Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/REDfmezAd3Tf365f6yfM6GcLmsM.roa
File: REDfmezAd3Tf365f6yfM6GcLmsM.roa (raw, json)
Hash identifier: Zv778Yaxmrb4kSV78CffGXsKGvzMwBx6rX3iagswKzA=
Subject key identifier: 44:40:DF:99:EC:C0:77:74:DF:DF:AE:5F:EB:27:CC:E8:67:0B:9A:C3
Certificate issuer: /CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Certificate serial: 023C4C03
Authority key identifier: 25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/REDfmezAd3Tf365f6yfM6GcLmsM.roa
Signing time: Sat 01 Jan 2022 07:04:22 +0000
ROA not before: Sat 01 Jan 2022 07:04:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 185.178.168.0/24 maxlen: 24
185.178.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37506051 (0x23c4c03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Validity
Not Before: Jan 1 07:04:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4440df99ecc07774dfdfae5feb27cce8670b9ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cd:50:ce:1e:90:8d:ff:55:d4:13:af:03:45:
f4:40:f4:f3:74:b4:c9:ea:89:94:da:42:5e:fe:cf:
7d:3d:7c:aa:ff:e0:95:a7:ef:7f:38:78:22:3a:cb:
08:59:97:60:1b:8d:96:0d:91:a6:38:76:a5:3e:43:
05:aa:6c:a3:0e:ff:4d:c7:30:0f:a9:c5:9e:65:9c:
2f:19:e4:e8:2c:6e:c4:2f:87:f7:35:15:a5:b0:a2:
39:32:f7:cf:d7:7b:de:62:5e:8a:5f:00:9b:fa:0e:
61:02:37:c4:e1:39:9c:47:f0:5a:a4:4e:d4:1e:99:
9f:f7:ce:70:05:df:2a:a6:00:8b:da:08:d4:3f:79:
6b:a6:fb:b4:dd:ff:23:75:79:f3:f5:70:5c:ef:99:
34:f6:cf:52:06:7e:85:64:2f:29:a1:1c:97:73:c9:
0e:ae:c5:17:05:f5:09:d0:96:da:45:4b:dc:1a:44:
ce:56:42:2d:df:9c:bf:da:77:f0:ff:c2:a1:89:a6:
4a:90:da:b1:41:aa:57:61:68:a5:9b:00:9a:7a:5c:
da:e3:f0:a4:8d:fa:cf:8e:7e:d4:a6:b3:56:99:d4:
7e:38:c6:1a:3f:87:eb:27:05:5b:80:19:79:fe:dc:
cd:ec:a9:6e:35:20:cb:b6:b7:3f:2a:9e:a5:2b:44:
85:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:40:DF:99:EC:C0:77:74:DF:DF:AE:5F:EB:27:CC:E8:67:0B:9A:C3
X509v3 Authority Key Identifier:
keyid:25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/REDfmezAd3Tf365f6yfM6GcLmsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/Ja5VGvC7XXl36nP2iW8l8eyij50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.168.0/24
185.178.170.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:cf:ce:82:65:4f:53:d7:b3:5e:5a:9a:da:86:7e:af:05:43:
6b:34:53:56:43:de:73:96:f9:3e:c5:5c:ae:34:cd:dd:72:47:
e3:fb:a2:8f:3d:aa:1a:f0:84:72:5f:64:48:35:15:2a:a7:66:
d1:64:f0:3e:31:8a:00:16:07:91:b0:b6:66:43:88:98:16:66:
78:84:f0:97:37:bc:79:f3:cc:8e:4e:8a:27:1f:56:6a:e3:e4:
93:fd:3b:ff:94:5f:8c:99:c0:ee:44:ae:d4:2f:b5:bc:da:12:
4c:04:11:92:1d:b4:ca:9c:94:2f:4b:21:eb:31:a7:b0:04:c6:
a3:15:be:9a:f9:0f:96:a6:0c:34:e4:9d:02:3c:3e:21:cb:21:
10:31:19:e2:16:bf:f8:db:b6:17:5d:ce:43:fc:53:f0:25:31:
8e:af:15:70:d9:1f:76:38:bf:ba:2f:aa:23:f4:e6:6f:2f:30:
ae:e8:1d:17:61:cf:f0:ca:e6:2f:19:5f:26:23:b8:8b:08:a9:
d4:f5:56:0d:af:7e:28:0a:4e:e5:de:c5:28:3b:db:82:69:2c:
43:88:9d:16:92:d7:52:33:12:99:ba:0d:75:c2:53:f5:ed:64:
51:a9:23:95:6f:86:15:3f:15:97:2d:ac:6c:7d:b1:7b:34:32:
6a:e3:a3:1f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAjxMAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NWFlNTUxYWYwYmI1ZDc5NzdlYTczZjY4OTZmMjVmMWVjYTI4ZjlkMB4XDTIyMDEw
MTA3MDQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ0MGRmOTllY2Mw
Nzc3NGRmZGZhZTVmZWIyN2NjZTg2NzBiOWFjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHNUM4ekI3/VdQTrwNF9ED083S0yeqJlNpCXv7PfT18qv/g
lafvfzh4IjrLCFmXYBuNlg2Rpjh2pT5DBapsow7/TccwD6nFnmWcLxnk6CxuxC+H
9zUVpbCiOTL3z9d73mJeil8Am/oOYQI3xOE5nEfwWqRO1B6Zn/fOcAXfKqYAi9oI
1D95a6b7tN3/I3V58/VwXO+ZNPbPUgZ+hWQvKaEcl3PJDq7FFwX1CdCW2kVL3BpE
zlZCLd+cv9p38P/CoYmmSpDasUGqV2FopZsAmnpc2uPwpI36z45+1KazVpnUfjjG
Gj+H6ycFW4AZef7czeypbjUgy7a3PyqepStEhXUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBREQN+Z7MB3dN/frl/rJ8zoZwuawzAfBgNVHSMEGDAWgBQlrlUa8LtdeXfq
c/aJbyXx7KKPnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0phNVZHdkM3WFhsMzZuUDJpVzhsOGV5aWo1MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvNDJmODFiLWM0MmMtNDI1NC1hYmI5LTIxNDJmOGZiNjc2ZS8x
L1JFRGZtZXpBZDNUZjM2NWY2eWZNNkdjTG1zTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
NDJmODFiLWM0MmMtNDI1NC1hYmI5LTIxNDJmOGZiNjc2ZS8xL0phNVZHdkM3WFhs
MzZuUDJpVzhsOGV5aWo1MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmyqAMEALmyqjANBgkqhkiG9w0B
AQsFAAOCAQEAHM/OgmVPU9ezXlqa2oZ+rwVDazRTVkPec5b5PsVcrjTN3XJH4/ui
jz2qGvCEcl9kSDUVKqdm0WTwPjGKABYHkbC2ZkOImBZmeITwlze8efPMjk6KJx9W
auPkk/07/5RfjJnA7kSu1C+1vNoSTAQRkh20ypyUL0sh6zGnsATGoxW+mvkPlqYM
NOSdAjw+IcshEDEZ4ha/+Nu2F13OQ/xT8CUxjq8VcNkfdji/ui+qI/Tmby8wrugd
F2HP8MrmLxlfJiO4iwip1PVWDa9+KApO5d7FKDvbgmksQ4idFpLXUjMSmboNdcJT
9e1kUakjlW+GFT8Vly2sbH2xezQyauOjHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:38 2025 by rpki-client