Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/g1CyilVRkV-UhdGodUklSRSdX20.roa
File: g1CyilVRkV-UhdGodUklSRSdX20.roa (raw, json)
Hash identifier: 8P5BCacx7/7+gqfjfQc4n2rA0ZNHq2UZ/9lWGD83ONY=
Subject key identifier: 83:50:B2:8A:55:51:91:5F:94:85:D1:A8:75:49:25:49:14:9D:5F:6D
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018BF6884E799F3A333869E98ABC5212067C
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/g1CyilVRkV-UhdGodUklSRSdX20.roa
Signing time: Wed 22 Nov 2023 10:16:49 +0000
ROA not before: Wed 22 Nov 2023 10:16:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211440
IP address blocks: 185.65.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:88:4e:79:9f:3a:33:38:69:e9:8a:bc:52:12:06:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Nov 22 10:16:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8350b28a5551915f9485d1a875492549149d5f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:96:70:f3:f0:41:fb:97:38:0f:1b:f6:4f:e2:
67:e1:7a:a5:42:a8:bc:ca:32:a3:65:60:60:df:ad:
0b:71:60:18:60:71:ff:b1:7c:92:33:4f:89:65:44:
9a:29:17:07:93:c6:50:fd:ee:f6:25:63:b4:fa:f4:
4f:22:1d:7e:cc:33:69:a8:f6:74:11:4d:42:e1:f1:
fb:c8:a8:f4:33:0a:76:62:e0:b3:c2:ce:ed:09:ea:
03:41:74:1c:09:8d:87:f7:10:e5:2e:ec:1d:58:d6:
e1:c3:32:eb:64:7e:8e:56:b3:32:d3:b5:33:ad:43:
fd:b7:17:c2:21:4e:12:a0:2b:30:69:00:ae:0a:7b:
4e:1c:01:e1:2b:f1:12:60:e0:2a:71:75:c6:29:04:
ae:5e:21:19:c9:ba:ca:8b:c6:eb:eb:b4:1c:6f:32:
ad:18:16:eb:79:0a:0b:7a:e6:5e:d4:6c:ef:56:5a:
80:e4:74:d1:81:11:0a:79:42:2f:8d:f1:6a:d0:a7:
a7:60:07:fe:6f:df:67:69:a6:7a:15:44:72:4b:91:
9d:cb:4a:0f:de:e3:87:48:91:3c:68:9f:87:b6:5d:
2f:0f:ed:d2:08:f6:81:09:27:31:e1:0c:68:85:9b:
04:87:a7:ad:7d:7b:c5:b2:8f:81:dc:fc:d0:e7:1b:
fe:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:50:B2:8A:55:51:91:5F:94:85:D1:A8:75:49:25:49:14:9D:5F:6D
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/g1CyilVRkV-UhdGodUklSRSdX20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.63.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:fb:0a:0c:e3:74:0e:e2:66:42:4a:b5:4d:03:6e:db:e6:56:
e3:d4:88:88:39:de:b5:f1:d0:cb:6b:0e:24:9b:52:c9:72:92:
7c:ad:ac:f1:2e:ab:af:49:63:e6:5b:3b:a8:fe:35:d8:5e:2d:
8a:e3:24:7c:77:27:a9:ca:7c:39:5b:38:74:77:cc:5f:7d:d8:
ea:0b:a5:51:ca:bd:34:ed:0d:54:54:c9:f3:9c:86:80:07:88:
a7:41:c4:79:6e:b0:93:ea:81:6a:67:7f:2b:67:1e:00:94:09:
9e:a9:02:41:ca:53:cf:8d:97:4b:1e:41:cd:20:a9:0d:4c:fe:
d5:15:da:29:e0:25:27:41:9b:da:c6:dd:ab:84:0e:9e:be:93:
07:a1:d5:2b:a4:d8:18:41:31:5d:6b:73:a5:0d:d5:97:42:b4:
00:2c:b2:51:e2:85:be:aa:1c:29:87:43:6e:98:1b:f9:17:83:
5d:77:e2:b3:bb:b5:b7:ff:c3:b6:63:35:7f:95:c8:e9:ba:77:
60:4e:a7:86:59:c1:66:8f:b1:28:36:c7:c2:41:68:a5:68:23:
b2:4c:b0:1a:25:13:99:59:7c:a2:d1:07:39:f1:f5:ef:95:a8:
bb:41:64:c4:ce:78:d1:1a:2e:6d:fc:4e:03:84:6e:ca:d9:28:
ee:63:2c:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv2iE55nzozOGnpirxSEgZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMTIyMTAxNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzUwYjI4YTU1NTE5MTVmOTQ4NWQxYTg3NTQ5MjU0OTE0OWQ1ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJZw8/BB+5c4Dxv2T+Jn4XqlQqi8
yjKjZWBg360LcWAYYHH/sXySM0+JZUSaKRcHk8ZQ/e72JWO0+vRPIh1+zDNpqPZ0
EU1C4fH7yKj0Mwp2YuCzws7tCeoDQXQcCY2H9xDlLuwdWNbhwzLrZH6OVrMy07Uz
rUP9txfCIU4SoCswaQCuCntOHAHhK/ESYOAqcXXGKQSuXiEZybrKi8br67QcbzKt
GBbreQoLeuZe1GzvVlqA5HTRgREKeUIvjfFq0KenYAf+b99naaZ6FURyS5Gdy0oP
3uOHSJE8aJ+Htl0vD+3SCPaBCScx4QxohZsEh6etfXvFso+B3PzQ5xv+uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINQsopVUZFflIXRqHVJJUkUnV9tMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvZzFDeWlsVlJrVi1VaGRHb2RVa2xTUlNkWDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUE/MA0G
CSqGSIb3DQEBCwUAA4IBAQAc+woM43QO4mZCSrVNA27b5lbj1IiIOd618dDLaw4k
m1LJcpJ8razxLquvSWPmWzuo/jXYXi2K4yR8dyepynw5Wzh0d8xffdjqC6VRyr00
7Q1UVMnznIaAB4inQcR5brCT6oFqZ38rZx4AlAmeqQJBylPPjZdLHkHNIKkNTP7V
Fdop4CUnQZvaxt2rhA6evpMHodUrpNgYQTFda3OlDdWXQrQALLJR4oW+qhwph0Nu
mBv5F4Ndd+Kzu7W3/8O2YzV/lcjpundgTqeGWcFmj7EoNsfCQWilaCOyTLAaJROZ
WXyi0Qc58fXvlai7QWTEznjRGi5t/E4DhG7K2SjuYyy+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:58 2025 by rpki-client