Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/RFPcQy5F66Rsb1pjzzC-rpZYqxc.roa
File: RFPcQy5F66Rsb1pjzzC-rpZYqxc.roa (raw, json)
Hash identifier: N772/nJscI9MClC+OJEw+7N8kdNHWprYE/dPW+PH3C0=
Subject key identifier: 44:53:DC:43:2E:45:EB:A4:6C:6F:5A:63:CF:30:BE:AE:96:58:AB:17
Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Certificate serial: 01874C452D63B8AFA379022D3160038B133E
Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/RFPcQy5F66Rsb1pjzzC-rpZYqxc.roa
Signing time: Tue 04 Apr 2023 12:36:54 +0000
ROA not before: Tue 04 Apr 2023 12:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211599
IP address blocks: 185.249.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:45:2d:63:b8:af:a3:79:02:2d:31:60:03:8b:13:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2
Validity
Not Before: Apr 4 12:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4453dc432e45eba46c6f5a63cf30beae9658ab17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f7:43:c5:97:4c:ad:a9:96:17:67:83:50:b9:
dd:17:35:65:a9:cd:67:28:c1:e6:41:2e:9f:50:32:
c8:a4:7d:12:fa:6a:d4:4b:a9:00:6d:50:35:6c:db:
0f:33:02:2d:ed:c6:0f:43:32:ef:28:55:f5:af:bb:
e9:13:d0:b3:c7:d3:e0:e6:1a:ea:5e:55:1b:59:7c:
33:08:9c:e3:78:66:e2:8b:4f:67:24:bd:3f:b2:c4:
f6:4b:3c:35:2b:9d:69:f2:fc:34:31:ca:4f:17:5e:
a9:94:01:0c:19:00:ab:44:5e:5e:57:cd:8b:05:e7:
16:63:05:03:4c:f4:6d:7a:cc:b7:22:6f:e1:5c:fa:
bd:f7:c9:e1:d3:24:94:33:6e:1e:84:14:57:12:df:
24:45:35:52:e3:c1:05:57:85:47:b8:13:11:46:c7:
e8:20:16:cc:53:5b:09:1c:4d:f3:e5:78:de:86:50:
55:6f:77:98:0a:46:af:16:cb:64:21:66:1d:90:25:
77:b1:4a:2e:1e:3f:ab:c0:ff:5b:64:86:a5:66:8b:
c6:ea:f2:7a:c1:41:94:0c:30:52:4b:fb:16:8d:c5:
4a:ec:de:bb:d2:24:c7:12:5a:01:91:ee:14:77:87:
71:8d:dd:a7:f4:1e:66:1e:04:96:70:17:a0:b7:d2:
d0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:53:DC:43:2E:45:EB:A4:6C:6F:5A:63:CF:30:BE:AE:96:58:AB:17
X509v3 Authority Key Identifier:
keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/RFPcQy5F66Rsb1pjzzC-rpZYqxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.253.0/24
Signature Algorithm: sha256WithRSAEncryption
90:93:a3:b6:33:65:2d:66:40:40:79:63:e4:62:6c:70:cb:ab:
57:6a:31:b3:02:88:a2:8d:c4:5b:76:34:2a:11:07:1f:09:0d:
70:04:33:25:8a:20:4c:9f:e6:14:dd:59:9c:e3:01:9d:02:23:
4f:5f:f7:01:9d:8a:b7:b2:65:96:88:b2:32:ea:7d:72:d6:c9:
b2:23:25:06:dd:4d:c3:d2:12:70:fc:95:fd:36:7b:1b:08:2c:
55:bf:3a:ed:d5:75:74:9e:ad:6d:06:bc:9e:a9:2d:91:08:69:
27:47:8c:07:59:82:e9:54:9d:a1:79:81:4b:9b:fc:41:7d:bc:
85:83:73:8e:30:f3:cd:f8:54:65:e1:a8:98:af:90:a5:57:d7:
94:c0:92:a1:dd:86:fb:e1:be:18:21:e4:78:dd:24:cd:ef:eb:
02:ef:5a:61:49:15:ed:a1:f1:2f:4b:82:2f:d7:61:36:b2:b8:
76:b3:13:92:b4:14:07:55:8c:9f:f2:ef:55:59:81:d7:51:73:
48:87:98:24:3c:c2:92:5a:27:ea:d5:0e:84:cc:4b:70:f2:15:
17:95:6f:16:67:17:d7:c2:e7:93:76:db:9e:bc:2a:bf:7e:68:
2e:fd:c3:00:fc:54:61:d3:f8:87:2e:c1:73:dd:c3:83:c3:06:
b9:6b:90:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdMRS1juK+jeQItMWADixM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw
N2VlZjIwHhcNMjMwNDA0MTIzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDUzZGM0MzJlNDVlYmE0NmM2ZjVhNjNjZjMwYmVhZTk2NThhYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPdDxZdMramWF2eDULndFzVlqc1n
KMHmQS6fUDLIpH0S+mrUS6kAbVA1bNsPMwIt7cYPQzLvKFX1r7vpE9Czx9Pg5hrq
XlUbWXwzCJzjeGbii09nJL0/ssT2Szw1K51p8vw0McpPF16plAEMGQCrRF5eV82L
BecWYwUDTPRtesy3Im/hXPq998nh0ySUM24ehBRXEt8kRTVS48EFV4VHuBMRRsfo
IBbMU1sJHE3z5XjehlBVb3eYCkavFstkIWYdkCV3sUouHj+rwP9bZIalZovG6vJ6
wUGUDDBSS/sWjcVK7N670iTHEloBke4Ud4dxjd2n9B5mHgSWcBegt9LQ2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERT3EMuReukbG9aY88wvq6WWKsXMB8GA1UdIwQY
MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt
MjgxOWU0YzVmMTIzLzEvUkZQY1F5NUY2NlJzYjFwanp6Qy1ycFpZcXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz
LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufn9MA0G
CSqGSIb3DQEBCwUAA4IBAQCQk6O2M2UtZkBAeWPkYmxwy6tXajGzAoiijcRbdjQq
EQcfCQ1wBDMliiBMn+YU3Vmc4wGdAiNPX/cBnYq3smWWiLIy6n1y1smyIyUG3U3D
0hJw/JX9NnsbCCxVvzrt1XV0nq1tBryeqS2RCGknR4wHWYLpVJ2heYFLm/xBfbyF
g3OOMPPN+FRl4aiYr5ClV9eUwJKh3Yb74b4YIeR43STN7+sC71phSRXtofEvS4Iv
12E2srh2sxOStBQHVYyf8u9VWYHXUXNIh5gkPMKSWifq1Q6EzEtw8hUXlW8WZxfX
wueTdtuevCq/fmgu/cMA/FRh0/iHLsFz3cODwwa5a5B9
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:22 2025 by rpki-client