Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/871c28-66f3-406d-bb54-8e40435f4ba3/1/B-HglwdVKesdoxsMVX_sXCpYwCY.roa
File: B-HglwdVKesdoxsMVX_sXCpYwCY.roa (raw, json)
Hash identifier: ilyxC1YbRoKkrgvPl2xJPzRxwlhWCl8bhzIZCts2qwE=
Subject key identifier: 07:E1:E0:97:07:55:29:EB:1D:A3:1B:0C:55:7F:EC:5C:2A:58:C0:26
Certificate issuer: /CN=c2e1dda1df73f3ff6ae4f5e7c7b24cab35e6849d
Certificate serial: 01856C9CA19D9E07EDF5C8A2D0A2FCC5E314
Authority key identifier: C2:E1:DD:A1:DF:73:F3:FF:6A:E4:F5:E7:C7:B2:4C:AB:35:E6:84:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wuHdod9z8_9q5PXnx7JMqzXmhJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/871c28-66f3-406d-bb54-8e40435f4ba3/1/B-HglwdVKesdoxsMVX_sXCpYwCY.roa
Signing time: Sun 01 Jan 2023 09:14:42 +0000
ROA not before: Sun 01 Jan 2023 09:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205757
IP address blocks: 185.198.53.0/24 maxlen: 24
185.198.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:a1:9d:9e:07:ed:f5:c8:a2:d0:a2:fc:c5:e3:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2e1dda1df73f3ff6ae4f5e7c7b24cab35e6849d
Validity
Not Before: Jan 1 09:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07e1e097075529eb1da31b0c557fec5c2a58c026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:59:54:a2:ee:0b:ad:93:0f:34:dc:df:d3:
bc:df:07:f9:29:d7:71:9e:47:05:75:e1:e6:1a:0d:
81:f4:5d:30:3c:00:56:0b:9e:39:5a:8b:5b:64:97:
e2:85:d8:b3:aa:d8:35:45:a3:75:61:75:ef:6d:be:
15:c2:16:39:1d:59:66:d2:ec:69:6d:1f:63:ad:38:
76:f3:6d:e7:b7:d1:e0:93:e3:4f:74:eb:b6:db:7b:
64:34:24:68:2d:d2:df:1f:29:a2:c2:73:e3:99:f8:
55:da:66:ba:1c:22:95:99:b8:70:48:ba:fc:53:bc:
a1:52:0e:bc:97:4c:27:7a:e7:59:a6:5d:20:b5:3e:
b5:72:61:75:ba:ee:d5:1a:40:59:30:76:b2:52:d1:
df:3f:4a:dc:da:d2:b2:1b:91:db:5a:a2:96:21:04:
30:a1:39:16:37:9a:b8:d3:f4:45:9b:ff:0c:b4:6b:
2a:90:4a:d3:c4:11:fd:3a:72:79:f3:e4:d8:1f:22:
32:9e:aa:e2:7b:57:d1:b2:0d:36:40:94:bc:a0:77:
32:43:df:be:99:92:7d:71:32:6a:86:2c:95:1c:c8:
92:4c:d6:c3:3a:5c:51:23:43:3e:f8:c3:9a:b7:4f:
db:ae:9e:0c:70:74:e3:ff:e3:3b:99:0d:0c:2c:a2:
2c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E1:E0:97:07:55:29:EB:1D:A3:1B:0C:55:7F:EC:5C:2A:58:C0:26
X509v3 Authority Key Identifier:
keyid:C2:E1:DD:A1:DF:73:F3:FF:6A:E4:F5:E7:C7:B2:4C:AB:35:E6:84:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wuHdod9z8_9q5PXnx7JMqzXmhJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/871c28-66f3-406d-bb54-8e40435f4ba3/1/B-HglwdVKesdoxsMVX_sXCpYwCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/871c28-66f3-406d-bb54-8e40435f4ba3/1/wuHdod9z8_9q5PXnx7JMqzXmhJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.52.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:2f:1e:4a:f0:71:7d:f3:a1:1f:76:94:4f:c1:f2:1c:98:83:
