Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4a164e-1e58-4105-bed1-407af89ad8e9/1/EJ05uE7FyRRjKuGXb-Z9tdnI9xg.roa
File: EJ05uE7FyRRjKuGXb-Z9tdnI9xg.roa (raw, json)
Hash identifier: V7DSstFDoCKxqL442qfRjVHGGb9pWpOzqnjp/HCte4c=
Subject key identifier: 10:9D:39:B8:4E:C5:C9:14:63:2A:E1:97:6F:E6:7D:B5:D9:C8:F7:18
Certificate issuer: /CN=137f23944e3d78da920055d72c74d02be5455f35
Certificate serial: 0553F4D1
Authority key identifier: 13:7F:23:94:4E:3D:78:DA:92:00:55:D7:2C:74:D0:2B:E5:45:5F:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38jlE49eNqSAFXXLHTQK-VFXzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/4a164e-1e58-4105-bed1-407af89ad8e9/1/EJ05uE7FyRRjKuGXb-Z9tdnI9xg.roa
Signing time: Sat 01 Jan 2022 00:55:08 +0000
ROA not before: Sat 01 Jan 2022 00:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58744
IP address blocks: 185.252.253.0/24 maxlen: 24
185.252.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89388241 (0x553f4d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f23944e3d78da920055d72c74d02be5455f35
Validity
Not Before: Jan 1 00:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=109d39b84ec5c914632ae1976fe67db5d9c8f718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fb:42:e0:21:e6:9c:3c:54:3a:3a:43:6b:f3:
d8:86:91:00:29:af:51:ea:c8:b8:ad:9d:17:44:5e:
b4:d1:1e:d6:c4:71:0c:ac:03:17:2f:d3:41:3c:0f:
89:e1:94:f2:eb:10:0b:20:a2:c0:f8:aa:60:64:d2:
21:47:aa:19:a9:e8:75:40:e7:db:c2:cf:fe:fc:dd:
dc:71:9e:47:0c:9e:7f:95:9c:1c:1e:f3:b3:dd:f3:
66:01:55:9e:14:c4:86:80:cd:81:7d:d2:65:cb:1a:
d7:ef:fc:82:da:1f:07:fa:8a:d0:eb:bd:f1:d5:a1:
63:02:c8:f8:d6:26:f0:c4:89:98:74:08:34:c4:11:
2d:d5:fe:47:e0:fe:a0:6e:36:64:db:6d:6a:18:d7:
00:3e:ba:cd:e3:f7:5f:08:80:28:7a:52:19:44:f9:
9c:3d:a2:67:6f:98:20:21:ad:08:5e:0b:61:47:0b:
72:8d:c3:4d:3e:96:a3:04:a3:34:7f:4b:a7:7b:83:
bd:cf:59:05:83:5d:33:01:d4:27:01:48:2c:ba:72:
8f:35:a2:7e:c1:ea:47:72:7e:c5:6c:0c:87:17:6d:
b7:e7:6b:0b:67:36:fb:fb:d4:c0:8f:31:e5:08:df:
7a:95:3e:50:e9:7d:73:ca:e3:91:23:03:89:94:7d:
c2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9D:39:B8:4E:C5:C9:14:63:2A:E1:97:6F:E6:7D:B5:D9:C8:F7:18
X509v3 Authority Key Identifier:
keyid:13:7F:23:94:4E:3D:78:DA:92:00:55:D7:2C:74:D0:2B:E5:45:5F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38jlE49eNqSAFXXLHTQK-VFXzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4a164e-1e58-4105-bed1-407af89ad8e9/1/EJ05uE7FyRRjKuGXb-Z9tdnI9xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4a164e-1e58-4105-bed1-407af89ad8e9/1/E38jlE49eNqSAFXXLHTQK-VFXzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.252.0/23
