Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/EyV07v5KDlpXjf1NupmSkp7GGMc.roa
File: EyV07v5KDlpXjf1NupmSkp7GGMc.roa (raw, json)
Hash identifier: HiDvsTeCVGAn1mhnG+NumRdQWTo7F5jzlHUWQ8ia6fw=
Subject key identifier: 13:25:74:EE:FE:4A:0E:5A:57:8D:FD:4D:BA:99:92:92:9E:C6:18:C7
Certificate issuer: /CN=5b456c9f7f79b987196c468402396a187c156d7c
Certificate serial: 01856DC1DCC6499D436CF073A42DC9BBE754
Authority key identifier: 5B:45:6C:9F:7F:79:B9:87:19:6C:46:84:02:39:6A:18:7C:15:6D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W0Vsn395uYcZbEaEAjlqGHwVbXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/EyV07v5KDlpXjf1NupmSkp7GGMc.roa
Signing time: Sun 01 Jan 2023 14:34:59 +0000
ROA not before: Sun 01 Jan 2023 14:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60855
IP address blocks: 185.24.184.0/24 maxlen: 24
185.24.184.0/23 maxlen: 23
185.24.186.0/24 maxlen: 24
185.24.186.0/23 maxlen: 23
185.24.185.0/24 maxlen: 24
185.24.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:dc:c6:49:9d:43:6c:f0:73:a4:2d:c9:bb:e7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b456c9f7f79b987196c468402396a187c156d7c
Validity
Not Before: Jan 1 14:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=132574eefe4a0e5a578dfd4dba9992929ec618c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1b:e5:94:c5:04:b8:39:91:2b:45:29:87:d6:
ea:8b:95:47:1d:d3:20:27:db:69:bb:18:03:94:00:
cf:b9:b7:73:77:d5:e0:97:30:24:3e:1f:f8:7e:e1:
bb:f0:7c:49:80:85:1d:6d:12:96:3d:fb:c8:c4:82:
1b:44:a1:26:a4:ae:6d:45:4f:d2:01:4a:86:7a:ab:
58:08:61:48:4b:dd:9d:80:ff:27:23:e9:b8:cd:e8:
c7:39:1f:1e:0d:59:50:0c:2d:31:62:10:80:17:90:
26:1b:1e:92:f3:74:93:11:ac:22:a9:25:66:d3:5f:
6d:a7:b8:e1:ae:f1:91:36:58:41:ab:8a:26:37:d8:
bf:cd:87:bb:48:e7:c8:af:db:01:a8:ea:6f:ef:15:
20:3e:62:a5:89:d2:d2:ce:5e:00:d4:f6:9a:f9:2b:
db:2e:d3:a2:4c:a6:22:f8:a8:92:70:51:a8:53:ae:
2f:13:0b:02:1b:56:be:68:b5:3f:b4:df:ad:32:05:
e8:0c:2c:09:ae:96:a7:a3:63:65:93:22:79:39:18:
34:70:2e:4f:d7:8d:45:17:4f:ea:d5:a8:d8:52:a9:
ba:8a:75:72:29:d5:96:54:2d:08:51:a7:31:b9:2a:
dd:44:56:db:a1:be:91:8d:68:1b:73:13:d7:e9:67:
ac:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:25:74:EE:FE:4A:0E:5A:57:8D:FD:4D:BA:99:92:92:9E:C6:18:C7
X509v3 Authority Key Identifier:
keyid:5B:45:6C:9F:7F:79:B9:87:19:6C:46:84:02:39:6A:18:7C:15:6D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W0Vsn395uYcZbEaEAjlqGHwVbXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/EyV07v5KDlpXjf1NupmSkp7GGMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1defca-e125-4b00-9252-9fe86dea862a/1/W0Vsn395uYcZbEaEAjlqGHwVbXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.184.0/22