ec:91:51:f3:23:ca:c7:e6:43:ef:da:73:db:09:40:09:0e:b6:
b5:f4:0b:27:62:6a:6e:06:09:e8:0d:95:43:75:79:db:3f:5a:
d8:4d:08:f2:1e:31:ce:d5:2a:69:fd:80:f4:2e:ff:e3:2d:b4:
a3:2d:68:5b:9c:2a:cd:7a:69:1e:9d:53:42:dd:1c:34:77:58:
77:07:a7:fd:75:c0:cb:cc:e1:69:73:b8:62:8d:76:c5:72:48:
2b:d9:a1:4f:fb:1b:b7:46:19:df:c5:d8:f9:e6:3a:06:27:a6:
49:67:79:ab:9c:a6:c8:03:04:cf:00:3f:c9:a2:bf:55:00:ca:
1e:93:9f:4a:e1:cc:e6:02:aa:28:3f:00:8e:84:0e:84:05:87:
66:07:69:c2:10:ea:3f:4e:da:71:4f:83:0b:ca:46:8e:08:1f:
60:d9:57:c6:a9:cc:fa:0d:67:f9:37:3d:6d:46:a1:6a:db:f3:
78:53:d8:ba:cc:f6:75:94:22:f6:55:9f:3a:6b:73:4c:31:1b:
65:94:87:75:ac:f5:5e:36:f4:c2:f3:09:e1:94:6c:e6:5a:46:
cb:2e:04:48:26:f8:d1:bc:cc:09:71:69:8a:89:dd:ff:6c:c6:
1e:cf:b1:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnKGdngft9cii0KL8xeMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZTFkZGExZGY3M2YzZmY2YWU0ZjVlN2M3YjI0Y2FiMzVl
Njg0OWQwHhcNMjMwMTAxMDkxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2UxZTA5NzA3NTUyOWViMWRhMzFiMGM1NTdmZWM1YzJhNThjMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4BZVKLuC62TDzTc39O83wf5Kddx
nkcFdeHmGg2B9F0wPABWC545WotbZJfihdizqtg1RaN1YXXvbb4VwhY5HVlm0uxp
bR9jrTh2823nt9Hgk+NPdOu223tkNCRoLdLfHymiwnPjmfhV2ma6HCKVmbhwSLr8
U7yhUg68l0wneudZpl0gtT61cmF1uu7VGkBZMHayUtHfP0rc2tKyG5HbWqKWIQQw
oTkWN5q40/RFm/8MtGsqkErTxBH9OnJ58+TYHyIynqrie1fRsg02QJS8oHcyQ9++
mZJ9cTJqhiyVHMiSTNbDOlxRI0M++MOat0/brp4McHTj/+M7mQ0MLKIsawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfh4JcHVSnrHaMbDFV/7FwqWMAmMB8GA1UdIwQY
MBaAFMLh3aHfc/P/auT158eyTKs15oSdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VIZG9kOXo4XzlxNVBYbng3Sk1xelhtaEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84NzFjMjgtNjZmMy00MDZkLWJiNTQt
OGU0MDQzNWY0YmEzLzEvQi1IZ2x3ZFZLZXNkb3hzTVZYX3NYQ3BZd0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84NzFjMjgtNjZmMy00MDZkLWJiNTQtOGU0MDQzNWY0YmEz
LzEvd3VIZG9kOXo4XzlxNVBYbng3Sk1xelhtaEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucY0MA0G
CSqGSIb3DQEBCwUAA4IBAQCjLx5K8HF986EfdpRPwfIcmIPskVHzI8rH5kPv2nPb
CUAJDra19AsnYmpuBgnoDZVDdXnbP1rYTQjyHjHO1Spp/YD0Lv/jLbSjLWhbnCrN
emkenVNC3Rw0d1h3B6f9dcDLzOFpc7hijXbFckgr2aFP+xu3Rhnfxdj55joGJ6ZJ
Z3mrnKbIAwTPAD/Jor9VAMoek59K4czmAqooPwCOhA6EBYdmB2nCEOo/TtpxT4ML
ykaOCB9g2VfGqcz6DWf5Nz1tRqFq2/N4U9i6zPZ1lCL2VZ86a3NMMRtllId1rPVe
NvTC8wnhlGzmWkbLLgRIJvjRvMwJcWmKid3/bMYez7HJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:09 2025 by rpki-client