Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/Xz0dc2YoyEWc8u2rDj_D5GC6pxg.roa
File: Xz0dc2YoyEWc8u2rDj_D5GC6pxg.roa (raw, json)
Hash identifier: 76TWaM/Rr+rx2GLjZxwPA2AOHFW05nyvrd8przxihWk=
Subject key identifier: 5F:3D:1D:73:66:28:C8:45:9C:F2:ED:AB:0E:3F:C3:E4:60:BA:A7:18
Certificate issuer: /CN=e0cde2c1fce3d6fe2185347dd89dcfd13ebbb151
Certificate serial: 07CCCAFB
Authority key identifier: E0:CD:E2:C1:FC:E3:D6:FE:21:85:34:7D:D8:9D:CF:D1:3E:BB:B1:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4M3iwfzj1v4hhTR92J3P0T67sVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/Xz0dc2YoyEWc8u2rDj_D5GC6pxg.roa
Signing time: Sat 01 Jan 2022 13:06:58 +0000
ROA not before: Sat 01 Jan 2022 13:06:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42910
IP address blocks: 185.141.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130861819 (0x7cccafb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0cde2c1fce3d6fe2185347dd89dcfd13ebbb151
Validity
Not Before: Jan 1 13:06:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f3d1d736628c8459cf2edab0e3fc3e460baa718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:3b:8f:e1:09:13:61:4b:e3:e1:a4:2c:7e:34:
73:1a:fb:43:e4:ba:2d:49:71:8b:83:63:9b:6e:53:
77:35:c7:0d:e4:00:85:19:47:0c:ab:f5:70:e2:84:
ab:7a:3f:d9:ca:50:04:77:63:f8:31:eb:c7:8e:f8:
8f:34:10:f9:99:c1:3b:6f:db:c0:9f:66:e5:65:23:
60:80:85:bf:a3:bf:ad:54:35:58:97:70:8f:34:07:
fb:21:8b:76:3c:b2:f3:9b:a0:e9:e0:fe:a1:71:29:
46:28:42:39:df:53:67:ec:ab:d9:cb:30:b8:91:20:
e4:0e:a1:e8:43:0d:a3:dc:69:0a:ec:b3:74:72:84:
db:45:1e:6c:96:98:7f:31:b1:2d:f2:93:51:a1:9a:
88:4d:22:93:11:48:15:e5:58:c5:65:77:13:d2:12:
00:80:fa:c6:98:e3:a2:89:9a:95:98:9f:3b:96:4a:
9b:2a:df:d7:29:53:fa:76:02:62:76:85:9a:e5:9c:
ff:bf:10:7d:f8:a1:1e:3e:68:a4:64:77:f0:77:02:
e0:d8:d1:17:24:b6:66:c0:e4:65:6d:50:8f:c9:5d:
88:d0:2d:32:ee:93:38:66:c6:4f:f5:dc:d4:e4:59:
08:b1:64:e3:12:4c:e1:fb:42:7f:b2:12:7e:66:5a:
65:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3D:1D:73:66:28:C8:45:9C:F2:ED:AB:0E:3F:C3:E4:60:BA:A7:18
X509v3 Authority Key Identifier:
keyid:E0:CD:E2:C1:FC:E3:D6:FE:21:85:34:7D:D8:9D:CF:D1:3E:BB:B1:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4M3iwfzj1v4hhTR92J3P0T67sVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/Xz0dc2YoyEWc8u2rDj_D5GC6pxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ecdd93-1aa0-4b9a-b6aa-ecb3126fc8ed/1/4M3iwfzj1v4hhTR92J3P0T67sVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.110.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:e4:da:c3:be:01:36:ce:c9:c7:ef:90:7c:06:67:7e:5d:84:
