Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/cX4N2UuRQwIsujXS7pdffzxpQRI.roa
File: cX4N2UuRQwIsujXS7pdffzxpQRI.roa (raw, json)
Hash identifier: Ax0ERKfv55MvfPfyq+/MrVo157jylvcZxnTLS4TZAWo=
Subject key identifier: 71:7E:0D:D9:4B:91:43:02:2C:BA:35:D2:EE:97:5F:7F:3C:69:41:12
Certificate issuer: /CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Certificate serial: 01856D9D0EFB2A9C96EA0B2FBB068264933E
Authority key identifier: B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/cX4N2UuRQwIsujXS7pdffzxpQRI.roa
Signing time: Sun 01 Jan 2023 13:54:47 +0000
ROA not before: Sun 01 Jan 2023 13:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202835
IP address blocks: 185.149.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:0e:fb:2a:9c:96:ea:0b:2f:bb:06:82:64:93:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Validity
Not Before: Jan 1 13:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=717e0dd94b9143022cba35d2ee975f7f3c694112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e7:ba:6a:b1:89:4e:fe:e2:ac:3d:ef:7a:8c:
85:32:e4:b3:df:1d:40:30:d7:0e:16:be:cc:c9:11:
93:cc:b4:d0:9e:df:8e:13:38:b1:e7:fa:3b:cf:f4:
bb:93:4c:07:c2:e4:35:f3:48:84:33:12:b1:02:37:
0f:7b:6c:57:6b:21:40:2a:17:de:c5:ab:a5:fb:3e:
83:22:1b:ad:52:8e:e4:78:07:39:78:81:6c:65:5f:
0f:0e:29:c4:5b:64:68:09:73:b2:b2:97:17:b4:a2:
7b:35:cb:08:ca:75:64:a8:04:a4:9c:da:4b:f8:e5:
9c:6f:df:76:23:a8:f2:9e:a2:e6:a9:65:9b:12:2f:
a1:1a:f2:23:9e:b4:b3:b9:44:78:ee:55:8b:09:11:
0b:84:f3:ff:1e:3b:6c:ac:1b:dc:07:77:f6:26:ff:
ed:a4:b5:38:f4:96:80:7c:bb:6e:4a:3b:26:fe:9f:
e8:e8:26:9d:fb:d3:53:6a:0c:de:da:2d:8b:d3:8a:
34:ca:4f:21:4d:ee:33:2d:6b:94:23:bd:c3:db:e2:
60:4b:62:f5:77:22:ed:b4:1f:a5:11:7e:d4:d8:04:
f7:d0:8f:ab:2c:43:90:bb:db:46:71:66:b6:d4:a4:
d5:b2:51:e5:da:54:48:43:19:5d:cf:ac:9e:83:8b:
17:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7E:0D:D9:4B:91:43:02:2C:BA:35:D2:EE:97:5F:7F:3C:69:41:12
X509v3 Authority Key Identifier:
keyid:B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/cX4N2UuRQwIsujXS7pdffzxpQRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
72:82:e3:a5:19:d0:cb:a2:a3:85:92:eb:81:88:32:f0:30:a8:
21:d1:79:7e:03:e6:2d:1d:0c:78:9b:bc:8d:ff:37:4e:87:0a:
7b:3b:50:28:d9:5f:9f:04:51:77:8e:fc:8e:4c:c1:cf:86:32:
7f:10:56:1d:56:e9:6f:06:07:42:04:7a:93:70:c1:73:6f:b7:
c3:41:2a:1f:d2:81:31:25:9c:93:79:53:7f:bd:12:72:eb:a5:
fc:e3:9e:06:f2:bb:b9:e7:88:94:c0:61:dc:78:11:cb:c8:22:
f3:ef:00:44:69:4a:9d:92:68:3a:b0:0f:ae:85:4a:26:e3:f6:
ff:e4:3f:7d:2a:8f:6d:75:6f:22:da:17:82:8a:6f:c4:fb:cb:
fa:19:81:61:54:ef:fd:0a:3f:0d:89:5c:af:f0:4e:08:31:b0:
ff:45:a7:a3:94:f3:87:d4:6c:af:32:78:fe:0e:c8:bf:8a:b5:
65:b4:b5:dc:64:4d:74:a6:bf:cc:ed:42:ae:96:9c:02:de:0a:
9f:c3:3a:09:c0:bc:fe:a0:1e:5d:65:ef:f9:d7:6d:cc:1b:7b:
8b:49:b3:8e:7b:05:b5:fa:e7:c2:f6:df:c1:a3:10:91:cd:9c:
6b:db:85:d4:4a:e5:c3:4d:a4:af:1d:13:7b:ae:c8:16:7f:f5:
7f:14:2f:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnQ77KpyW6gsvuwaCZJM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OGQxZjZlMzM2YTdjODEzNTE5NDFiYzBiOWRlYTM5ZDdk
NzY0ZGIwHhcNMjMwMTAxMTM1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTdlMGRkOTRiOTE0MzAyMmNiYTM1ZDJlZTk3NWY3ZjNjNjk0MTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyue6arGJTv7irD3veoyFMuSz3x1A
MNcOFr7MyRGTzLTQnt+OEzix5/o7z/S7k0wHwuQ180iEMxKxAjcPe2xXayFAKhfe
xaul+z6DIhutUo7keAc5eIFsZV8PDinEW2RoCXOyspcXtKJ7NcsIynVkqASknNpL
+OWcb992I6jynqLmqWWbEi+hGvIjnrSzuUR47lWLCRELhPP/HjtsrBvcB3f2Jv/t
pLU49JaAfLtuSjsm/p/o6Cad+9NTagze2i2L04o0yk8hTe4zLWuUI73D2+JgS2L1
dyLttB+lEX7U2AT30I+rLEOQu9tGcWa21KTVslHl2lRIQxldz6yeg4sX5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHF+DdlLkUMCLLo10u6XX388aUESMB8GA1UdIwQY
MBaAFLmNH24zanyBNRlBvAud6jnX12TbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAt
MDM4NTdlZjViMzg3LzEvY1g0TjJVdVJRd0lzdWpYUzdwZGZmenhwUVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAtMDM4NTdlZjViMzg3
LzEvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZV/MA0G
CSqGSIb3DQEBCwUAA4IBAQByguOlGdDLoqOFkuuBiDLwMKgh0Xl+A+YtHQx4m7yN
/zdOhwp7O1Ao2V+fBFF3jvyOTMHPhjJ/EFYdVulvBgdCBHqTcMFzb7fDQSof0oEx
JZyTeVN/vRJy66X8454G8ru554iUwGHceBHLyCLz7wBEaUqdkmg6sA+uhUom4/b/
5D99Ko9tdW8i2heCim/E+8v6GYFhVO/9Cj8NiVyv8E4IMbD/RaejlPOH1GyvMnj+
Dsi/irVltLXcZE10pr/M7UKulpwC3gqfwzoJwLz+oB5dZe/5123MG3uLSbOOewW1
+ufC9t/BoxCRzZxr24XUSuXDTaSvHRN7rsgWf/V/FC8v
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:14 2025 by rpki-client