Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/2lOCF6cZGzQcF9Em3yj3ziStAIA.roa
File: 2lOCF6cZGzQcF9Em3yj3ziStAIA.roa (raw, json)
Hash identifier: 9JqXwBq2YEK+lFPsz2zFMznEqimpht4h1+B/h8IBb2w=
Subject key identifier: DA:53:82:17:A7:19:1B:34:1C:17:D1:26:DF:28:F7:CE:24:AD:00:80
Certificate issuer: /CN=01471c79e9642caef6a7437f1f74c5478ae52129
Certificate serial: 1768E4A5
Authority key identifier: 01:47:1C:79:E9:64:2C:AE:F6:A7:43:7F:1F:74:C5:47:8A:E5:21:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AUcceelkLK72p0N_H3TFR4rlISk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/2lOCF6cZGzQcF9Em3yj3ziStAIA.roa
Signing time: Sat 01 Jan 2022 13:01:56 +0000
ROA not before: Sat 01 Jan 2022 13:01:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41938
IP address blocks: 185.66.218.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 392750245 (0x1768e4a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01471c79e9642caef6a7437f1f74c5478ae52129
Validity
Not Before: Jan 1 13:01:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da538217a7191b341c17d126df28f7ce24ad0080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b0:49:1b:69:1e:53:0e:22:2a:4e:e9:b9:85:
cd:76:fa:ab:67:36:4c:fc:43:47:93:f2:58:5b:a5:
4c:b3:1e:8a:da:c5:83:00:e4:0b:11:07:2a:ce:5e:
43:9c:38:d5:aa:23:86:bb:e5:ef:bb:e0:fc:31:20:
d3:cd:71:0c:60:cc:8a:cc:2c:59:4d:be:a5:79:57:
dd:bb:7d:d5:a0:20:f3:4f:e5:b2:10:27:bf:a5:3b:
ed:e4:b1:c2:0e:0e:f8:cf:e8:b1:d7:c1:bc:c7:90:
1e:ee:91:67:db:07:7e:9c:41:20:12:dd:2b:36:02:
de:3d:03:52:55:ea:1b:fc:96:3f:24:75:fd:b5:33:
23:18:2a:4e:68:4c:64:0d:35:d7:e1:e4:a1:8d:b3:
7f:29:92:c4:e8:6f:74:66:55:0a:49:53:7d:92:a6:
67:9b:21:f1:0a:ba:d6:c1:85:d2:86:40:bb:e2:8a:
10:7d:57:0a:89:dc:4f:95:10:3b:51:20:77:39:c8:
4c:e3:11:87:d8:24:50:04:8d:7e:e3:d9:4b:20:c0:
d5:68:db:a8:ac:dd:17:b1:9c:10:10:b3:0e:66:cc:
f5:6b:14:a7:96:81:ad:1b:e5:d4:04:ee:98:2c:60:
17:66:3d:67:c2:8c:ed:89:b2:97:d9:05:9c:83:e6:
de:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:53:82:17:A7:19:1B:34:1C:17:D1:26:DF:28:F7:CE:24:AD:00:80
X509v3 Authority Key Identifier:
keyid:01:47:1C:79:E9:64:2C:AE:F6:A7:43:7F:1F:74:C5:47:8A:E5:21:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUcceelkLK72p0N_H3TFR4rlISk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/2lOCF6cZGzQcF9Em3yj3ziStAIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/AUcceelkLK72p0N_H3TFR4rlISk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.218.0/23
Signature Algorithm: sha256WithRSAEncryption
