Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/c43uHolo1q84vwvo4gLJrku7-yI.roa
File: c43uHolo1q84vwvo4gLJrku7-yI.roa (raw, json)
Hash identifier: FrljlervdwJC1oC/zor/E8hB2MyGn/AzzfiWJxnj+w0=
Subject key identifier: 73:8D:EE:1E:89:68:D6:AF:38:BF:0B:E8:E2:02:C9:AE:4B:BB:FB:22
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 01857170A40AEB29F3ED6AFA19A526331E60
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/c43uHolo1q84vwvo4gLJrku7-yI.roa
Signing time: Mon 02 Jan 2023 07:44:45 +0000
ROA not before: Mon 02 Jan 2023 07:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 141.226.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:70:a4:0a:eb:29:f3:ed:6a:fa:19:a5:26:33:1e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 2 07:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=738dee1e8968d6af38bf0be8e202c9ae4bbbfb22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:26:c5:52:c0:40:f2:00:0f:19:95:1d:00:3f:
8f:16:c5:b0:53:b6:be:bb:c4:94:83:f9:fa:e1:67:
a0:54:79:8a:6c:73:1f:32:3c:cf:53:14:f0:87:9c:
b0:af:48:44:71:49:0e:d5:b8:f6:91:d4:94:75:b5:
48:f0:16:82:80:8f:9a:ec:88:3a:d5:3f:55:15:e8:
26:71:1b:fa:97:63:e6:da:f4:5c:01:5f:39:53:9f:
41:f9:5f:fc:f6:78:dc:6f:9f:c8:7a:5c:ba:fd:eb:
4e:9b:d2:6d:59:3b:b0:a0:83:f8:26:b1:57:eb:31:
a0:04:48:e8:0d:d5:5e:77:a9:ec:d4:3a:dc:1c:db:
d1:0b:14:72:00:b5:62:6b:e1:a3:d3:52:e4:c3:a3:
a7:dd:af:27:d4:88:f4:d1:13:f5:8c:00:e2:87:39:
02:8d:26:ba:4c:fa:59:85:e2:90:c0:55:a3:37:1c:
d8:cc:b3:11:a6:a9:60:0d:87:b5:ef:10:60:0d:fe:
53:10:c7:87:38:20:5b:48:df:75:94:98:95:1b:68:
42:5a:8a:f2:fc:b5:d4:3a:f5:ea:9a:2f:72:2c:ac:
0d:80:ab:53:5c:f1:54:2a:08:34:ce:93:60:22:8f:
27:28:a0:9f:f9:0a:ec:b4:31:2e:28:23:96:fa:93:
5c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8D:EE:1E:89:68:D6:AF:38:BF:0B:E8:E2:02:C9:AE:4B:BB:FB:22
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/c43uHolo1q84vwvo4gLJrku7-yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.241.0/24
Signature Algorithm: sha256WithRSAEncryption
38:f5:2b:c4:85:7f:81:25:0a:ef:38:80:83:02:0e:75:b9:a6:
8e:a5:c5:53:5d:97:c5:50:e5:86:23:ab:25:41:d1:b7:f9:bb:
4b:3c:3b:e4:a3:64:d4:0e:6f:b1:18:6c:28:7c:0c:f5:e4:50:
34:48:c8:28:21:52:03:93:86:da:0d:44:06:b2:f9:e9:d4:bc:
d7:40:29:3b:47:99:a1:e3:33:08:49:7e:b8:d5:bc:2d:f0:eb:
c0:77:ff:01:12:f9:03:dd:ef:94:8c:26:9a:c7:4f:b2:00:1f:
a1:fe:7a:1d:5f:2b:19:86:0d:13:04:9c:2a:8b:16:74:f8:bf:
b5:f1:1d:78:3a:4f:fe:64:05:62:1d:ff:a6:d8:3d:2f:f1:fc:
0e:ea:d6:74:ea:da:dc:ae:60:69:e1:70:b7:9d:a5:e6:5f:2d:
48:b3:74:80:5a:bf:c9:01:ec:a8:fb:91:bd:a9:75:4f:bb:c0:
32:de:e8:3f:82:eb:60:f4:24:05:ec:17:06:9b:52:92:81:13:
d9:bc:52:55:6c:a1:73:89:bd:06:b0:e2:cc:59:76:4d:ef:1f:
53:50:09:74:11:3f:ec:29:ca:fa:bb:d6:e6:c3:30:5c:0a:d9:
91:02:79:7b:a7:6d:05:e7:a7:d9:0b:26:a7:89:f8:87:23:f5:
49:45:7b:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxcKQK6ynz7Wr6GaUmMx5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjMwMTAyMDc0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzhkZWUxZTg5NjhkNmFmMzhiZjBiZThlMjAyYzlhZTRiYmJmYjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqybFUsBA8gAPGZUdAD+PFsWwU7a+
u8SUg/n64WegVHmKbHMfMjzPUxTwh5ywr0hEcUkO1bj2kdSUdbVI8BaCgI+a7Ig6
1T9VFegmcRv6l2Pm2vRcAV85U59B+V/89njcb5/Iely6/etOm9JtWTuwoIP4JrFX
6zGgBEjoDdVed6ns1DrcHNvRCxRyALVia+Gj01Lkw6On3a8n1Ij00RP1jADihzkC
jSa6TPpZheKQwFWjNxzYzLMRpqlgDYe17xBgDf5TEMeHOCBbSN91lJiVG2hCWory
/LXUOvXqmi9yLKwNgKtTXPFUKgg0zpNgIo8nKKCf+QrstDEuKCOW+pNc1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHON7h6JaNavOL8L6OICya5Lu/siMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvYzQzdUhvbG8xcTg0dnd2bzRnTEpya3U3LXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjeLxMA0G
CSqGSIb3DQEBCwUAA4IBAQA49SvEhX+BJQrvOICDAg51uaaOpcVTXZfFUOWGI6sl
QdG3+btLPDvko2TUDm+xGGwofAz15FA0SMgoIVIDk4baDUQGsvnp1LzXQCk7R5mh
4zMISX641bwt8OvAd/8BEvkD3e+UjCaax0+yAB+h/nodXysZhg0TBJwqixZ0+L+1
8R14Ok/+ZAViHf+m2D0v8fwO6tZ06trcrmBp4XC3naXmXy1Is3SAWr/JAeyo+5G9
qXVPu8Ay3ug/gutg9CQF7BcGm1KSgRPZvFJVbKFzib0GsOLMWXZN7x9TUAl0ET/s
Kcr6u9bmwzBcCtmRAnl7p20F56fZCyanifiHI/VJRXtC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:15 2025 by rpki-client