Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/p2ZJOfqVotTPEvl5fb53bNOwOv0.roa
File: p2ZJOfqVotTPEvl5fb53bNOwOv0.roa (raw, json)
Hash identifier: IIUUcpKwAajgj6BvlyGJDP+xUqKkFNICpaOu0jZEJu4=
Subject key identifier: A7:66:49:39:FA:95:A2:D4:CF:12:F9:79:7D:BE:77:6C:D3:B0:3A:FD
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 01854E0536BF81327671BA4FCAB747437222
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/p2ZJOfqVotTPEvl5fb53bNOwOv0.roa
Signing time: Mon 26 Dec 2022 10:40:42 +0000
ROA not before: Mon 26 Dec 2022 10:40:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56902
IP address blocks: 185.87.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4e:05:36:bf:81:32:76:71:ba:4f:ca:b7:47:43:72:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Dec 26 10:40:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7664939fa95a2d4cf12f9797dbe776cd3b03afd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:23:de:bc:a8:29:95:cc:ff:92:37:74:ff:71:
6c:d6:1b:8e:38:e7:30:a4:61:04:65:1b:b1:9b:f9:
d0:89:5c:5e:89:d3:15:af:88:ad:e2:4a:b3:a0:44:
b9:6b:6f:86:fa:51:00:25:5a:49:e5:f4:e2:85:43:
58:61:a6:ee:ab:84:14:e2:72:a7:7f:55:ae:0b:58:
17:7d:9c:ad:c4:64:73:d9:7f:2a:ae:6f:4c:65:b6:
e2:6d:07:99:15:0c:3d:09:55:98:28:9f:24:07:88:
16:f0:78:a7:94:64:a0:78:ff:b7:3d:71:19:10:c8:
70:fb:d8:93:ea:31:7d:48:e1:97:5b:51:17:2a:ab:
26:41:5b:48:f6:23:c2:d4:b5:21:50:53:ef:bc:03:
32:52:aa:0c:1e:93:53:90:26:d3:c4:b9:a5:3e:1c:
90:1d:b4:98:ac:95:ae:37:e4:28:8f:f3:24:71:06:
82:18:54:67:5f:c7:62:8f:58:56:da:eb:a8:55:0e:
09:1c:e7:35:be:f0:69:a8:d1:21:3b:ed:54:5b:65:
04:61:f7:2d:75:5a:4b:26:25:33:75:bc:eb:3e:dc:
fc:65:e1:08:f0:a1:b2:aa:81:56:9e:6a:e1:aa:cc:
3b:c5:65:d2:3e:a5:71:87:b5:b2:cb:84:7e:9d:0f:
fd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:66:49:39:FA:95:A2:D4:CF:12:F9:79:7D:BE:77:6C:D3:B0:3A:FD
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/p2ZJOfqVotTPEvl5fb53bNOwOv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.171.0/24
Signature Algorithm: sha256WithRSAEncryption
87:86:18:2b:04:c5:8a:7f:d4:3c:bb:c4:97:7a:a3:76:a0:59:
8e:4c:24:23:88:ae:ca:0e:5f:eb:06:de:fe:42:ab:3a:ab:8c:
05:15:11:29:21:33:69:32:6a:db:ec:5b:3a:93:6d:79:26:23:
55:7b:3d:c0:ef:db:0e:0a:aa:c4:5b:23:6a:e9:bb:10:e0:a0:
06:dc:a2:2c:4e:14:e6:50:28:93:78:98:09:15:8b:26:8e:93:
4c:4e:ce:b1:08:d5:be:df:67:1b:c6:c5:ac:e6:df:38:1e:2f:
a5:cc:a3:86:99:c2:ef:f7:81:fd:7d:39:6c:b7:0a:90:ee:19:
a6:1a:83:05:4a:8c:82:d3:f4:89:2d:4a:4d:4d:d1:c9:fd:08:
68:95:88:1d:de:19:54:a8:39:a3:54:b0:71:bc:0a:b9:58:6a:
b4:0e:ad:e7:ed:6c:e6:65:b0:72:e8:e1:7b:3e:6f:bb:e5:75:
7f:08:1a:2b:4a:61:bd:b9:c0:44:74:ec:b6:f9:be:39:5f:4c:
13:37:08:bd:40:a4:f0:23:1a:ce:94:13:fc:02:12:f9:aa:0d:
2d:78:d0:d3:ce:e1:75:a9:96:ee:b7:4d:15:87:f1:77:21:64:
19:5a:e7:3c:13:91:e3:e1:97:7e:0b:36:13:8c:d8:69:3c:ef:
32:a8:9f:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVOBTa/gTJ2cbpPyrdHQ3IiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmI3ZmVhOGFkMzUxMTFjYTY4N2E5Y2QwMGE0OWY5YTRm
MDQ1OWIwHhcNMjIxMjI2MTA0MDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzY2NDkzOWZhOTVhMmQ0Y2YxMmY5Nzk3ZGJlNzc2Y2QzYjAzYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyPevKgplcz/kjd0/3Fs1huOOOcw
pGEEZRuxm/nQiVxeidMVr4it4kqzoES5a2+G+lEAJVpJ5fTihUNYYabuq4QU4nKn
f1WuC1gXfZytxGRz2X8qrm9MZbbibQeZFQw9CVWYKJ8kB4gW8HinlGSgeP+3PXEZ
EMhw+9iT6jF9SOGXW1EXKqsmQVtI9iPC1LUhUFPvvAMyUqoMHpNTkCbTxLmlPhyQ
HbSYrJWuN+Qoj/MkcQaCGFRnX8dij1hW2uuoVQ4JHOc1vvBpqNEhO+1UW2UEYfct
dVpLJiUzdbzrPtz8ZeEI8KGyqoFWnmrhqsw7xWXSPqVxh7Wyy4R+nQ/96QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdmSTn6laLUzxL5eX2+d2zTsDr9MB8GA1UdIwQY
MBaAFHBrf+qK01ERymh6nNAKSfmk8EWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4Mjct
MjYwYzM3N2EzMTRhLzEvcDJaSk9mcVZvdFRQRXZsNWZiNTNiTk93T3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4MjctMjYwYzM3N2EzMTRh
LzEvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVerMA0G
CSqGSIb3DQEBCwUAA4IBAQCHhhgrBMWKf9Q8u8SXeqN2oFmOTCQjiK7KDl/rBt7+
Qqs6q4wFFREpITNpMmrb7Fs6k215JiNVez3A79sOCqrEWyNq6bsQ4KAG3KIsThTm
UCiTeJgJFYsmjpNMTs6xCNW+32cbxsWs5t84Hi+lzKOGmcLv94H9fTlstwqQ7hmm
GoMFSoyC0/SJLUpNTdHJ/QholYgd3hlUqDmjVLBxvAq5WGq0Dq3n7WzmZbBy6OF7
Pm+75XV/CBorSmG9ucBEdOy2+b45X0wTNwi9QKTwIxrOlBP8AhL5qg0teNDTzuF1
qZbut00Vh/F3IWQZWuc8E5Hj4Zd+CzYTjNhpPO8yqJ9J
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:56 2025 by rpki-client