Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6d85ea-f74a-464b-b4a2-22c08dcbf572/1/7oE1efAFdbE6BDjdwrOd8qXRhmA.roa
File: 7oE1efAFdbE6BDjdwrOd8qXRhmA.roa (raw, json)
Hash identifier: yo6XLWZnoz+J/k+HXba7Fav8dzWPRulDZfaOpGsYpFg=
Subject key identifier: EE:81:35:79:F0:05:75:B1:3A:04:38:DD:C2:B3:9D:F2:A5:D1:86:60
Certificate issuer: /CN=a5d4a5a5d14c8a3b8cb94d1cb46c0d6e2a1c4847
Certificate serial: 01856E5D5C1AC9481C3DB5A8F6FD8F983874
Authority key identifier: A5:D4:A5:A5:D1:4C:8A:3B:8C:B9:4D:1C:B4:6C:0D:6E:2A:1C:48:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdSlpdFMijuMuU0ctGwNbiocSEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/6d85ea-f74a-464b-b4a2-22c08dcbf572/1/7oE1efAFdbE6BDjdwrOd8qXRhmA.roa
Signing time: Sun 01 Jan 2023 17:24:50 +0000
ROA not before: Sun 01 Jan 2023 17:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205889
IP address blocks: 185.185.172.0/24 maxlen: 24
185.185.174.0/24 maxlen: 24
185.185.175.0/24 maxlen: 24
185.185.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:5c:1a:c9:48:1c:3d:b5:a8:f6:fd:8f:98:38:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5d4a5a5d14c8a3b8cb94d1cb46c0d6e2a1c4847
Validity
Not Before: Jan 1 17:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee813579f00575b13a0438ddc2b39df2a5d18660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:49:75:41:93:0b:ac:86:51:8d:f7:08:c2:ad:
c1:d9:75:1e:ab:41:ec:f9:9a:e3:70:18:4e:b4:df:
cf:d1:b0:e1:b8:e7:51:6f:18:62:5f:2f:b0:45:2e:
27:89:45:49:45:d6:58:65:23:0e:6e:67:f2:09:a4:
9d:75:51:18:11:29:14:f6:cb:2e:20:72:e3:f8:fe:
c3:3f:4b:df:8f:3c:a3:a8:47:91:e3:0a:42:a0:4f:
55:f6:69:99:c3:0e:98:fd:8f:97:dd:70:f1:d1:52:
f9:4f:81:6a:59:27:c6:31:3c:e2:a9:ee:3c:c4:d0:
9c:1d:0f:71:e3:f6:93:96:e4:b4:61:de:d8:8c:fa:
4a:13:2e:06:0d:b1:b7:91:63:3f:d9:66:b0:bc:e2:
d5:f5:3d:e2:7d:87:cb:0c:c2:f4:4b:c4:7c:f8:63:
5e:b8:70:5e:db:dd:b6:0d:bf:25:17:6e:8b:07:01:
30:57:18:8c:2d:65:15:63:c4:ba:35:03:21:3c:cb:
3a:17:84:b3:0e:85:b2:f0:27:d7:21:a9:be:3b:92:
af:9d:00:75:06:0e:74:0b:9b:ef:71:57:31:d5:e7:
6e:d3:90:70:1d:84:ee:f4:f6:2d:4d:a2:39:d4:f6:
ff:ce:f3:83:99:5d:8b:16:d4:b8:fe:5b:d6:5c:6b:
2b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:81:35:79:F0:05:75:B1:3A:04:38:DD:C2:B3:9D:F2:A5:D1:86:60
X509v3 Authority Key Identifier:
keyid:A5:D4:A5:A5:D1:4C:8A:3B:8C:B9:4D:1C:B4:6C:0D:6E:2A:1C:48:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdSlpdFMijuMuU0ctGwNbiocSEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6d85ea-f74a-464b-b4a2-22c08dcbf572/1/7oE1efAFdbE6BDjdwrOd8qXRhmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6d85ea-f74a-464b-b4a2-22c08dcbf572/1/pdSlpdFMijuMuU0ctGwNbiocSEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.172.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:da:bb:06:9c:9a:f0:8f:b4:4c:80:1d:89:bf:1f:f1:cf:4f:
