Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/1RsZyUpjtca3re59Bjd-bqKGNaM.roa
File: 1RsZyUpjtca3re59Bjd-bqKGNaM.roa (raw, json)
Hash identifier: eodrI9ho6HFv+CLBYjFCUN6nPQB/q0b2esPLiPsHkas=
Subject key identifier: D5:1B:19:C9:4A:63:B5:C6:B7:AD:EE:7D:06:37:7E:6E:A2:86:35:A3
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 018BB89600F7D8F7D12A4A2A96C3C2E9863E
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/1RsZyUpjtca3re59Bjd-bqKGNaM.roa
Signing time: Fri 10 Nov 2023 09:35:20 +0000
ROA not before: Fri 10 Nov 2023 09:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31083
IP address blocks: 185.52.50.0/24 maxlen: 24
185.52.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:96:00:f7:d8:f7:d1:2a:4a:2a:96:c3:c2:e9:86:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Nov 10 09:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d51b19c94a63b5c6b7adee7d06377e6ea28635a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:60:33:54:49:86:c2:be:0b:e8:99:2d:f7:ed:
70:13:af:f8:a4:04:4f:f6:c6:2d:8e:2f:a7:9d:b9:
27:f3:42:df:fe:57:80:2a:09:8a:26:a8:f8:63:ab:
3e:b3:8a:78:8f:5f:22:1f:0c:e5:3d:16:88:bb:4b:
54:d0:b3:98:dd:9b:85:31:6f:69:dd:09:f7:84:2f:
2b:25:10:78:25:18:eb:b5:24:f6:9e:b5:60:96:7e:
75:41:bb:87:d8:19:77:b6:94:a6:6f:8a:50:25:49:
1b:b1:50:49:8b:b5:34:ae:3a:1e:56:61:2d:b1:3a:
f3:33:bc:f9:78:c3:71:b2:a6:17:cd:40:35:1a:0a:
19:41:98:66:39:a3:9f:cf:d0:d5:0e:28:4f:72:31:
32:5e:d9:ed:7b:b0:46:4d:81:05:49:41:c1:22:09:
bf:9d:81:c7:d1:70:42:01:ff:b8:09:a8:38:d7:88:
07:fb:2f:e8:aa:8f:03:c1:c9:6c:b0:20:98:8d:5a:
58:93:fa:88:d6:10:4b:f9:5b:ef:9d:d3:af:a4:a9:
31:cd:c1:ce:9d:c7:29:4a:1e:9b:83:fa:d1:7a:ee:
c8:61:12:6c:7f:ed:55:4a:a5:9c:60:50:a1:a6:16:
19:6f:3a:c7:4d:86:cc:d4:eb:ac:dd:6c:9e:12:d7:
45:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:1B:19:C9:4A:63:B5:C6:B7:AD:EE:7D:06:37:7E:6E:A2:86:35:A3
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/1RsZyUpjtca3re59Bjd-bqKGNaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.50.0/23
Signature Algorithm: sha256WithRSAEncryption
69:62:dc:5b:14:a1:e0:c1:16:b8:f5:36:7e:5d:aa:b5:65:57:
29:8c:7b:05:08:5e:16:e8:22:1a:6b:63:ab:b9:45:df:69:93:
6c:dd:3a:12:81:9a:4e:11:e8:41:f7:b8:70:7e:25:71:6c:9d:
6f:44:5c:53:66:e3:51:93:98:18:f6:28:00:77:79:95:fd:b2:
7e:23:60:7e:fe:36:1e:aa:36:56:1a:84:ac:ba:9b:9d:81:f1:
24:1d:21:5c:00:5d:8b:11:46:1e:09:5d:1b:75:3e:26:92:87:
24:25:ec:99:03:a8:74:ce:eb:af:d4:25:33:74:df:e8:5e:bb:
95:91:65:be:b9:cb:70:06:09:c2:c3:96:8c:e2:fe:cf:f2:a4:
99:90:e0:be:a0:6e:30:57:cd:a7:94:43:c7:0a:a7:7e:1e:0a:
20:50:9a:80:13:eb:0f:a5:b6:d8:96:37:82:a1:4d:e1:f1:5a:
43:99:fd:e4:c1:5c:28:88:b2:29:15:8d:28:c1:2a:90:69:c7:
13:cd:1b:85:e3:bc:f6:39:52:7b:59:8c:06:9a:84:99:f4:df:
81:9e:c9:cb:0f:ca:1a:55:8f:4c:d7:95:73:a7:8b:21:de:5b:
8b:16:98:d6:96:c5:b5:81:91:c5:4a:46:37:11:71:4c:76:76:
65:e9:1d:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu4lgD32PfRKkoqlsPC6YY+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjMxMTEwMDkzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTFiMTljOTRhNjNiNWM2YjdhZGVlN2QwNjM3N2U2ZWEyODYzNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymAzVEmGwr4L6Jkt9+1wE6/4pARP
9sYtji+nnbkn80Lf/leAKgmKJqj4Y6s+s4p4j18iHwzlPRaIu0tU0LOY3ZuFMW9p
3Qn3hC8rJRB4JRjrtST2nrVgln51QbuH2Bl3tpSmb4pQJUkbsVBJi7U0rjoeVmEt
sTrzM7z5eMNxsqYXzUA1GgoZQZhmOaOfz9DVDihPcjEyXtnte7BGTYEFSUHBIgm/
nYHH0XBCAf+4Cag414gH+y/oqo8DwclssCCYjVpYk/qI1hBL+VvvndOvpKkxzcHO
nccpSh6bg/rReu7IYRJsf+1VSqWcYFChphYZbzrHTYbM1Ous3WyeEtdF2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUbGclKY7XGt63ufQY3fm6ihjWjMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvMVJzWnlVcGp0Y2EzcmU1OUJqZC1icUtHTmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTQyMA0G
CSqGSIb3DQEBCwUAA4IBAQBpYtxbFKHgwRa49TZ+Xaq1ZVcpjHsFCF4W6CIaa2Or
uUXfaZNs3ToSgZpOEehB97hwfiVxbJ1vRFxTZuNRk5gY9igAd3mV/bJ+I2B+/jYe
qjZWGoSsupudgfEkHSFcAF2LEUYeCV0bdT4mkockJeyZA6h0zuuv1CUzdN/oXruV
kWW+uctwBgnCw5aM4v7P8qSZkOC+oG4wV82nlEPHCqd+HgogUJqAE+sPpbbYljeC
oU3h8VpDmf3kwVwoiLIpFY0owSqQaccTzRuF47z2OVJ7WYwGmoSZ9N+BnsnLD8oa
VY9M15Vzp4sh3luLFpjWlsW1gZHFSkY3EXFMdnZl6R3K
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:16:14 2025 by rpki-client