Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/d66a58-fdf5-491e-b511-fd2915d4cd5a/1/3KWLDMwFpGqglbCtnYFmd5mi5vQ.roa
File: 3KWLDMwFpGqglbCtnYFmd5mi5vQ.roa (raw, json)
Hash identifier: BBmegzlxh1bvPYZSuMLiwbcOu6OS+XT0a16pr6NFYaM=
Subject key identifier: DC:A5:8B:0C:CC:05:A4:6A:A0:95:B0:AD:9D:81:66:77:99:A2:E6:F4
Certificate issuer: /CN=4dc391dc615fd4a3ad10c0f2ab8b0a506d039ed8
Certificate serial: 01856C78338E18FCAD843E88CF41CF158E44
Authority key identifier: 4D:C3:91:DC:61:5F:D4:A3:AD:10:C0:F2:AB:8B:0A:50:6D:03:9E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TcOR3GFf1KOtEMDyq4sKUG0Dntg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/d66a58-fdf5-491e-b511-fd2915d4cd5a/1/3KWLDMwFpGqglbCtnYFmd5mi5vQ.roa
Signing time: Sun 01 Jan 2023 08:34:54 +0000
ROA not before: Sun 01 Jan 2023 08:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 185.117.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:33:8e:18:fc:ad:84:3e:88:cf:41:cf:15:8e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dc391dc615fd4a3ad10c0f2ab8b0a506d039ed8
Validity
Not Before: Jan 1 08:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dca58b0ccc05a46aa095b0ad9d81667799a2e6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fb:9b:06:4e:d2:ce:3e:8b:aa:3d:75:1f:07:
b6:d4:8e:57:09:11:88:a8:74:c3:8f:ff:aa:f4:6e:
58:b6:34:fc:a6:4c:47:35:39:dc:df:17:e2:dd:c5:
cb:0e:73:d5:85:1e:8b:5a:8a:b3:7a:40:0e:94:2e:
fb:9b:1a:7b:98:6b:6c:5f:85:b6:75:d0:db:35:a5:
0b:87:95:0d:ed:d7:01:b7:ee:91:dc:62:c3:43:92:
c5:7c:f4:ad:f7:ea:18:8d:7d:47:9d:5b:a3:da:b7:
6e:9f:51:dc:46:80:3a:e0:d7:7b:ef:b6:49:03:43:
6d:d9:11:9b:2f:f9:17:d8:f8:ad:a0:a6:df:e5:61:
51:87:18:15:71:3a:74:54:39:da:18:bd:15:65:95:
fc:64:a8:39:ad:1b:8a:53:98:b3:15:f1:26:78:e0:
e6:5a:d5:b2:e1:54:15:71:a9:fd:10:b7:fb:fb:26:
17:ff:1b:29:ea:9c:6d:88:dd:5a:46:32:81:19:26:
6c:ee:d2:39:7f:0c:f1:61:e0:11:e0:a3:72:50:65:
e6:2b:e1:9d:c9:9b:27:32:30:c0:0a:0d:d9:b0:d6:
0b:49:c0:ff:d5:41:de:91:8c:b3:1d:c9:c7:62:b1:
db:c3:bd:32:1c:09:de:80:26:33:8d:58:28:09:1f:
8c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A5:8B:0C:CC:05:A4:6A:A0:95:B0:AD:9D:81:66:77:99:A2:E6:F4
X509v3 Authority Key Identifier:
keyid:4D:C3:91:DC:61:5F:D4:A3:AD:10:C0:F2:AB:8B:0A:50:6D:03:9E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TcOR3GFf1KOtEMDyq4sKUG0Dntg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d66a58-fdf5-491e-b511-fd2915d4cd5a/1/3KWLDMwFpGqglbCtnYFmd5mi5vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d66a58-fdf5-491e-b511-fd2915d4cd5a/1/TcOR3GFf1KOtEMDyq4sKUG0Dntg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.230.0/24
