Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/1DLVaVP4rEfcNhXrXNXdm9hTWZE.roa
File: 1DLVaVP4rEfcNhXrXNXdm9hTWZE.roa (raw, json)
Hash identifier: ZwlosOK4SQKhe6XvuF2FtoJHgrOTrd9Va6D2C02g/BY=
Subject key identifier: D4:32:D5:69:53:F8:AC:47:DC:36:15:EB:5C:D5:DD:9B:D8:53:59:91
Certificate issuer: /CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Certificate serial: 018645291F433DB52B1867E5792006BD9CA6
Authority key identifier: C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/1DLVaVP4rEfcNhXrXNXdm9hTWZE.roa
Signing time: Sun 12 Feb 2023 10:26:08 +0000
ROA not before: Sun 12 Feb 2023 10:26:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39368
IP address blocks: 185.211.58.0/24 maxlen: 24
185.211.57.0/24 maxlen: 24
185.211.56.0/24 maxlen: 24
185.211.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:45:29:1f:43:3d:b5:2b:18:67:e5:79:20:06:bd:9c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Validity
Not Before: Feb 12 10:26:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d432d56953f8ac47dc3615eb5cd5dd9bd8535991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:19:b7:55:04:5a:4b:99:79:4e:fe:f4:e4:72:
c3:9f:59:b4:07:db:ea:42:2e:60:a6:64:ca:76:1e:
ff:84:5e:89:5a:c8:49:d5:a1:95:ca:49:2f:9b:18:
97:22:61:07:f9:71:70:90:91:30:92:b8:1d:32:09:
f8:c7:42:8c:48:9f:39:b1:f7:cf:95:2d:a9:76:71:
a9:8f:e2:aa:d4:42:0d:aa:b2:e8:2a:fd:d8:17:c1:
02:b6:f9:b3:28:d0:16:dc:4e:0a:16:36:85:c8:87:
75:af:2b:65:8c:0d:8f:4b:0e:9a:de:5d:95:ff:cc:
78:25:88:d8:c9:a6:e0:82:c8:28:7d:af:bc:88:2b:
79:a0:6c:d5:6a:51:09:9f:52:a1:e4:0c:8a:7e:b5:
7b:b3:34:8e:30:59:68:15:0e:c7:aa:50:1c:de:6f:
dd:42:75:2c:8f:4c:fc:98:6d:07:1c:5a:ab:db:da:
3d:2a:b2:8f:17:f5:71:9a:31:00:6c:c5:d7:89:67:
a9:76:85:e7:c4:16:dd:35:60:34:d4:2f:45:27:b9:
b6:0f:e7:e2:4c:27:e5:4f:6e:a2:18:c7:c6:7b:fd:
f9:5e:ca:52:c8:1e:57:de:39:ba:60:b8:c8:13:ce:
dd:5d:35:f1:36:a6:0f:bf:5e:2f:a0:16:72:09:65:
55:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:32:D5:69:53:F8:AC:47:DC:36:15:EB:5C:D5:DD:9B:D8:53:59:91
X509v3 Authority Key Identifier:
keyid:C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/1DLVaVP4rEfcNhXrXNXdm9hTWZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.56.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:6e:3b:94:67:7e:7f:98:59:5f:88:c4:a4:8b:99:12:41:4f:
1e:11:f5:97:d7:0d:98:4a:22:72:35:ad:ab:9e:ba:a2:6a:52:
e1:81:e1:2f:68:1a:62:a0:a3:f0:a0:98:3f:93:29:83:2d:cd:
a0:63:2f:86:72:d0:20:46:87:21:56:c9:95:e2:c0:bd:f5:a6:
d8:b5:e5:1f:07:8e:26:98:0d:af:cc:5a:e0:dd:37:8b:d1:df:
f4:72:d0:65:19:ad:63:a7:9f:b0:5f:10:12:68:b9:62:83:31:
f2:b2:0a:92:89:b9:5a:97:8f:2c:03:10:74:ea:e3:ba:81:9b:
e5:6f:d5:da:b0:60:8e:ee:b5:2b:05:70:8a:c7:f9:a2:65:03:
35:ba:39:3b:7e:6b:f5:95:c4:e6:50:c9:51:89:22:ae:0a:ec:
3f:0d:81:9b:4c:a1:78:12:e8:bd:6d:58:0f:16:78:2c:9d:39:
ef:da:40:6f:7d:97:1a:ba:48:1d:b1:cf:c5:59:ce:67:5b:fa:
f1:4f:26:37:61:e7:57:f1:97:3c:1d:2f:b0:27:0c:c2:75:01:
7a:69:67:80:be:e3:0f:88:45:7b:6d:5b:33:6d:58:f3:b8:7b:
1c:23:98:2b:67:10:72:88:2e:68:e8:e4:78:72:d1:36:48:6e:
6e:61:a5:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZFKR9DPbUrGGfleSAGvZymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzY0MmQxYWIzOWQzMDllYzVmMzNlNGU4ODE0YWRjMzU4
NDgyNWYwHhcNMjMwMjEyMTAyNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDMyZDU2OTUzZjhhYzQ3ZGMzNjE1ZWI1Y2Q1ZGQ5YmQ4NTM1OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxm3VQRaS5l5Tv705HLDn1m0B9vq
Qi5gpmTKdh7/hF6JWshJ1aGVykkvmxiXImEH+XFwkJEwkrgdMgn4x0KMSJ85sffP
lS2pdnGpj+Kq1EINqrLoKv3YF8ECtvmzKNAW3E4KFjaFyId1rytljA2PSw6a3l2V
/8x4JYjYyabggsgofa+8iCt5oGzValEJn1Kh5AyKfrV7szSOMFloFQ7HqlAc3m/d
QnUsj0z8mG0HHFqr29o9KrKPF/VxmjEAbMXXiWepdoXnxBbdNWA01C9FJ7m2D+fi
TCflT26iGMfGe/35XspSyB5X3jm6YLjIE87dXTXxNqYPv14voBZyCWVVDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQy1WlT+KxH3DYV61zV3ZvYU1mRMB8GA1UdIwQY
MBaAFMI2QtGrOdMJ7F8z5OiBStw1hIJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQt
MjI2Nzk2OGI2NTJmLzEvMURMVmFWUDRyRWZjTmhYclhOWGRtOWhUV1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQtMjI2Nzk2OGI2NTJm
LzEvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudM4MA0G
CSqGSIb3DQEBCwUAA4IBAQB8bjuUZ35/mFlfiMSki5kSQU8eEfWX1w2YSiJyNa2r
nrqialLhgeEvaBpioKPwoJg/kymDLc2gYy+GctAgRochVsmV4sC99abYteUfB44m
mA2vzFrg3TeL0d/0ctBlGa1jp5+wXxASaLligzHysgqSiblal48sAxB06uO6gZvl
b9XasGCO7rUrBXCKx/miZQM1ujk7fmv1lcTmUMlRiSKuCuw/DYGbTKF4Eui9bVgP
FngsnTnv2kBvfZcaukgdsc/FWc5nW/rxTyY3YedX8Zc8HS+wJwzCdQF6aWeAvuMP
iEV7bVszbVjzuHscI5grZxByiC5o6OR4ctE2SG5uYaUg
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:00:47 2025 by rpki-client