971CsjAfBgNVHSMEGDAWgBR9KgEiSx2oZIDP
7Ly2xS35gSlo6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZTb0JJa3NkcUdTQXoteTh0c1V0LVlFcGFPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvYzQxZjc3LWI2YTItNDQ5NC1hMDc0LTRmYWU4NGZhMTU4ZS8x
L3J2SUNybE01U2NPQ2YzdDU2dmFFQmZlOVFySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
YzQxZjc3LWI2YTItNDQ5NC1hMDc0LTRmYWU4NGZhMTU4ZS8xL2ZTb0JJa3NkcUdT
QXoteTh0c1V0LVlFcGFPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm7ijANBgkqhkiG9w0BAQsFAAOC
AQEArfEOTfV1Bi9bAluBlJZ+awR5LAsKRMunmKZJ3BOuG0zbpFwvsNo/vh2ZlMfD
j8yYqT/S00uaQnm6pgj016LvjnomTKfvFrphKAlviGAqvxeyw1TvZgSxkp18Jao6
4EJn0CrncybX4NIpr01zwXFnS9HIuFIWxlNEdGaAZ5PXQlObmKgZPF6rIeBPRgsv
Y1COIs/bSerY8Js9k76yAENXQw5JGtx506AnYEv7I9OI1y6jCmHXZrLWmQdHAgYg
ax9+VwZmmfUUwfExZmFuG305g94XNFtBcWTb0k/66xJA1dq6h8Cm79gNx2VOSAlj
Qi6Tw7dHOtnbB1HWtnT4XRGqHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:20 2025 by rpki-client