Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/4a3139-8e1b-4a1e-87da-e6aabb06bbb0/1/W1H9X1oYj7lPYJtkFK20q2_3utc.roa
File: W1H9X1oYj7lPYJtkFK20q2_3utc.roa (raw, json)
Hash identifier: uzvSSQqkS0eCiAxA9LZRA6F/it0CEScuKqmSNDwMDy0=
Subject key identifier: 5B:51:FD:5F:5A:18:8F:B9:4F:60:9B:64:14:AD:B4:AB:6F:F7:BA:D7
Certificate issuer: /CN=a56ff71e4b8ec24b1c632b2fa2248739cc572205
Certificate serial: 01856F024DD56B24D5736551EB09CCD88CAA
Authority key identifier: A5:6F:F7:1E:4B:8E:C2:4B:1C:63:2B:2F:A2:24:87:39:CC:57:22:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pW_3HkuOwkscYysvoiSHOcxXIgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/4a3139-8e1b-4a1e-87da-e6aabb06bbb0/1/W1H9X1oYj7lPYJtkFK20q2_3utc.roa
Signing time: Sun 01 Jan 2023 20:24:59 +0000
ROA not before: Sun 01 Jan 2023 20:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61966
IP address blocks: 185.52.228.0/23 maxlen: 23
185.52.230.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4d:d5:6b:24:d5:73:65:51:eb:09:cc:d8:8c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a56ff71e4b8ec24b1c632b2fa2248739cc572205
Validity
Not Before: Jan 1 20:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b51fd5f5a188fb94f609b6414adb4ab6ff7bad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9f:94:48:4d:9d:5a:77:a1:20:bc:ac:80:58:
ca:a4:15:51:ca:e2:5b:d6:cd:ed:59:89:3b:b1:29:
6d:8a:60:f3:b6:f8:8b:fe:d8:48:28:23:aa:22:6a:
5a:26:e1:2c:c1:34:79:ef:5f:9b:c7:2b:47:84:d9:
95:fa:4a:cc:8c:7b:96:fe:b0:98:b7:ab:6f:a3:a6:
20:e0:fd:06:b5:c0:1a:1b:31:d4:3c:61:aa:f3:2b:
0f:f8:f5:48:c8:55:4d:e8:61:2a:07:03:3d:d1:89:
c5:56:93:36:17:ad:ca:39:b4:3a:10:42:22:09:6c:
4f:b3:b7:c1:46:98:8a:65:34:f0:1f:af:a4:3c:85:
f9:d0:95:69:8b:33:12:72:ac:e3:34:ad:ec:f6:f6:
a1:ca:49:b3:a7:21:78:77:a6:e1:28:85:32:89:e0:
f3:50:ed:45:11:b8:a6:8a:ab:4a:19:e6:0b:dd:ae:
39:7a:dd:cd:d0:1d:a2:ff:51:67:44:dc:09:3f:96:
a2:da:b4:b0:e4:66:d9:8c:23:d1:01:36:cd:3e:e9:
4f:7e:ef:6e:4f:06:fa:93:28:78:89:d1:fb:3a:9c:
5c:e2:57:30:67:ce:48:b2:e4:48:c6:fe:98:1b:13:
e3:f1:a4:2b:f7:6c:15:68:d6:fc:05:2d:58:1a:57:
6d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:51:FD:5F:5A:18:8F:B9:4F:60:9B:64:14:AD:B4:AB:6F:F7:BA:D7
X509v3 Authority Key Identifier:
keyid:A5:6F:F7:1E:4B:8E:C2:4B:1C:63:2B:2F:A2:24:87:39:CC:57:22:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pW_3HkuOwkscYysvoiSHOcxXIgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/4a3139-8e1b-4a1e-87da-e6aabb06bbb0/1/W1H9X1oYj7lPYJtkFK20q2_3utc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/4a3139-8e1b-4a1e-87da-e6aabb06bbb0/1/pW_3HkuOwkscYysvoiSHOcxXIgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.228.0/22
