Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/26fb11-2d00-4e7b-b297-5212db9754f4/1/IvVD7ZXCBZRkWf-SLThs2vxG360.roa
File: IvVD7ZXCBZRkWf-SLThs2vxG360.roa (raw, json)
Hash identifier: yp03VtmQTIUmFMDBkXCVPUMsIW4v+/XWAkSNxkWnY04=
Subject key identifier: 22:F5:43:ED:95:C2:05:94:64:59:FF:92:2D:38:6C:DA:FC:46:DF:AD
Certificate issuer: /CN=f3d85c47d0b7d6dc5ddda08572b6454c1059512c
Certificate serial: 01856F26CD3C4499614151EDAE27633E0164
Authority key identifier: F3:D8:5C:47:D0:B7:D6:DC:5D:DD:A0:85:72:B6:45:4C:10:59:51:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/89hcR9C31txd3aCFcrZFTBBZUSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/26fb11-2d00-4e7b-b297-5212db9754f4/1/IvVD7ZXCBZRkWf-SLThs2vxG360.roa
Signing time: Sun 01 Jan 2023 21:04:51 +0000
ROA not before: Sun 01 Jan 2023 21:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203153
IP address blocks: 212.73.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:cd:3c:44:99:61:41:51:ed:ae:27:63:3e:01:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3d85c47d0b7d6dc5ddda08572b6454c1059512c
Validity
Not Before: Jan 1 21:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22f543ed95c205946459ff922d386cdafc46dfad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:06:18:02:f5:50:2f:fe:24:c1:92:fb:f3:19:
36:f9:40:1a:52:f8:a8:00:70:5c:5c:1c:f4:4f:65:
0e:5d:4e:51:3b:97:71:82:33:f4:41:c3:8e:a2:74:
08:bc:0f:28:48:17:26:12:4e:74:d4:11:0e:c2:9d:
6a:3a:4b:fa:d2:57:29:2b:a1:0a:2d:f8:02:fa:3f:
74:55:f2:4b:6b:a5:25:4e:d2:46:c7:9f:3e:a5:3d:
f4:74:d4:d9:5a:0c:66:95:85:80:23:1a:5a:a2:c0:
51:90:e9:04:7e:56:d3:13:ae:e6:1f:9b:dd:10:e1:
17:d2:c1:b8:7e:63:6c:c0:00:8d:45:9b:ae:f5:4a:
fd:a5:1a:d6:a0:b4:fd:69:b3:41:5a:9e:e3:0e:63:
29:6a:08:3f:bb:38:f5:54:7d:b8:d6:25:dc:48:9f:
b9:05:2e:a2:dc:28:a6:92:56:de:ac:04:ac:7e:91:
b4:f8:09:31:2f:29:84:b4:73:a6:8f:fc:1e:15:e6:
e7:cf:af:67:1e:a4:1f:b8:c1:14:87:8d:6c:a3:4a:
0f:d4:4c:73:e3:ea:b2:84:df:65:48:a5:64:f5:52:
6a:12:c9:3a:73:95:0d:d5:24:98:35:ed:d5:2e:6f:
0c:6c:47:ab:fd:a3:7e:b6:8c:67:25:63:46:93:7d:
6a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F5:43:ED:95:C2:05:94:64:59:FF:92:2D:38:6C:DA:FC:46:DF:AD
X509v3 Authority Key Identifier:
keyid:F3:D8:5C:47:D0:B7:D6:DC:5D:DD:A0:85:72:B6:45:4C:10:59:51:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/89hcR9C31txd3aCFcrZFTBBZUSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/26fb11-2d00-4e7b-b297-5212db9754f4/1/IvVD7ZXCBZRkWf-SLThs2vxG360.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/26fb11-2d00-4e7b-b297-5212db9754f4/1/89hcR9C31txd3aCFcrZFTBBZUSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.73.154.0/24
