Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8c9f19-a700-4832-be21-b0d5e8be853c/1/C7tSVpq-D6Tp9hJX8YAi6ULp-RA.roa
File: C7tSVpq-D6Tp9hJX8YAi6ULp-RA.roa (raw, json)
Hash identifier: hdFj6ZjqjMa+xhYF49EkhQpNGJYgge7x+dEN0vAA+LE=
Subject key identifier: 0B:BB:52:56:9A:BE:0F:A4:E9:F6:12:57:F1:80:22:E9:42:E9:F9:10
Certificate issuer: /CN=e4457636e5ad66e1f0fbb2c10df29095e63e992f
Certificate serial: 01856CAF3B48B1106DFECAA9AF80A70ABDEE
Authority key identifier: E4:45:76:36:E5:AD:66:E1:F0:FB:B2:C1:0D:F2:90:95:E6:3E:99:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5EV2NuWtZuHw-7LBDfKQleY-mS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8c9f19-a700-4832-be21-b0d5e8be853c/1/C7tSVpq-D6Tp9hJX8YAi6ULp-RA.roa
Signing time: Sun 01 Jan 2023 09:35:01 +0000
ROA not before: Sun 01 Jan 2023 09:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210780
IP address blocks: 185.252.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:3b:48:b1:10:6d:fe:ca:a9:af:80:a7:0a:bd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4457636e5ad66e1f0fbb2c10df29095e63e992f
Validity
Not Before: Jan 1 09:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bbb52569abe0fa4e9f61257f18022e942e9f910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d0:c1:53:59:d0:19:8a:5f:73:42:07:b0:4f:
a7:b8:cd:b5:a3:58:7c:2c:cf:e4:4f:16:fb:9e:b6:
72:ae:b1:87:77:9c:ce:a2:a8:00:8b:49:04:16:8c:
40:58:c5:7c:06:fe:8a:35:c9:6b:ad:a3:33:0d:d9:
6d:56:6a:bf:d6:21:d3:51:c2:85:c7:6e:e0:a1:c9:
00:9c:8f:95:c2:4c:56:52:27:93:71:13:93:09:83:
a4:fd:d7:b0:70:51:b6:e2:f1:01:63:9b:65:fd:e4:
24:77:80:34:24:b2:c3:3e:71:6c:43:c0:1f:90:01:
50:b5:54:01:f4:c2:10:40:50:02:7d:b8:14:32:3c:
a2:75:fc:e7:30:1d:5f:bb:30:6f:b5:7b:2c:91:8c:
f5:ec:78:51:b6:d2:72:41:21:58:05:10:aa:a4:88:
e5:e9:3c:38:c7:fd:9a:53:89:2e:2e:3d:83:c6:02:
22:49:9d:52:f8:bc:05:3e:65:87:9c:19:7c:93:a2:
a6:62:e2:85:b6:44:44:04:f3:d9:bb:5a:b6:af:67:
91:d5:c6:f8:66:4b:9d:cf:7a:8b:e5:7f:d9:bd:76:
f1:a0:5d:65:f7:a2:40:9a:f0:64:df:f0:2c:47:f2:
de:99:26:8e:25:96:6d:fc:e7:50:65:89:14:e7:36:
60:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BB:52:56:9A:BE:0F:A4:E9:F6:12:57:F1:80:22:E9:42:E9:F9:10
X509v3 Authority Key Identifier:
keyid:E4:45:76:36:E5:AD:66:E1:F0:FB:B2:C1:0D:F2:90:95:E6:3E:99:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5EV2NuWtZuHw-7LBDfKQleY-mS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8c9f19-a700-4832-be21-b0d5e8be853c/1/C7tSVpq-D6Tp9hJX8YAi6ULp-RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8c9f19-a700-4832-be21-b0d5e8be853c/1/5EV2NuWtZuHw-7LBDfKQleY-mS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.214.0/24