Signature Algorithm: sha256WithRSAEncryption
35:9a:a0:67:0f:0b:3b:72:54:bf:bb:c8:8b:42:32:7a:22:81:
55:55:ab:94:7d:cf:87:86:c6:ed:d5:b1:cb:6e:91:8d:ad:53:
e0:30:64:a7:ec:e1:dc:d8:07:20:c6:ac:e9:50:4d:cb:ae:43:
bc:24:a1:05:26:31:10:08:ca:03:71:99:d3:79:6b:33:13:88:
50:4f:ba:0b:8c:fa:17:3d:be:20:06:d6:70:5f:d1:e3:03:ae:
d7:e2:77:46:80:51:49:c0:bb:3b:07:4a:bc:d0:76:81:ab:d1:
d5:97:9d:4c:91:f1:96:d0:24:c6:78:d6:0e:b7:ab:93:8c:26:
4f:d4:0a:4d:46:76:ad:19:3f:91:7f:fa:1b:7b:92:fb:21:64:
a9:42:f7:cf:e9:49:8d:ae:07:a4:61:e3:6f:3b:d4:b4:8b:5b:
d7:61:0f:d7:44:fe:c9:51:09:a7:2b:bb:8d:b3:fe:9a:e5:7d:
b1:4d:a6:bb:53:8c:6e:87:f6:10:fc:db:3a:30:c6:25:68:1c:
37:8e:85:4b:11:b3:79:6f:cc:b8:1b:ad:36:7b:7f:af:6c:b8:
d3:0c:58:11:88:ff:b7:0e:4b:21:7b:41:69:69:c0:67:ad:42:
19:5b:54:fc:4c:9e:32:ca:76:8c:0d:8a:11:c7:37:61:ac:ac:
86:2a:b7:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwdzGSZ1DbPBzpC3Ju+dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNDU2YzlmN2Y3OWI5ODcxOTZjNDY4NDAyMzk2YTE4N2Mx
NTZkN2MwHhcNMjMwMTAxMTQzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzI1NzRlZWZlNGEwZTVhNTc4ZGZkNGRiYTk5OTI5MjllYzYxOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxvllMUEuDmRK0Uph9bqi5VHHdMg
J9tpuxgDlADPubdzd9XglzAkPh/4fuG78HxJgIUdbRKWPfvIxIIbRKEmpK5tRU/S
AUqGeqtYCGFIS92dgP8nI+m4zejHOR8eDVlQDC0xYhCAF5AmGx6S83STEawiqSVm
019tp7jhrvGRNlhBq4omN9i/zYe7SOfIr9sBqOpv7xUgPmKlidLSzl4A1Paa+Svb
LtOiTKYi+KiScFGoU64vEwsCG1a+aLU/tN+tMgXoDCwJrpano2NlkyJ5ORg0cC5P
141FF0/q1ajYUqm6inVyKdWWVC0IUacxuSrdRFbbob6RjWgbcxPX6WesgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBMldO7+Sg5aV439TbqZkpKexhjHMB8GA1UdIwQY
MBaAFFtFbJ9/ebmHGWxGhAI5ahh8FW18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzBWc24zOTV1WWNaYkVhRUFqbHFHSHdWYlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xZGVmY2EtZTEyNS00YjAwLTkyNTIt
OWZlODZkZWE4NjJhLzEvRXlWMDd2NUtEbHBYamYxTnVwbVNrcDdHR01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xZGVmY2EtZTEyNS00YjAwLTkyNTItOWZlODZkZWE4NjJh
LzEvVzBWc24zOTV1WWNaYkVhRUFqbHFHSHdWYlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRi4MA0G
CSqGSIb3DQEBCwUAA4IBAQA1mqBnDws7clS/u8iLQjJ6IoFVVauUfc+Hhsbt1bHL
bpGNrVPgMGSn7OHc2AcgxqzpUE3LrkO8JKEFJjEQCMoDcZnTeWszE4hQT7oLjPoX
Pb4gBtZwX9HjA67X4ndGgFFJwLs7B0q80HaBq9HVl51MkfGW0CTGeNYOt6uTjCZP
1ApNRnatGT+Rf/obe5L7IWSpQvfP6UmNrgekYeNvO9S0i1vXYQ/XRP7JUQmnK7uN
s/6a5X2xTaa7U4xuh/YQ/Ns6MMYlaBw3joVLEbN5b8y4G602e3+vbLjTDFgRiP+3
Dkshe0FpacBnrUIZW1T8TJ4yynaMDYoRxzdhrKyGKres
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:31 2025 by rpki-client