4c:fb:44:55:86:00:e6:50:c7:23:ce:dd:b3:e8:60:12:4b:91:
67:31:6f:e3:e3:b7:40:24:26:63:4f:b0:e2:03:1f:0a:9c:4b:
06:03:9d:03:da:ce:7f:f1:0e:1a:2a:c1:62:fc:e9:0c:5a:e9:
53:4f:8c:3a:b3:17:a8:fe:4d:be:05:5b:f4:21:3f:48:1d:0c:
90:fb:0e:d9:85:d4:83:0a:ea:a7:67:7d:4d:c5:2b:72:5c:a6:
a4:f9:85:b5:3e:16:7c:87:da:bd:f7:15:85:80:ed:b4:67:20:
80:d7:00:f6:d8:b6:9b:98:19:60:2f:be:e9:5b:dc:00:5d:c5:
96:2a:92:cb:f1:ad:94:bf:4b:26:c7:e5:b8:13:ac:8f:98:54:
4f:29:5d:90:13:37:94:82:f4:de:6c:39:82:66:a6:1a:fa:28:
61:f0:15:54:98:0d:48:c8:38:26:a9:07:95:24:c5:76:e2:58:
68:14:e7:64:30:5d:12:ae:d2:e3:ba:32:a1:67:df:52:0a:a3:
95:92:df:9a:56:37:64:4a:db:2c:8c:e3:20:cc:0c:4b:64:20:
ab:c9:6d:8f:c1:53:ec:39:ce:04:1b:da:c8:43:6e:01:4d:2c:
b0:8f:5e:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXVwayUgcPbWo9v2PmDh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZDRhNWE1ZDE0YzhhM2I4Y2I5NGQxY2I0NmMwZDZlMmEx
YzQ4NDcwHhcNMjMwMTAxMTcyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTgxMzU3OWYwMDU3NWIxM2EwNDM4ZGRjMmIzOWRmMmE1ZDE4NjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0l1QZMLrIZRjfcIwq3B2XUeq0Hs
+ZrjcBhOtN/P0bDhuOdRbxhiXy+wRS4niUVJRdZYZSMObmfyCaSddVEYESkU9ssu
IHLj+P7DP0vfjzyjqEeR4wpCoE9V9mmZww6Y/Y+X3XDx0VL5T4FqWSfGMTziqe48
xNCcHQ9x4/aTluS0Yd7YjPpKEy4GDbG3kWM/2WawvOLV9T3ifYfLDML0S8R8+GNe
uHBe2922Db8lF26LBwEwVxiMLWUVY8S6NQMhPMs6F4SzDoWy8CfXIam+O5KvnQB1
Bg50C5vvcVcx1edu05BwHYTu9PYtTaI51Pb/zvODmV2LFtS4/lvWXGsrLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6BNXnwBXWxOgQ43cKznfKl0YZgMB8GA1UdIwQY
MBaAFKXUpaXRTIo7jLlNHLRsDW4qHEhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGRTbHBkRk1panVNdVUwY3RHd05iaW9jU0VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82ZDg1ZWEtZjc0YS00NjRiLWI0YTIt
MjJjMDhkY2JmNTcyLzEvN29FMWVmQUZkYkU2QkRqZHdyT2Q4cVhSaG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82ZDg1ZWEtZjc0YS00NjRiLWI0YTItMjJjMDhkY2JmNTcy
LzEvcGRTbHBkRk1panVNdVUwY3RHd05iaW9jU0VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubmsMA0G
CSqGSIb3DQEBCwUAA4IBAQAL2rsGnJrwj7RMgB2Jvx/xz09M+0RVhgDmUMcjzt2z
6GASS5FnMW/j47dAJCZjT7DiAx8KnEsGA50D2s5/8Q4aKsFi/OkMWulTT4w6sxeo
/k2+BVv0IT9IHQyQ+w7ZhdSDCuqnZ31NxStyXKak+YW1PhZ8h9q99xWFgO20ZyCA
1wD22LabmBlgL77pW9wAXcWWKpLL8a2Uv0smx+W4E6yPmFRPKV2QEzeUgvTebDmC
ZqYa+ihh8BVUmA1IyDgmqQeVJMV24lhoFOdkMF0SrtLjujKhZ99SCqOVkt+aVjdk
StssjOMgzAxLZCCryW2PwVPsOc4EG9rIQ24BTSywj16v
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:06 2025 by rpki-client