Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/53GTd9shbLuEtDKuFGQH1JARdnQ.roa
File: 53GTd9shbLuEtDKuFGQH1JARdnQ.roa (raw, json)
Hash identifier: Y+TTx+mtJ7gDx77aj5rYufRkwFHrOaH3Zeb72Vfd9Fs=
Subject key identifier: E7:71:93:77:DB:21:6C:BB:84:B4:32:AE:14:64:07:D4:90:11:76:74
Certificate issuer: /CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Certificate serial: 0DF3DF18
Authority key identifier: 29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/53GTd9shbLuEtDKuFGQH1JARdnQ.roa
Signing time: Sat 01 Jan 2022 12:54:24 +0000
ROA not before: Sat 01 Jan 2022 12:54:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205371
IP address blocks: 185.220.112.0/24 maxlen: 24
185.220.115.0/24 maxlen: 24
185.220.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234086168 (0xdf3df18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Validity
Not Before: Jan 1 12:54:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7719377db216cbb84b432ae146407d490117674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:87:b4:14:7e:fc:05:21:5d:97:9f:12:bd:81:
fc:71:f2:fb:22:d1:5f:57:b3:fc:d5:41:06:b9:28:
3e:d9:42:7c:eb:ea:1e:52:9b:0f:06:ef:9a:82:02:
71:14:4b:88:a7:9e:76:92:ad:65:73:54:b7:b5:dc:
64:19:00:b7:a2:45:b0:9f:a9:26:24:21:ed:f0:1d:
bf:a7:1c:1a:c4:c9:71:e0:a5:36:a4:79:5b:c5:38:
bb:f4:6e:30:0c:01:52:61:6b:e3:54:6c:e2:a2:bd:
e5:77:37:e7:6d:e5:2a:3b:ab:2d:31:1c:5d:22:f7:
f2:d9:ef:e9:4c:8b:53:16:fe:3b:41:c0:85:70:d9:
cc:58:f4:47:bb:c6:4c:b6:32:5f:ab:4c:da:96:d7:
7f:5b:ac:0e:b7:1f:de:96:b7:7c:25:b6:92:fd:ca:
d8:1f:84:df:38:18:3a:bf:b8:88:3f:4d:e9:19:6f:
35:76:a1:cf:1e:6c:b9:cf:59:c0:0e:18:f3:31:51:
59:54:6f:6a:bb:60:2c:49:ba:14:92:43:96:28:b0:
d6:38:b5:44:00:48:58:ed:85:a4:e1:e4:45:54:79:
f4:60:be:de:b0:7b:a8:29:6b:74:75:ef:c7:cc:fd:
fa:42:ce:62:d1:cf:6b:41:39:da:96:d8:79:92:4a:
dc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:71:93:77:DB:21:6C:BB:84:B4:32:AE:14:64:07:D4:90:11:76:74
X509v3 Authority Key Identifier:
keyid:29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/53GTd9shbLuEtDKuFGQH1JARdnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/KVtqNKIQm6fE2X92x0Rm8UwzM-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.112.0/24
185.220.114.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:fa:eb:56:ae:19:48:ca:94:5f:f1:08:44:3b:40:ec:b1:e5:
f1:60:75:1c:a8:22:fc:05:04:21:5b:98:92:f9:61:f8:44:ec:
47:21:53:fd:22:47:cd:c6:c6:03:2a:ec:a4:d4:f7:48:e8:54:
90:0c:75:c8:27:02:3c:e2:6e:c9:68:9b:0c:bc:0f:de:76:e2:
d1:3f:79:b0:58:1d:cc:d8:bb:9f:30:2b:18:e0:bc:1c:d8:9b:
6e:55:f6:11:3b:79:00:a5:c6:02:68:e0:b0:9b:82:76:58:09:
c9:34:b9:40:bb:d2:e0:96:39:0a:40:9c:92:f0:a0:e0:3b:b7:
82:8c:56:ce:8c:dd:f8:29:dc:23:6c:2d:1f:b3:22:fd:f1:53:
c0:3b:2b:1c:9a:c0:93:c6:4a:4a:ac:c1:94:9f:aa:83:6b:90:
dd:46:1a:cf:bf:3c:8b:ba:ef:f8:cb:e5:2f:57:6c:6f:25:f9:
2d:b4:40:4c:4b:ae:32:69:97:5d:58:6a:40:52:d0:a8:0d:4a:
08:ab:42:3f:b2:6e:69:15:dc:12:2c:0b:4e:4f:cf:ec:4d:9b:
85:0e:85:cd:48:83:63:9e:c3:7f:2b:d2:4d:13:fb:33:67:1a:
45:3d:7f:a6:3e:4d:0d:f7:81:f3:14:7c:a9:6f:5a:7b:f5:ed:
df:c6:e8:d3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDfPfGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTViNmEzNGEyMTA5YmE3YzRkOTdmNzZjNzQ0NjZmMTRjMzMzM2UwMB4XDTIyMDEw
MTEyNTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc3MTkzNzdkYjIx
NmNiYjg0YjQzMmFlMTQ2NDA3ZDQ5MDExNzY3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOHtBR+/AUhXZefEr2B/HHy+yLRX1ez/NVBBrkoPtlCfOvq
HlKbDwbvmoICcRRLiKeedpKtZXNUt7XcZBkAt6JFsJ+pJiQh7fAdv6ccGsTJceCl
NqR5W8U4u/RuMAwBUmFr41Rs4qK95Xc3523lKjurLTEcXSL38tnv6UyLUxb+O0HA
hXDZzFj0R7vGTLYyX6tM2pbXf1usDrcf3pa3fCW2kv3K2B+E3zgYOr+4iD9N6Rlv
NXahzx5suc9ZwA4Y8zFRWVRvartgLEm6FJJDliiw1ji1RABIWO2FpOHkRVR59GC+
3rB7qClrdHXvx8z9+kLOYtHPa0E52pbYeZJK3AcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTncZN32yFsu4S0Mq4UZAfUkBF2dDAfBgNVHSMEGDAWgBQpW2o0ohCbp8TZ
f3bHRGbxTDMz4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tWdHFOS0lRbTZmRTJYOTJ4MFJtOFV3ek0tQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvZTliMTczLTkyYjYtNDIxMC1hOGUwLWI3OTdhNDQwNmYzMC8x
LzUzR1RkOXNoYkx1RXRES3VGR1FIMUpBUmRuUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
ZTliMTczLTkyYjYtNDIxMC1hOGUwLWI3OTdhNDQwNmYzMC8xL0tWdHFOS0lRbTZm
RTJYOTJ4MFJtOFV3ek0tQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnccAMEAbnccjANBgkqhkiG9w0B
AQsFAAOCAQEALPrrVq4ZSMqUX/EIRDtA7LHl8WB1HKgi/AUEIVuYkvlh+ETsRyFT
/SJHzcbGAyrspNT3SOhUkAx1yCcCPOJuyWibDLwP3nbi0T95sFgdzNi7nzArGOC8
HNibblX2ETt5AKXGAmjgsJuCdlgJyTS5QLvS4JY5CkCckvCg4Du3goxWzozd+Cnc
I2wtH7Mi/fFTwDsrHJrAk8ZKSqzBlJ+qg2uQ3UYaz788i7rv+MvlL1dsbyX5LbRA
TEuuMmmXXVhqQFLQqA1KCKtCP7JuaRXcEiwLTk/P7E2bhQ6FzUiDY57DfyvSTRP7
M2caRT1/pj5NDfeB8xR8qW9ae/Xt38bo0w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:19 2025 by rpki-client