Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/223tacmBmsTGCBxTKDEsX6dOrrA.roa
File: 223tacmBmsTGCBxTKDEsX6dOrrA.roa (raw, json)
Hash identifier: 1/nMvuLqTLVaM/5IByF466K5fvkV/xyf+8EQ6ndGEpA=
Subject key identifier: DB:6D:ED:69:C9:81:9A:C4:C6:08:1C:53:28:31:2C:5F:A7:4E:AE:B0
Certificate issuer: /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial: 01856EAFDC24712938C4023110D36BC6104C
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/223tacmBmsTGCBxTKDEsX6dOrrA.roa
Signing time: Sun 01 Jan 2023 18:54:56 +0000
ROA not before: Sun 01 Jan 2023 18:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204861
IP address blocks: 185.237.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:dc:24:71:29:38:c4:02:31:10:d3:6b:c6:10:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Validity
Not Before: Jan 1 18:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db6ded69c9819ac4c6081c5328312c5fa74eaeb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bc:a4:b2:55:06:f5:c1:2d:63:17:3d:db:14:
ee:f2:2f:9e:92:ae:ea:2c:50:c8:7d:04:0b:53:b2:
06:a8:bb:3c:70:43:58:53:03:a3:05:59:d2:90:58:
80:df:0b:76:67:b3:f0:f6:e4:c2:74:33:93:b0:85:
34:b2:77:12:de:0e:c4:80:4a:3e:66:44:cc:5a:6c:
78:0c:a2:ae:c7:35:ce:4d:7d:5e:b0:3c:25:dd:0c:
2c:65:4a:a1:e6:12:45:da:4d:b7:92:88:55:4c:ba:
fa:e9:6d:59:2f:f2:26:d5:ee:43:be:88:37:4e:af:
1b:72:51:92:33:51:c4:cc:29:2c:a0:0c:59:a2:0b:
13:c2:b9:38:4f:bd:bf:e1:5b:2d:0b:a2:21:e6:fb:
7c:9d:36:e0:03:1f:b9:aa:09:0e:ff:57:68:c7:3f:
e1:a6:fa:42:cf:61:c4:a0:9c:6a:6c:2d:db:86:f3:
a0:66:65:75:6a:33:03:68:2b:f2:e6:9c:98:16:e3:
45:d9:c3:1b:c3:2b:9d:dd:e0:e8:da:a3:e1:66:c7:
8a:7b:79:bb:e2:02:46:22:18:a3:ee:36:5d:c2:06:
13:b4:d6:1f:a4:88:e2:6a:ea:96:ca:0e:ac:4e:b5:
4f:d3:db:c1:93:64:24:e5:f1:e2:b5:6a:9b:60:2b:
f9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:6D:ED:69:C9:81:9A:C4:C6:08:1C:53:28:31:2C:5F:A7:4E:AE:B0
X509v3 Authority Key Identifier:
keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/223tacmBmsTGCBxTKDEsX6dOrrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.232.0/22
Signature Algorithm: sha256WithRSAEncryption
95:e0:55:b8:00:a3:8f:77:8a:be:8d:54:55:e7:d8:db:62:13:
45:4b:0a:01:3b:65:31:41:fe:74:c0:e2:a3:cc:fd:a6:da:93:
ab:c2:83:48:c1:71:9f:73:17:3a:f0:84:c7:5a:99:47:f0:52:
08:59:cb:6d:52:1c:6e:6d:8f:13:4e:ee:8d:fd:c4:18:d5:30:
d2:07:e9:d8:bd:11:a4:8a:2a:80:c8:0e:af:28:31:d0:fb:49:
26:de:e1:95:d4:d7:33:e2:2a:f4:c7:76:e7:65:24:d8:58:2f:
5e:85:02:ab:a7:82:d8:94:f2:6e:34:e9:2b:b3:f6:48:de:f7:
59:72:f6:ac:18:0d:a2:64:07:20:84:bd:ca:f5:aa:31:df:30:
b6:94:18:79:98:57:85:b6:14:bb:cf:8f:b8:4d:d2:95:6c:c8:
03:d9:8f:9d:2b:62:55:ef:57:8b:c9:da:36:7e:5c:4f:4d:04:
6d:70:89:9d:40:79:4d:d4:3d:9e:3f:0d:7c:09:77:02:8d:16:
9f:b9:80:c4:c5:c6:40:84:b7:97:e3:bd:69:4f:a4:4b:f1:ca:
35:36:cb:20:84:dc:4c:d2:9b:69:a8:cc:cf:71:d6:81:2f:22:
09:53:9e:b3:e3:46:c5:f8:2b:20:df:f2:32:81:00:81:fd:75:
b3:0a:be:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur9wkcSk4xAIxENNrxhBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjMwMTAxMTg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjZkZWQ2OWM5ODE5YWM0YzYwODFjNTMyODMxMmM1ZmE3NGVhZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLykslUG9cEtYxc92xTu8i+ekq7q
LFDIfQQLU7IGqLs8cENYUwOjBVnSkFiA3wt2Z7Pw9uTCdDOTsIU0sncS3g7EgEo+
ZkTMWmx4DKKuxzXOTX1esDwl3QwsZUqh5hJF2k23kohVTLr66W1ZL/Im1e5Dvog3
Tq8bclGSM1HEzCksoAxZogsTwrk4T72/4VstC6Ih5vt8nTbgAx+5qgkO/1doxz/h
pvpCz2HEoJxqbC3bhvOgZmV1ajMDaCvy5pyYFuNF2cMbwyud3eDo2qPhZseKe3m7
4gJGIhij7jZdwgYTtNYfpIjiauqWyg6sTrVP09vBk2Qk5fHitWqbYCv5UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtt7WnJgZrExggcUygxLF+nTq6wMB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvMjIzdGFjbUJtc1RHQ0J4VEtERXNYNmRPcnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue3oMA0G
CSqGSIb3DQEBCwUAA4IBAQCV4FW4AKOPd4q+jVRV59jbYhNFSwoBO2UxQf50wOKj
zP2m2pOrwoNIwXGfcxc68ITHWplH8FIIWcttUhxubY8TTu6N/cQY1TDSB+nYvRGk
iiqAyA6vKDHQ+0km3uGV1Ncz4ir0x3bnZSTYWC9ehQKrp4LYlPJuNOkrs/ZI3vdZ
cvasGA2iZAcghL3K9aox3zC2lBh5mFeFthS7z4+4TdKVbMgD2Y+dK2JV71eLydo2
flxPTQRtcImdQHlN1D2ePw18CXcCjRafuYDExcZAhLeX471pT6RL8co1NssghNxM
0ptpqMzPcdaBLyIJU56z40bF+Csg3/IygQCB/XWzCr5m
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:50 2025 by rpki-client