Signature Algorithm: sha256WithRSAEncryption
58:ef:ad:ee:53:fd:d8:de:ac:b8:31:2f:3b:32:bb:27:c0:fa:
23:8c:6a:14:ba:87:9d:c7:ed:1c:0f:33:41:f7:8f:73:ac:2b:
f7:4d:87:45:01:83:62:8c:43:da:54:c2:e1:25:7d:80:1d:6b:
b9:fc:6a:be:61:3a:d2:65:1f:c0:41:2f:99:1e:28:47:e5:5f:
09:76:7d:51:e5:71:88:77:df:bd:24:41:83:21:a1:14:43:ec:
60:bf:a6:b1:e7:97:2a:84:f1:6c:97:b4:4e:f4:cc:b8:3f:26:
ea:91:af:a0:55:39:23:e9:36:2e:47:74:38:5d:fd:bf:22:78:
67:ef:a1:96:b2:71:90:47:01:50:3a:80:99:f2:f7:f4:81:c6:
34:27:34:f3:f2:7e:61:6e:dd:e4:4f:24:bf:e2:9a:be:55:07:
b2:d1:e0:63:29:c3:95:50:ee:69:4d:33:de:ba:02:0a:bf:94:
ac:9d:d5:72:9a:36:95:7a:c7:f7:be:81:a1:a6:7f:ca:94:52:
a0:d4:34:32:bf:22:f3:47:13:94:b3:07:48:a2:17:bb:e1:7e:
74:8c:3a:40:8f:77:fd:6d:b9:9d:b2:34:57:52:fb:d3:7a:05:
18:59:0a:11:0f:3e:91:95:fd:0f:62:3d:70:02:39:75:43:14:
8c:ba:2e:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseDOOGPythD6Iz0HPFY5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYzM5MWRjNjE1ZmQ0YTNhZDEwYzBmMmFiOGIwYTUwNmQw
MzllZDgwHhcNMjMwMTAxMDgzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E1OGIwY2NjMDVhNDZhYTA5NWIwYWQ5ZDgxNjY3Nzk5YTJlNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfubBk7Szj6Lqj11Hwe21I5XCRGI
qHTDj/+q9G5YtjT8pkxHNTnc3xfi3cXLDnPVhR6LWoqzekAOlC77mxp7mGtsX4W2
ddDbNaULh5UN7dcBt+6R3GLDQ5LFfPSt9+oYjX1HnVuj2rdun1HcRoA64Nd777ZJ
A0Nt2RGbL/kX2PitoKbf5WFRhxgVcTp0VDnaGL0VZZX8ZKg5rRuKU5izFfEmeODm
WtWy4VQVcan9ELf7+yYX/xsp6pxtiN1aRjKBGSZs7tI5fwzxYeAR4KNyUGXmK+Gd
yZsnMjDACg3ZsNYLScD/1UHekYyzHcnHYrHbw70yHAnegCYzjVgoCR+MwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyliwzMBaRqoJWwrZ2BZneZoub0MB8GA1UdIwQY
MBaAFE3DkdxhX9SjrRDA8quLClBtA57YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGNPUjNHRmYxS090RU1EeXE0c0tVRzBEbnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kNjZhNTgtZmRmNS00OTFlLWI1MTEt
ZmQyOTE1ZDRjZDVhLzEvM0tXTERNd0ZwR3FnbGJDdG5ZRm1kNW1pNXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9kNjZhNTgtZmRmNS00OTFlLWI1MTEtZmQyOTE1ZDRjZDVh
LzEvVGNPUjNHRmYxS090RU1EeXE0c0tVRzBEbnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXXmMA0G
CSqGSIb3DQEBCwUAA4IBAQBY763uU/3Y3qy4MS87MrsnwPojjGoUuoedx+0cDzNB
949zrCv3TYdFAYNijEPaVMLhJX2AHWu5/Gq+YTrSZR/AQS+ZHihH5V8Jdn1R5XGI
d9+9JEGDIaEUQ+xgv6ax55cqhPFsl7RO9My4Pybqka+gVTkj6TYuR3Q4Xf2/Inhn
76GWsnGQRwFQOoCZ8vf0gcY0JzTz8n5hbt3kTyS/4pq+VQey0eBjKcOVUO5pTTPe
ugIKv5SsndVymjaVesf3voGhpn/KlFKg1DQyvyLzRxOUswdIohe74X50jDpAj3f9
bbmdsjRXUvvTegUYWQoRDz6Rlf0PYj1wAjl1QxSMui6D
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:55 2025 by rpki-client