Signature Algorithm: sha256WithRSAEncryption
66:7e:b3:69:1f:f6:a9:44:0a:e8:bf:a5:f5:0a:98:6d:83:1c:
ce:46:56:6b:7c:ce:9c:7e:ee:f7:f5:14:8e:e2:80:8f:06:11:
1a:a8:14:8a:6e:e7:d9:1e:57:9f:13:22:be:41:4d:ab:40:cd:
f7:a3:30:b5:35:9c:77:d2:18:1e:da:52:79:cf:59:e3:3d:a6:
f2:b3:69:b4:a6:6a:cf:84:9c:5d:98:d7:44:e0:11:c3:b0:b2:
b3:e9:f1:bf:eb:9b:ce:5f:15:ea:26:a1:4c:d8:3f:f3:71:36:
f4:e8:8b:bc:61:f9:b9:f9:f8:33:39:39:ad:96:00:67:17:1d:
6f:a7:92:38:b7:bf:43:3d:11:46:4f:6d:f8:23:b8:cb:1a:56:
31:38:a4:7f:d9:cb:7a:ca:d3:28:01:0b:4a:35:e5:9c:72:ef:
04:85:e3:32:d1:60:a2:44:87:59:61:41:2d:19:9a:26:18:33:
70:fc:f8:d9:3a:78:32:02:c6:be:54:02:09:db:95:d4:62:b9:
17:77:a6:3f:2e:2f:0d:e7:0c:7c:dd:44:dd:47:62:a3:77:99:
42:05:7e:c6:20:9b:67:c3:c6:dc:ee:3c:7f:98:26:78:a8:6f:
38:28:03:85:ca:5c:8e:f5:46:1c:88:ff:be:39:ec:75:20:2c:
85:85:bb:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAk3VayTVc2VR6wnM2IyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NmZmNzFlNGI4ZWMyNGIxYzYzMmIyZmEyMjQ4NzM5Y2M1
NzIyMDUwHhcNMjMwMTAxMjAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjUxZmQ1ZjVhMTg4ZmI5NGY2MDliNjQxNGFkYjRhYjZmZjdiYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z+USE2dWnehILysgFjKpBVRyuJb
1s3tWYk7sSltimDztviL/thIKCOqImpaJuEswTR571+bxytHhNmV+krMjHuW/rCY
t6tvo6Yg4P0GtcAaGzHUPGGq8ysP+PVIyFVN6GEqBwM90YnFVpM2F63KObQ6EEIi
CWxPs7fBRpiKZTTwH6+kPIX50JVpizMScqzjNK3s9vahykmzpyF4d6bhKIUyieDz
UO1FEbimiqtKGeYL3a45et3N0B2i/1FnRNwJP5ai2rSw5GbZjCPRATbNPulPfu9u
Twb6kyh4idH7Opxc4lcwZ85IsuRIxv6YGxPj8aQr92wVaNb8BS1YGldtGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFtR/V9aGI+5T2CbZBSttKtv97rXMB8GA1UdIwQY
MBaAFKVv9x5LjsJLHGMrL6IkhznMVyIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdfM0hrdU93a3NjWXlzdm9pU0hPY3hYSWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80YTMxMzktOGUxYi00YTFlLTg3ZGEt
ZTZhYWJiMDZiYmIwLzEvVzFIOVgxb1lqN2xQWUp0a0ZLMjBxMl8zdXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS80YTMxMzktOGUxYi00YTFlLTg3ZGEtZTZhYWJiMDZiYmIw
LzEvcFdfM0hrdU93a3NjWXlzdm9pU0hPY3hYSWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTTkMA0G
CSqGSIb3DQEBCwUAA4IBAQBmfrNpH/apRArov6X1CphtgxzORlZrfM6cfu739RSO
4oCPBhEaqBSKbufZHlefEyK+QU2rQM33ozC1NZx30hge2lJ5z1njPabys2m0pmrP
hJxdmNdE4BHDsLKz6fG/65vOXxXqJqFM2D/zcTb06Iu8Yfm5+fgzOTmtlgBnFx1v
p5I4t79DPRFGT234I7jLGlYxOKR/2ct6ytMoAQtKNeWccu8EheMy0WCiRIdZYUEt
GZomGDNw/PjZOngyAsa+VAIJ25XUYrkXd6Y/Li8N5wx83UTdR2Kjd5lCBX7GIJtn
w8bc7jx/mCZ4qG84KAOFylyO9UYciP++Oex1ICyFhbuZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:25 2025 by rpki-client