Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pfC8raNRF20mtXDxYNdEnq89IBw.roa
File: pfC8raNRF20mtXDxYNdEnq89IBw.roa (raw, json)
Hash identifier: sof48s7Xkfr+rX6UDIKhsnpaD+Yq7dMTjehXRdVuCeU=
Subject key identifier: A5:F0:BC:AD:A3:51:17:6D:26:B5:70:F1:60:D7:44:9E:AF:3D:20:1C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709526F586AA0E35C9E3BDDBE5A6AA29
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pfC8raNRF20mtXDxYNdEnq89IBw.roa
Signing time: Mon 02 Jan 2023 03:45:01 +0000
ROA not before: Mon 02 Jan 2023 03:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43680
IP address blocks: 185.67.254.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:26:f5:86:aa:0e:35:c9:e3:bd:db:e5:a6:aa:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5f0bcada351176d26b570f160d7449eaf3d201c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:81:04:c8:e0:59:4f:29:e8:76:30:08:f5:85:
53:5b:8b:7f:5c:6c:6f:f4:f3:5a:35:3b:ff:c4:f8:
15:7a:ff:18:0d:ce:f1:64:df:d5:59:ce:9b:0e:f0:
9f:83:c4:aa:1b:f9:b3:2a:48:dc:87:bf:e0:c1:e9:
dd:aa:2e:00:d0:cf:8b:78:72:98:01:c8:78:d9:32:
11:6f:d7:f0:40:ab:65:55:ef:b7:99:9f:25:3e:2b:
68:2c:39:b9:5d:54:2d:08:7a:d8:a2:33:64:c1:14:
ba:18:d7:85:0c:8f:11:f2:00:39:b8:ba:92:39:a5:
d3:e2:97:ae:6d:82:37:bc:82:da:6d:bc:81:cf:9f:
0d:7a:dd:d9:40:62:0c:97:7f:e3:61:08:58:86:6e:
97:0f:c8:19:02:d1:2a:00:32:d4:7f:62:7b:99:85:
6b:43:a0:c9:99:d0:e0:9d:5d:ed:de:78:d3:11:18:
99:74:9b:82:f6:1b:36:b0:f7:15:59:06:47:da:d2:
33:76:37:c7:39:2a:78:89:84:2d:45:ba:26:e4:71:
89:fd:bc:64:49:9f:e9:e0:0f:d7:b8:96:d3:b6:f9:
71:05:c7:1a:fb:f1:b3:01:6d:25:c3:1a:28:3f:86:
d1:02:2c:08:f0:03:2a:10:9e:f9:f8:94:78:be:4e:
71:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F0:BC:AD:A3:51:17:6D:26:B5:70:F1:60:D7:44:9E:AF:3D:20:1C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pfC8raNRF20mtXDxYNdEnq89IBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.254.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:28:ed:e5:8d:b4:c8:ca:a2:53:2e:bd:ef:ca:b0:f7:53:c5:
f5:31:26:b7:69:43:f5:30:22:86:95:10:27:bb:7f:13:ce:58:
70:8a:8a:5b:a2:3d:3e:57:53:16:54:29:2b:1d:a7:a0:3f:ec:
1f:46:41:7a:d6:10:50:6a:db:f4:4d:c2:81:00:a7:87:57:da:
79:62:55:96:4e:0b:f0:66:15:b6:2b:ad:86:02:9a:bb:26:ae:
41:27:a7:a1:52:c4:65:4e:cc:ee:75:50:b6:36:53:62:7d:4a:
02:3d:e6:10:d0:34:89:fd:9b:c4:7f:01:cb:b5:c2:7e:d7:a4:
f8:be:38:3d:1d:10:d0:aa:89:fb:08:a5:1d:10:af:c2:cd:b2:
38:04:e4:b0:b1:75:fd:a9:f8:6f:d6:17:41:e5:8f:dd:4b:07:
89:4d:e4:68:a7:fc:ef:af:9e:41:03:b1:05:84:41:be:4d:a4:
93:50:ea:ed:be:b7:e7:64:9f:21:4a:6e:09:5c:39:67:57:c4:
4b:01:cd:43:c4:18:96:c0:15:f4:c4:6c:cc:cf:9d:e2:6f:0a:
ab:00:2c:40:69:36:a7:8e:46:a0:82:d5:e8:6c:df:7d:bd:1e:
43:a1:00:b1:bb:7b:24:3b:4f:45:15:fc:5e:56:5f:09:bf:cc:
0c:8a:47:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlSb1hqoONcnjvdvlpqopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWYwYmNhZGEzNTExNzZkMjZiNTcwZjE2MGQ3NDQ5ZWFmM2QyMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIEEyOBZTynodjAI9YVTW4t/XGxv
9PNaNTv/xPgVev8YDc7xZN/VWc6bDvCfg8SqG/mzKkjch7/gwendqi4A0M+LeHKY
Ach42TIRb9fwQKtlVe+3mZ8lPitoLDm5XVQtCHrYojNkwRS6GNeFDI8R8gA5uLqS
OaXT4peubYI3vILabbyBz58Net3ZQGIMl3/jYQhYhm6XD8gZAtEqADLUf2J7mYVr
Q6DJmdDgnV3t3njTERiZdJuC9hs2sPcVWQZH2tIzdjfHOSp4iYQtRbom5HGJ/bxk
SZ/p4A/XuJbTtvlxBcca+/GzAW0lwxooP4bRAiwI8AMqEJ75+JR4vk5xhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXwvK2jURdtJrVw8WDXRJ6vPSAcMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvcGZDOHJhTlJGMjBtdFhEeFlOZEVucTg5SUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUP+MA0G
CSqGSIb3DQEBCwUAA4IBAQBbKO3ljbTIyqJTLr3vyrD3U8X1MSa3aUP1MCKGlRAn
u38Tzlhwiopboj0+V1MWVCkrHaegP+wfRkF61hBQatv0TcKBAKeHV9p5YlWWTgvw
ZhW2K62GApq7Jq5BJ6ehUsRlTszudVC2NlNifUoCPeYQ0DSJ/ZvEfwHLtcJ+16T4
vjg9HRDQqon7CKUdEK/CzbI4BOSwsXX9qfhv1hdB5Y/dSweJTeRop/zvr55BA7EF
hEG+TaSTUOrtvrfnZJ8hSm4JXDlnV8RLAc1DxBiWwBX0xGzMz53ibwqrACxAaTan
jkaggtXobN99vR5DoQCxu3skO09FFfxeVl8Jv8wMikcn
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:26 2025 by rpki-client