Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/7vqbFJu9tet29Wo_pli9wfBdUqA.roa
File: 7vqbFJu9tet29Wo_pli9wfBdUqA.roa (raw, json)
Hash identifier: EzIvzsIW5IUnRDnbPKHtiPEjieU2LQRkmFndpcZVjms=
Subject key identifier: EE:FA:9B:14:9B:BD:B5:EB:76:F5:6A:3F:A6:58:BD:C1:F0:5D:52:A0
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 01856F9E0768B30EF09810146D2283FBC7B9
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/7vqbFJu9tet29Wo_pli9wfBdUqA.roa
Signing time: Sun 01 Jan 2023 23:15:05 +0000
ROA not before: Sun 01 Jan 2023 23:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212490
IP address blocks: 185.41.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9e:07:68:b3:0e:f0:98:10:14:6d:22:83:fb:c7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 1 23:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eefa9b149bbdb5eb76f56a3fa658bdc1f05d52a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5d:d6:f0:62:2d:b2:98:a3:5d:cb:7e:29:cc:
d1:ad:3d:b8:32:4d:58:46:f1:eb:3c:0d:9b:d7:db:
6c:b2:a6:88:41:53:b7:60:65:05:32:b9:f6:f9:c0:
06:b9:46:cb:07:02:b9:3d:50:15:77:c2:1a:d9:16:
30:97:e7:2c:d0:66:cd:a5:eb:77:d2:d2:ca:ee:03:
a1:94:c1:53:1d:77:ad:7c:40:bf:31:3e:37:7b:85:
b5:bb:ca:c1:1d:1e:66:c6:22:a9:c8:c2:b7:e2:8e:
82:1e:ea:50:5e:2b:f1:d6:6e:ab:5c:b4:d4:cc:5b:
48:0e:a7:a3:1c:e6:b8:01:3c:d4:9d:9e:1b:59:14:
2f:cb:a6:5e:3d:73:75:71:ab:30:10:24:9c:0c:74:
27:2f:f3:cc:82:4b:48:4a:ff:56:48:be:b6:97:ef:
0f:3c:aa:9b:b1:57:e5:aa:a6:21:c3:c0:c6:5a:fe:
40:bc:b5:54:6d:43:b1:16:d4:41:1c:d9:87:9a:60:
a3:dd:ae:83:1b:10:9f:63:a1:f0:f7:17:84:b5:a3:
e9:5f:d8:89:6e:66:ba:c3:a6:0e:00:a1:97:05:7f:
04:30:92:ef:16:04:f4:3c:41:7c:97:61:87:c9:c7:
12:21:30:f9:5a:36:f2:8c:4a:61:b1:24:d9:ff:6b:
9d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:FA:9B:14:9B:BD:B5:EB:76:F5:6A:3F:A6:58:BD:C1:F0:5D:52:A0
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/7vqbFJu9tet29Wo_pli9wfBdUqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.184.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:f2:44:a6:25:9a:84:7d:33:f2:78:6e:a9:dd:51:1f:c3:37:
36:b0:18:ad:e4:e3:a5:52:c1:7c:bc:10:5d:24:8a:55:ea:04:
9a:2f:2f:d8:c3:cf:fc:ac:65:b9:8d:18:40:ff:41:72:0f:3e:
37:74:27:69:5a:eb:e0:07:0b:2a:7f:64:3c:80:34:33:22:6e:
82:c5:b5:c9:e7:03:19:0c:20:1f:92:91:53:2e:7c:46:78:ee:
1e:3b:99:51:15:c6:48:d9:b1:ac:a1:65:94:a5:c2:f6:61:55:
ea:65:30:45:ce:d8:2b:63:3c:8b:28:56:68:07:8d:7b:f7:f7:
20:ef:90:33:b9:91:e1:60:94:9c:33:e3:98:4e:46:27:62:e2:
69:2d:ee:ad:d4:1b:3d:de:c3:f9:43:ac:db:ff:38:02:f4:97:
d5:a3:e2:88:ee:ab:c2:92:e4:ca:69:36:51:17:dd:20:a5:af:
a2:b0:c7:18:fc:db:b8:84:ec:22:3a:d6:71:92:b9:b6:2c:d4:
10:79:5b:5c:04:d6:64:ae:ba:c5:a1:5d:9f:52:39:09:ff:e3:
99:36:9a:2c:5f:89:54:cb:78:b3:3f:b0:bd:ad:48:72:af:3c:
27:d5:4b:9b:1d:18:31:06:87:1c:2b:ca:60:f6:cf:94:5c:54:
82:7c:99:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvngdosw7wmBAUbSKD+8e5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjMwMTAxMjMxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWZhOWIxNDliYmRiNWViNzZmNTZhM2ZhNjU4YmRjMWYwNWQ1MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhl3W8GItspijXct+KczRrT24Mk1Y
RvHrPA2b19tssqaIQVO3YGUFMrn2+cAGuUbLBwK5PVAVd8Ia2RYwl+cs0GbNpet3
0tLK7gOhlMFTHXetfEC/MT43e4W1u8rBHR5mxiKpyMK34o6CHupQXivx1m6rXLTU
zFtIDqejHOa4ATzUnZ4bWRQvy6ZePXN1caswECScDHQnL/PMgktISv9WSL62l+8P
PKqbsVflqqYhw8DGWv5AvLVUbUOxFtRBHNmHmmCj3a6DGxCfY6Hw9xeEtaPpX9iJ
bma6w6YOAKGXBX8EMJLvFgT0PEF8l2GHyccSITD5WjbyjEphsSTZ/2udEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO76mxSbvbXrdvVqP6ZYvcHwXVKgMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvN3ZxYkZKdTl0ZXQyOVdvX3BsaTl3ZkJkVXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSm4MA0G
CSqGSIb3DQEBCwUAA4IBAQB88kSmJZqEfTPyeG6p3VEfwzc2sBit5OOlUsF8vBBd
JIpV6gSaLy/Yw8/8rGW5jRhA/0FyDz43dCdpWuvgBwsqf2Q8gDQzIm6CxbXJ5wMZ
DCAfkpFTLnxGeO4eO5lRFcZI2bGsoWWUpcL2YVXqZTBFztgrYzyLKFZoB4179/cg
75AzuZHhYJScM+OYTkYnYuJpLe6t1Bs93sP5Q6zb/zgC9JfVo+KI7qvCkuTKaTZR
F90gpa+isMcY/Nu4hOwiOtZxkrm2LNQQeVtcBNZkrrrFoV2fUjkJ/+OZNposX4lU
y3izP7C9rUhyrzwn1UubHRgxBoccK8pg9s+UXFSCfJkR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:46 2025 by rpki-client