Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/Pn20zlozwkevY4bVwV0BsNTkFJU.roa
File: Pn20zlozwkevY4bVwV0BsNTkFJU.roa (raw, json)
Hash identifier: 1XncdfNM0N8dxSV5k4fgsvukNgfpzJmKYmuSZf1mwng=
Subject key identifier: 3E:7D:B4:CE:5A:33:C2:47:AF:63:86:D5:C1:5D:01:B0:D4:E4:14:95
Certificate issuer: /CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Certificate serial: 018BAFFBCFEC0F4F219889F04C07EA2F96E3
Authority key identifier: 73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/Pn20zlozwkevY4bVwV0BsNTkFJU.roa
Signing time: Wed 08 Nov 2023 17:29:57 +0000
ROA not before: Wed 08 Nov 2023 17:29:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49348
IP address blocks: 185.86.228.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:fb:cf:ec:0f:4f:21:98:89:f0:4c:07:ea:2f:96:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Validity
Not Before: Nov 8 17:29:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e7db4ce5a33c247af6386d5c15d01b0d4e41495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d5:72:1d:f5:42:52:a7:d7:bc:6b:ad:58:7e:
d2:a3:32:21:05:67:92:b6:c6:17:a1:ff:6e:ff:ed:
e5:1c:95:59:b2:fd:42:a7:c7:20:ec:c2:4c:a7:c3:
ad:13:72:db:ec:98:d2:ef:d3:88:ca:1b:a0:fd:29:
eb:e8:19:76:2c:05:45:bb:93:db:a4:a8:3b:32:2d:
e8:28:cc:a1:21:e4:38:98:88:91:37:c7:3d:7f:87:
a5:b3:30:6a:ab:b9:d1:1a:dc:0d:87:e7:49:91:17:
83:23:26:8f:7f:85:53:e8:f4:90:8e:75:8e:0c:0c:
66:b0:69:8d:8c:87:7f:77:c1:53:c9:7f:ce:19:2e:
52:f1:70:cb:3a:c3:64:50:6e:d1:97:d7:c4:96:11:
9e:8a:d5:71:15:6d:6b:c7:2f:51:da:ab:8a:02:aa:
01:dc:51:f8:0c:e2:b9:c4:7c:e0:fb:4d:e9:43:b6:
69:03:8b:06:60:e2:2d:6a:c7:03:d3:17:d3:23:9d:
98:ab:ec:32:aa:65:65:b5:6e:eb:39:74:9f:90:0c:
5b:21:ce:ab:05:90:44:52:a5:1b:5a:98:55:c0:3b:
30:b1:f8:61:f3:b6:73:7a:c1:81:df:f3:25:2e:e0:
f3:b4:07:55:06:38:dc:14:9f:e2:62:3d:b0:8b:07:
01:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7D:B4:CE:5A:33:C2:47:AF:63:86:D5:C1:5D:01:B0:D4:E4:14:95
X509v3 Authority Key Identifier:
keyid:73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/Pn20zlozwkevY4bVwV0BsNTkFJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/c5ddXanaigdLM_vLXAnVA6O0Q6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.228.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:35:97:a9:06:77:de:6a:8d:37:84:f2:51:27:43:ef:09:ea:
f9:64:7a:11:68:c1:38:bf:de:25:d3:0a:2f:b5:da:6d:8c:e0:
12:04:bb:53:f2:1a:de:2d:01:5e:d3:79:4f:78:8b:6e:34:be:
16:7e:c1:bb:f1:9b:3d:6e:5d:61:10:75:64:e3:0e:8d:1b:49:
9e:55:78:1a:a2:f8:75:d7:ee:7d:ce:dd:53:b2:9a:81:a2:38:
e6:44:a4:11:e1:ad:a4:b5:5a:59:24:fa:19:b5:f5:ff:15:b7:
b8:61:fe:35:a7:b9:5b:66:53:75:d7:ee:b4:a1:4b:35:d2:9f:
44:bb:ed:f5:16:a4:6f:03:17:09:3a:b7:31:be:49:00:8b:2d:
23:0e:03:ae:be:ad:b6:84:9b:ad:67:39:15:96:8e:f3:f0:65:
56:3d:5d:89:76:82:d4:77:ae:2c:fc:fb:46:42:10:e9:b1:22:
b3:76:45:6a:91:03:ee:75:2a:49:ed:22:fe:45:ca:36:88:2b:
a5:02:9c:ff:28:c4:c0:8c:62:da:c5:98:dd:80:8a:bd:d6:f1:
08:bd:35:74:f9:26:6c:0c:a2:9a:c2:32:23:5c:08:32:52:0d:
16:c3:46:37:64:ba:0e:8a:70:d5:9b:f8:74:c3:89:ac:b0:38:
a3:1d:95:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuv+8/sD08hmInwTAfqL5bjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOTc1ZDVkYTlkYThhMDc0YjMzZmJjYjVjMDlkNTAzYTNi
NDQzYTEwHhcNMjMxMTA4MTcyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTdkYjRjZTVhMzNjMjQ3YWY2Mzg2ZDVjMTVkMDFiMGQ0ZTQxNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9VyHfVCUqfXvGutWH7SozIhBWeS
tsYXof9u/+3lHJVZsv1Cp8cg7MJMp8OtE3Lb7JjS79OIyhug/Snr6Bl2LAVFu5Pb
pKg7Mi3oKMyhIeQ4mIiRN8c9f4elszBqq7nRGtwNh+dJkReDIyaPf4VT6PSQjnWO
DAxmsGmNjId/d8FTyX/OGS5S8XDLOsNkUG7Rl9fElhGeitVxFW1rxy9R2quKAqoB
3FH4DOK5xHzg+03pQ7ZpA4sGYOItascD0xfTI52Yq+wyqmVltW7rOXSfkAxbIc6r
BZBEUqUbWphVwDswsfhh87ZzesGB3/MlLuDztAdVBjjcFJ/iYj2wiwcBZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD59tM5aM8JHr2OG1cFdAbDU5BSVMB8GA1UdIwQY
MBaAFHOXXV2p2ooHSzP7y1wJ1QOjtEOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYt
OWU4MGQwZDg3YzJkLzEvUG4yMHpsb3p3a2V2WTRiVndWMEJzTlRrRkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYtOWU4MGQwZDg3YzJk
LzEvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVbkMA0G
CSqGSIb3DQEBCwUAA4IBAQC1NZepBnfeao03hPJRJ0PvCer5ZHoRaME4v94l0wov
tdptjOASBLtT8hreLQFe03lPeItuNL4WfsG78Zs9bl1hEHVk4w6NG0meVXgaovh1
1+59zt1TspqBojjmRKQR4a2ktVpZJPoZtfX/Fbe4Yf41p7lbZlN11+60oUs10p9E
u+31FqRvAxcJOrcxvkkAiy0jDgOuvq22hJutZzkVlo7z8GVWPV2JdoLUd64s/PtG
QhDpsSKzdkVqkQPudSpJ7SL+Rco2iCulApz/KMTAjGLaxZjdgIq91vEIvTV0+SZs
DKKawjIjXAgyUg0Ww0Y3ZLoOinDVm/h0w4mssDijHZVm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:40 2025 by rpki-client