Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bfb423-da69-4265-95e5-f47ae7ddaec0/1/7Hck4c3LPN9BassAnT3Ho4qdLwQ.roa
File: 7Hck4c3LPN9BassAnT3Ho4qdLwQ.roa (raw, json)
Hash identifier: ZKHAGrxuvaedzZrUW+VqHfUvq3n6m65tW4kdgCQ38eM=
Subject key identifier: EC:77:24:E1:CD:CB:3C:DF:41:6A:CB:00:9D:3D:C7:A3:8A:9D:2F:04
Certificate issuer: /CN=69ca7c17232db063491cfa585203369ffbeb76ed
Certificate serial: 018C3EA33EBF3E9649841FDDCC4C0225BBC1
Authority key identifier: 69:CA:7C:17:23:2D:B0:63:49:1C:FA:58:52:03:36:9F:FB:EB:76:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/acp8FyMtsGNJHPpYUgM2n_vrdu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/bfb423-da69-4265-95e5-f47ae7ddaec0/1/7Hck4c3LPN9BassAnT3Ho4qdLwQ.roa
Signing time: Wed 06 Dec 2023 10:18:54 +0000
ROA not before: Wed 06 Dec 2023 10:18:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51020
IP address blocks: 185.65.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:a3:3e:bf:3e:96:49:84:1f:dd:cc:4c:02:25:bb:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69ca7c17232db063491cfa585203369ffbeb76ed
Validity
Not Before: Dec 6 10:18:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec7724e1cdcb3cdf416acb009d3dc7a38a9d2f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:8e:64:72:89:6e:b3:5e:35:87:75:96:8d:
aa:fb:f3:99:30:92:7c:c2:e0:4a:09:40:6a:28:28:
1e:96:10:54:b9:6c:55:02:6d:5b:7e:0b:bc:e6:5f:
48:a2:b1:72:cd:34:68:98:3e:d0:28:8f:91:99:85:
bf:af:be:d3:15:1d:34:d5:0f:18:ca:97:5b:71:5f:
ed:42:57:ef:bd:50:b4:d4:25:13:3f:07:52:20:cf:
06:33:ac:e7:45:e1:93:6c:a6:e9:1e:da:7e:a5:3c:
84:f3:28:dd:ba:66:5a:d8:57:33:f5:aa:40:08:71:
cf:a4:2a:5d:af:d8:d9:de:c5:5c:4f:53:34:a1:72:
b0:7f:30:1b:25:a8:9b:f6:db:d2:1f:fa:26:08:8d:
92:27:3f:25:e6:50:c8:95:34:3b:e6:ca:f2:d9:34:
09:c7:4d:31:92:67:e3:fb:27:48:82:d2:8f:93:da:
c4:c3:4e:33:b9:72:46:3f:92:8c:19:3f:c0:7d:a8:
64:39:b1:c5:24:29:4c:8d:49:11:4e:7c:ed:e8:bb:
8e:9f:37:76:23:39:27:a2:34:0b:19:f7:fb:01:9b:
80:54:ca:93:50:51:f2:de:7c:76:59:af:7b:5c:ec:
27:39:ea:d6:28:13:aa:e5:a3:78:49:2f:47:92:75:
b1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:77:24:E1:CD:CB:3C:DF:41:6A:CB:00:9D:3D:C7:A3:8A:9D:2F:04
X509v3 Authority Key Identifier:
keyid:69:CA:7C:17:23:2D:B0:63:49:1C:FA:58:52:03:36:9F:FB:EB:76:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/acp8FyMtsGNJHPpYUgM2n_vrdu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bfb423-da69-4265-95e5-f47ae7ddaec0/1/7Hck4c3LPN9BassAnT3Ho4qdLwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bfb423-da69-4265-95e5-f47ae7ddaec0/1/acp8FyMtsGNJHPpYUgM2n_vrdu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.252.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:21:fb:ac:a5:93:e9:05:5a:59:bd:da:d9:a8:1b:63:2d:2a:
09:e1:94:aa:cd:be:c3:3e:59:25:07:53:ad:af:ae:ec:b3:db:
6d:04:84:12:48:f9:34:cd:5a:36:6b:e3:1c:fb:cd:b7:91:33:
6b:d4:03:56:c8:36:bb:a5:42:38:ab:03:75:31:04:bc:7f:61:
6b:a7:b0:0e:90:36:04:17:e6:22:66:34:34:58:aa:4a:ac:4a:
4b:09:08:12:3d:9c:af:20:0a:d4:7f:66:bc:9f:00:a4:e1:cb:
16:fe:aa:c4:36:48:4c:8d:16:3f:ea:0a:d4:19:9c:c9:31:10:
e0:50:ff:d1:32:54:d0:f5:77:5b:7f:b1:ea:33:60:6d:92:36:
4d:7c:3c:82:60:4e:dd:62:1f:c8:c8:d6:19:84:89:c6:6e:47:
4c:3c:6a:f9:b2:80:6b:dd:b1:a7:9c:05:f3:1d:e9:f2:df:4d:
bf:3a:c4:a0:c3:43:1c:cb:ad:35:f3:1b:49:ce:9e:c8:f0:0f:
e9:9a:12:14:fd:b1:53:14:9d:66:3a:f7:88:ae:a4:19:fc:20:
4e:e4:d6:b7:fe:9e:a3:10:16:33:c1:9c:88:ac:ad:59:2d:fc:
08:6e:d1:5d:89:63:b2:a3:6d:2d:2d:a6:0e:75:f8:74:16:99:
f9:51:87:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw+oz6/PpZJhB/dzEwCJbvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5Y2E3YzE3MjMyZGIwNjM0OTFjZmE1ODUyMDMzNjlmZmJl
Yjc2ZWQwHhcNMjMxMjA2MTAxODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc3MjRlMWNkY2IzY2RmNDE2YWNiMDA5ZDNkYzdhMzhhOWQyZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhuOZHKJbrNeNYd1lo2q+/OZMJJ8
wuBKCUBqKCgelhBUuWxVAm1bfgu85l9IorFyzTRomD7QKI+RmYW/r77TFR001Q8Y
ypdbcV/tQlfvvVC01CUTPwdSIM8GM6znReGTbKbpHtp+pTyE8yjdumZa2Fcz9apA
CHHPpCpdr9jZ3sVcT1M0oXKwfzAbJaib9tvSH/omCI2SJz8l5lDIlTQ75sry2TQJ
x00xkmfj+ydIgtKPk9rEw04zuXJGP5KMGT/AfahkObHFJClMjUkRTnzt6LuOnzd2
IzknojQLGff7AZuAVMqTUFHy3nx2Wa97XOwnOerWKBOq5aN4SS9HknWx6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOx3JOHNyzzfQWrLAJ09x6OKnS8EMB8GA1UdIwQY
MBaAFGnKfBcjLbBjSRz6WFIDNp/763btMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWNwOEZ5TXRzR05KSFBwWVVnTTJuX3ZyZHUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iZmI0MjMtZGE2OS00MjY1LTk1ZTUt
ZjQ3YWU3ZGRhZWMwLzEvN0hjazRjM0xQTjlCYXNzQW5UM0hvNHFkTHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iZmI0MjMtZGE2OS00MjY1LTk1ZTUtZjQ3YWU3ZGRhZWMw
LzEvYWNwOEZ5TXRzR05KSFBwWVVnTTJuX3ZyZHUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUH8MA0G
CSqGSIb3DQEBCwUAA4IBAQAMIfuspZPpBVpZvdrZqBtjLSoJ4ZSqzb7DPlklB1Ot
r67ss9ttBIQSSPk0zVo2a+Mc+823kTNr1ANWyDa7pUI4qwN1MQS8f2Frp7AOkDYE
F+YiZjQ0WKpKrEpLCQgSPZyvIArUf2a8nwCk4csW/qrENkhMjRY/6grUGZzJMRDg
UP/RMlTQ9Xdbf7HqM2BtkjZNfDyCYE7dYh/IyNYZhInGbkdMPGr5soBr3bGnnAXz
Heny302/OsSgw0Mcy6018xtJzp7I8A/pmhIU/bFTFJ1mOveIrqQZ/CBO5Na3/p6j
EBYzwZyIrK1ZLfwIbtFdiWOyo20tLaYOdfh0Fpn5UYeU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:23 2025 by rpki-client