05:1b:4c:e9:ca:e5:b3:f9:78:00:5e:35:2f:42:b8:d0:f5:7d:
e4:c5:37:aa:11:ef:0d:2c:0b:b8:51:be:10:1b:c0:f8:9a:ae:
6f:c1:6e:60:81:d3:46:3b:7d:00:52:c3:aa:21:5b:c6:09:27:
4b:d6:64:7d:84:93:d2:8b:29:55:db:80:31:1a:ad:cf:87:6b:
f3:e8:b6:87:cc:ee:6a:f9:c0:fc:31:fe:e8:83:20:99:bc:b5:
27:3b:7c:67:04:38:9e:10:a4:d5:41:b2:55:de:aa:64:ed:df:
62:4e:6f:da:e8:b5:e3:fb:ba:6b:31:d3:a7:f4:8a:50:58:33:
cb:82:9c:14:a3:5d:1e:a5:07:99:f3:bb:37:cc:0b:14:7f:3e:
0f:fa:f4:65:e8:12:73:93:3b:df:14:a6:dc:e7:e7:c6:43:c4:
1f:c0:63:4f:12:be:c5:90:b4:3b:a5:96:73:84:90:0c:f5:b7:
a4:3d:48:ae:58:a4:ee:2c:d6:4a:2a:e4:2f:af:42:a5:bd:94:
66:fd:1b:2f:f2:81:b3:b4:b7:c5:73:8f:6b:b6:b0:e8:93:ec:
ce:a8:ae:3b:c3:c3:eb:22:76:1a:ec:4d:f4:f7:40:be:f8:34:
54:5c:58:f2:fe:da:6d:ea:4f:13:59:85:5e:b3:65:d7:99:49:
5e:4e:2e:5a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF2jkpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTQ3MWM3OWU5NjQyY2FlZjZhNzQzN2YxZjc0YzU0NzhhZTUyMTI5MB4XDTIyMDEw
MTEzMDE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE1MzgyMTdhNzE5
MWIzNDFjMTdkMTI2ZGYyOGY3Y2UyNGFkMDA4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiwSRtpHlMOIipO6bmFzXb6q2c2TPxDR5PyWFulTLMeitrF
gwDkCxEHKs5eQ5w41aojhrvl77vg/DEg081xDGDMiswsWU2+pXlX3bt91aAg80/l
shAnv6U77eSxwg4O+M/osdfBvMeQHu6RZ9sHfpxBIBLdKzYC3j0DUlXqG/yWPyR1
/bUzIxgqTmhMZA011+HkoY2zfymSxOhvdGZVCklTfZKmZ5sh8Qq61sGF0oZAu+KK
EH1XConcT5UQO1EgdznITOMRh9gkUASNfuPZSyDA1WjbqKzdF7GcEBCzDmbM9WsU
p5aBrRvl1ATumCxgF2Y9Z8KM7Ymyl9kFnIPm3s8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaU4IXpxkbNBwX0SbfKPfOJK0AgDAfBgNVHSMEGDAWgBQBRxx56WQsrvan
Q38fdMVHiuUhKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FVY2NlZWxrTEs3MnAwTl9IM1RGUjRybElTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvZTFhMzdkLTg2OGUtNDZiYi1hN2M4LTlkMmQ5ZjZlZWU5My8x
LzJsT0NGNmNaR3pRY0Y5RW0zeWozemlTdEFJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
ZTFhMzdkLTg2OGUtNDZiYi1hN2M4LTlkMmQ5ZjZlZWU5My8xL0FVY2NlZWxrTEs3
MnAwTl9IM1RGUjRybElTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblC2jANBgkqhkiG9w0BAQsFAAOC
AQEABRtM6crls/l4AF41L0K40PV95MU3qhHvDSwLuFG+EBvA+Jqub8FuYIHTRjt9
AFLDqiFbxgknS9ZkfYST0ospVduAMRqtz4dr8+i2h8zuavnA/DH+6IMgmby1Jzt8
ZwQ4nhCk1UGyVd6qZO3fYk5v2ui14/u6azHTp/SKUFgzy4KcFKNdHqUHmfO7N8wL
FH8+D/r0ZegSc5M73xSm3OfnxkPEH8BjTxK+xZC0O6WWc4SQDPW3pD1Irlik7izW
SirkL69Cpb2UZv0bL/KBs7S3xXOPa7aw6JPszqiuO8PD6yJ2GuxN9PdAvvg0VFxY
8v7abepPE1mFXrNl15lJXk4uWg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:16 2025 by rpki-client