Signature Algorithm: sha256WithRSAEncryption
11:a9:71:86:08:2c:6f:b6:04:fd:4f:2c:8d:77:00:e7:a1:c5:
87:74:b7:6b:eb:db:49:3c:4c:d0:04:0d:00:88:68:53:60:fc:
78:80:ac:21:58:b6:4e:06:10:c6:07:3e:f5:a8:df:0a:8c:86:
c3:40:b9:8e:47:d0:e2:32:ea:ff:26:54:69:16:95:da:ac:fa:
a3:bc:aa:5a:8f:ce:da:f1:20:f1:25:c6:e6:7e:96:71:44:b3:
49:0d:97:e5:b2:53:5d:56:f4:79:b0:26:af:79:f2:9f:0f:50:
ea:38:56:a6:b4:88:bf:d4:db:73:03:06:e6:14:a2:7e:fa:df:
29:0e:fe:db:2b:68:98:b1:88:90:d6:23:0a:66:94:3c:64:18:
24:00:4d:c8:a5:9b:7f:d3:a7:91:b8:44:97:31:cb:96:a7:79:
f2:f2:3b:7a:82:89:25:34:a2:71:ea:14:a3:2e:37:b8:d7:6d:
1f:0a:79:38:f8:60:43:97:5e:81:bd:97:90:1b:63:e6:2a:b8:
60:ef:42:0a:ef:36:29:97:c4:06:5e:9a:4c:e3:af:55:bc:cd:
43:c6:32:dd:0e:10:98:f1:e3:03:4f:16:35:9b:75:58:b1:37:
89:64:69:1b:6c:42:0d:67:02:93:ba:d7:e3:66:d1:8e:0a:f6:
bd:77:8f:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrztIsRBt/sqpr4CnCr3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NDU3NjM2ZTVhZDY2ZTFmMGZiYjJjMTBkZjI5MDk1ZTYz
ZTk5MmYwHhcNMjMwMTAxMDkzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmJiNTI1NjlhYmUwZmE0ZTlmNjEyNTdmMTgwMjJlOTQyZTlmOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNDBU1nQGYpfc0IHsE+nuM21o1h8
LM/kTxb7nrZyrrGHd5zOoqgAi0kEFoxAWMV8Bv6KNclrraMzDdltVmq/1iHTUcKF
x27gockAnI+VwkxWUieTcROTCYOk/dewcFG24vEBY5tl/eQkd4A0JLLDPnFsQ8Af
kAFQtVQB9MIQQFACfbgUMjyidfznMB1fuzBvtXsskYz17HhRttJyQSFYBRCqpIjl
6Tw4x/2aU4kuLj2DxgIiSZ1S+LwFPmWHnBl8k6KmYuKFtkREBPPZu1q2r2eR1cb4
Zkudz3qL5X/ZvXbxoF1l96JAmvBk3/AsR/LemSaOJZZt/OdQZYkU5zZg1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAu7Ulaavg+k6fYSV/GAIulC6fkQMB8GA1UdIwQY
MBaAFORFdjblrWbh8PuywQ3ykJXmPpkvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUVWMk51V3RadUh3LTdMQkRmS1FsZVktbVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS84YzlmMTktYTcwMC00ODMyLWJlMjEt
YjBkNWU4YmU4NTNjLzEvQzd0U1ZwcS1ENlRwOWhKWDhZQWk2VUxwLVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS84YzlmMTktYTcwMC00ODMyLWJlMjEtYjBkNWU4YmU4NTNj
LzEvNUVWMk51V3RadUh3LTdMQkRmS1FsZVktbVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufzWMA0G
CSqGSIb3DQEBCwUAA4IBAQARqXGGCCxvtgT9TyyNdwDnocWHdLdr69tJPEzQBA0A
iGhTYPx4gKwhWLZOBhDGBz71qN8KjIbDQLmOR9DiMur/JlRpFpXarPqjvKpaj87a
8SDxJcbmfpZxRLNJDZflslNdVvR5sCavefKfD1DqOFamtIi/1NtzAwbmFKJ++t8p
Dv7bK2iYsYiQ1iMKZpQ8ZBgkAE3IpZt/06eRuESXMcuWp3ny8jt6goklNKJx6hSj
Lje4120fCnk4+GBDl16BvZeQG2PmKrhg70IK7zYpl8QGXppM469VvM1DxjLdDhCY
8eMDTxY1m3VYsTeJZGkbbEINZwKTutfjZtGOCva9d4/g
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:11 2025 by rpki-client