Signature Algorithm: sha256WithRSAEncryption
46:93:1e:7a:b6:a7:cb:b1:16:19:04:fb:2b:bb:84:95:2b:15:
07:34:83:a4:e5:0f:97:a2:09:fa:b1:11:1f:07:d0:e4:10:cb:
da:2d:42:6a:4b:8b:77:1e:6e:55:25:dc:77:d6:a2:8c:c3:1c:
8b:2a:a4:23:b1:5e:39:13:56:0b:d6:7d:95:3d:0a:0d:f5:ac:
8f:0f:38:b5:14:5b:32:97:d8:96:39:d8:4f:d5:ca:3b:7b:c6:
44:0c:bb:a7:90:80:3e:78:97:6e:eb:22:2e:9f:49:cd:63:09:
9d:4f:8e:2b:4b:81:3b:82:a3:20:03:58:3e:c9:25:3e:d4:f7:
33:68:a1:e7:9a:25:be:e4:8b:4d:71:03:9b:ea:f7:72:a0:4c:
2a:43:35:e7:30:e0:ec:39:62:a1:ae:a9:23:d6:0e:cf:ca:2f:
52:35:32:81:02:d8:13:82:d6:4c:4f:ad:b8:55:e8:fb:9d:13:
a4:e8:ed:7f:7d:ab:50:6d:a5:85:2f:3a:83:68:70:62:09:ad:
e1:22:5c:9c:e7:e9:60:2b:17:58:fa:11:7f:54:8a:91:da:d6:
4b:22:f4:e8:ac:86:a4:ad:ec:24:5b:b6:c9:5f:e7:cd:95:27:
1c:54:f4:32:8d:7b:36:f3:1b:e9:28:44:54:f5:a7:fb:32:e1:
bf:fd:85:49
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBVP00TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzdmMjM5NDRlM2Q3OGRhOTIwMDU1ZDcyYzc0ZDAyYmU1NDU1ZjM1MB4XDTIyMDEw
MTAwNTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTA5ZDM5Yjg0ZWM1
YzkxNDYzMmFlMTk3NmZlNjdkYjVkOWM4ZjcxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAML7QuAh5pw8VDo6Q2vz2IaRACmvUerIuK2dF0RetNEe1sRx
DKwDFy/TQTwPieGU8usQCyCiwPiqYGTSIUeqGanodUDn28LP/vzd3HGeRwyef5Wc
HB7zs93zZgFVnhTEhoDNgX3SZcsa1+/8gtofB/qK0Ou98dWhYwLI+NYm8MSJmHQI
NMQRLdX+R+D+oG42ZNttahjXAD66zeP3XwiAKHpSGUT5nD2iZ2+YICGtCF4LYUcL
co3DTT6WowSjNH9Lp3uDvc9ZBYNdMwHUJwFILLpyjzWifsHqR3J+xWwMhxdtt+dr
C2c2+/vUwI8x5QjfepU+UOl9c8rjkSMDiZR9wp0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQQnTm4TsXJFGMq4Zdv5n212cj3GDAfBgNVHSMEGDAWgBQTfyOUTj142pIA
VdcsdNAr5UVfNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0UzOGpsRTQ5ZU5xU0FGWFhMSFRRSy1WRlh6VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNGExNjRlLTFlNTgtNDEwNS1iZWQxLTQwN2FmODlhZDhlOS8x
L0VKMDV1RTdGeVJSakt1R1hiLVo5dGRuSTl4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NGExNjRlLTFlNTgtNDEwNS1iZWQxLTQwN2FmODlhZDhlOS8xL0UzOGpsRTQ5ZU5x
U0FGWFhMSFRRSy1WRlh6VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbn8/DANBgkqhkiG9w0BAQsFAAOC
AQEARpMeerany7EWGQT7K7uElSsVBzSDpOUPl6IJ+rERHwfQ5BDL2i1CakuLdx5u
VSXcd9aijMMciyqkI7FeORNWC9Z9lT0KDfWsjw84tRRbMpfYljnYT9XKO3vGRAy7
p5CAPniXbusiLp9JzWMJnU+OK0uBO4KjIANYPsklPtT3M2ih55olvuSLTXEDm+r3
cqBMKkM15zDg7Dlioa6pI9YOz8ovUjUygQLYE4LWTE+tuFXo+50TpOjtf32rUG2l
hS86g2hwYgmt4SJcnOfpYCsXWPoRf1SKkdrWSyL06KyGpK3sJFu2yV/nzZUnHFT0
Mo17NvMb6ShEVPWn+zLhv/2FSQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:35 2023 by rpki-client on console-ams.rpki-client.org