53:41:e0:b5:1c:d3:ee:69:d8:f9:73:5e:9c:08:19:60:10:48:
7a:27:e7:41:25:dc:8e:dd:e0:e9:78:7d:1f:f5:90:20:57:db:
ef:8e:66:9b:fd:39:ec:b1:03:50:f6:57:dd:45:c8:19:4a:63:
81:79:ad:3c:e3:61:41:b9:d7:41:7c:03:31:25:0d:e0:42:83:
40:a2:06:10:7d:de:6a:a4:40:dd:47:1e:f9:73:c9:65:36:74:
ad:70:b1:f1:11:83:5d:8e:ee:5e:f6:e5:a4:dd:c2:e7:03:a5:
c6:4d:5c:8b:21:6e:cf:51:e9:5a:56:67:a2:b4:29:e7:99:b9:
9a:ea:81:ed:46:1d:e9:5c:fd:f1:66:d5:77:ea:5a:67:61:c5:
14:be:bc:7c:32:a1:7a:26:8b:a0:24:b4:19:66:aa:eb:04:27:
67:ba:68:a2:8b:cf:0d:75:19:05:8c:56:3e:68:33:72:6a:06:
c8:8c:4b:1d:3d:2e:96:18:1d:52:88:e8:8d:0a:a4:42:51:fa:
d8:29:15:4c:55:16:b8:cd:4f:e6:90:21:c7:3d:42:ad:96:28:
03:93:bd:1f:96:d1:6b:32:56:e5:d3:1d:eb:d9:be:68:b4:52:
a6:9b:9c:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB8zK+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MGNkZTJjMWZjZTNkNmZlMjE4NTM0N2RkODlkY2ZkMTNlYmJiMTUxMB4XDTIyMDEw
MTEzMDY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYzZDFkNzM2NjI4
Yzg0NTljZjJlZGFiMGUzZmMzZTQ2MGJhYTcxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOw7j+EJE2FL4+GkLH40cxr7Q+S6LUlxi4Njm25TdzXHDeQA
hRlHDKv1cOKEq3o/2cpQBHdj+DHrx474jzQQ+ZnBO2/bwJ9m5WUjYICFv6O/rVQ1
WJdwjzQH+yGLdjyy85ug6eD+oXEpRihCOd9TZ+yr2cswuJEg5A6h6EMNo9xpCuyz
dHKE20UebJaYfzGxLfKTUaGaiE0ikxFIFeVYxWV3E9ISAID6xpjjoomalZifO5ZK
myrf1ylT+nYCYnaFmuWc/78QffihHj5opGR38HcC4NjRFyS2ZsDkZW1Qj8ldiNAt
Mu6TOGbGT/Xc1ORZCLFk4xJM4ftCf7ISfmZaZX8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfPR1zZijIRZzy7asOP8PkYLqnGDAfBgNVHSMEGDAWgBTgzeLB/OPW/iGF
NH3Ync/RPruxUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRNM2l3ZnpqMXY0aGhUUjkySjNQMFQ2N3NWRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvZWNkZDkzLTFhYTAtNGI5YS1iNmFhLWVjYjMxMjZmYzhlZC8x
L1h6MGRjMllveUVXYzh1MnJEal9ENUdDNnB4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
ZWNkZDkzLTFhYTAtNGI5YS1iNmFhLWVjYjMxMjZmYzhlZC8xLzRNM2l3ZnpqMXY0
aGhUUjkySjNQMFQ2N3NWRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmNbjANBgkqhkiG9w0BAQsFAAOC
AQEAbOTaw74BNs7Jx++QfAZnfl2EU0HgtRzT7mnY+XNenAgZYBBIeifnQSXcjt3g
6Xh9H/WQIFfb745mm/057LEDUPZX3UXIGUpjgXmtPONhQbnXQXwDMSUN4EKDQKIG
EH3eaqRA3Uce+XPJZTZ0rXCx8RGDXY7uXvblpN3C5wOlxk1ciyFuz1HpWlZnorQp
55m5muqB7UYd6Vz98WbVd+paZ2HFFL68fDKheiaLoCS0GWaq6wQnZ7pooovPDXUZ
BYxWPmgzcmoGyIxLHT0ulhgdUojojQqkQlH62CkVTFUWuM1P5pAhxz1CrZYoA5O9
H5bRazJW5dMd69m+aLRSppuccQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:01 2025 by rpki-client