Signature Algorithm: sha256WithRSAEncryption
29:ce:93:f1:bc:44:79:d8:ef:f3:4a:f3:f0:97:87:12:f6:e2:
d5:2c:44:c3:8c:11:10:1f:51:f3:3a:07:3e:8b:68:aa:8d:4b:
9d:22:08:99:90:ac:66:37:95:69:53:9e:1d:6a:0f:b8:21:48:
c4:a5:a6:52:08:71:29:9d:9c:71:f5:10:d2:d0:e7:11:fe:28:
cd:c2:92:85:d8:2e:a1:c9:18:74:0d:ca:40:81:7c:65:07:84:
de:9c:b6:ab:67:3d:99:6b:4b:4a:a6:ff:e6:2b:cf:b7:18:0b:
db:95:f8:33:f1:9f:d7:b0:4f:6b:d7:15:99:52:99:34:65:bb:
36:ab:d6:50:30:ab:c3:92:2d:6d:a8:4f:dc:c9:f0:92:b6:7c:
dc:46:3c:3c:98:f9:7c:71:8a:59:95:a3:2b:e5:ae:53:f8:e0:
19:4b:ee:c1:40:34:50:7b:07:f8:c8:9b:7f:99:54:00:d6:20:
a0:7a:c6:8f:a4:61:b8:43:7f:14:7d:e3:49:ce:82:7b:8f:95:
d4:d3:87:1d:6a:df:0c:65:4b:b0:c8:e1:4a:92:c0:fc:51:e3:
36:00:1b:d4:62:de:04:24:91:21:ff:9b:f4:6c:54:41:7b:f3:
ce:0b:e7:48:f2:6d:c0:1c:f0:c7:6f:e6:c8:3d:f3:ef:25:30:
a7:49:2e:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJs08RJlhQVHtridjPgFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZDg1YzQ3ZDBiN2Q2ZGM1ZGRkYTA4NTcyYjY0NTRjMTA1
OTUxMmMwHhcNMjMwMTAxMjEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmY1NDNlZDk1YzIwNTk0NjQ1OWZmOTIyZDM4NmNkYWZjNDZkZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQYYAvVQL/4kwZL78xk2+UAaUvio
AHBcXBz0T2UOXU5RO5dxgjP0QcOOonQIvA8oSBcmEk501BEOwp1qOkv60lcpK6EK
LfgC+j90VfJLa6UlTtJGx58+pT30dNTZWgxmlYWAIxpaosBRkOkEflbTE67mH5vd
EOEX0sG4fmNswACNRZuu9Ur9pRrWoLT9abNBWp7jDmMpagg/uzj1VH241iXcSJ+5
BS6i3CimklberASsfpG0+AkxLymEtHOmj/weFebnz69nHqQfuMEUh41so0oP1Exz
4+qyhN9lSKVk9VJqEsk6c5UN1SSYNe3VLm8MbEer/aN+toxnJWNGk31q5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCL1Q+2VwgWUZFn/ki04bNr8Rt+tMB8GA1UdIwQY
MBaAFPPYXEfQt9bcXd2ghXK2RUwQWVEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODloY1I5QzMxdHhkM2FDRmNyWkZUQkJaVVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yNmZiMTEtMmQwMC00ZTdiLWIyOTct
NTIxMmRiOTc1NGY0LzEvSXZWRDdaWENCWlJrV2YtU0xUaHMydnhHMzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yNmZiMTEtMmQwMC00ZTdiLWIyOTctNTIxMmRiOTc1NGY0
LzEvODloY1I5QzMxdHhkM2FDRmNyWkZUQkJaVVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EmaMA0G
CSqGSIb3DQEBCwUAA4IBAQApzpPxvER52O/zSvPwl4cS9uLVLETDjBEQH1HzOgc+
i2iqjUudIgiZkKxmN5VpU54dag+4IUjEpaZSCHEpnZxx9RDS0OcR/ijNwpKF2C6h
yRh0DcpAgXxlB4TenLarZz2Za0tKpv/mK8+3GAvblfgz8Z/XsE9r1xWZUpk0Zbs2
q9ZQMKvDki1tqE/cyfCStnzcRjw8mPl8cYpZlaMr5a5T+OAZS+7BQDRQewf4yJt/
mVQA1iCgesaPpGG4Q38UfeNJzoJ7j5XU04cdat8MZUuwyOFKksD8UeM2ABvUYt4E
JJEh/5v0bFRBe/POC+dI8m3AHPDHb+bIPfPvJTCnSS64
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:10 2025 by rpki-client