Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/ett21fZdyPuqqdU4Nvf8r39biyk.roa
File: ett21fZdyPuqqdU4Nvf8r39biyk.roa (raw, json)
Hash identifier: 9jYWcWbAw/9gZLZubnTMVfetZj1f6ze6MjaC70L9h5s=
Subject key identifier: 7A:DB:76:D5:F6:5D:C8:FB:AA:A9:D5:38:36:F7:FC:AF:7F:5B:8B:29
Certificate issuer: /CN=7938dfb9eb924079bb706cb616eda572864a9e13
Certificate serial: 01856BAEBC40E910EF6C6691F4F022EF3E4B
Authority key identifier: 79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/ett21fZdyPuqqdU4Nvf8r39biyk.roa
Signing time: Sun 01 Jan 2023 04:54:51 +0000
ROA not before: Sun 01 Jan 2023 04:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44400
IP address blocks: 185.51.40.0/24 maxlen: 24
185.51.41.0/24 maxlen: 24
2a04:c140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:bc:40:e9:10:ef:6c:66:91:f4:f0:22:ef:3e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7938dfb9eb924079bb706cb616eda572864a9e13
Validity
Not Before: Jan 1 04:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7adb76d5f65dc8fbaaa9d53836f7fcaf7f5b8b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7d:dd:1e:0d:d6:09:18:d4:6a:64:93:34:91:
15:24:ca:01:89:28:40:9f:1a:cf:25:b7:e4:cc:3a:
8e:dd:03:7a:9c:41:f6:b9:99:85:76:15:fe:52:e7:
5e:c5:76:ad:cc:7f:03:1d:af:b0:47:ce:49:14:bc:
9f:93:3a:e2:ce:a8:c2:41:70:6b:e3:52:c9:44:2d:
98:fa:41:fe:f7:ac:19:c1:21:28:40:8e:fa:94:00:
ba:a9:fa:5f:0a:44:09:b4:0c:0e:7b:19:a9:f6:20:
b6:5d:35:8a:d1:79:a7:ca:d9:3d:ef:ef:27:7e:30:
59:15:df:5e:58:2e:8e:57:89:e6:49:a9:4a:34:4d:
23:df:25:11:5d:9e:e7:a1:b1:69:57:16:6f:11:16:
c1:6e:bf:77:a2:d7:cf:06:8c:9d:60:82:ad:fb:13:
ff:4a:8c:98:08:ee:b1:d0:75:e7:f2:9b:0d:be:d5:
bc:1a:0c:d2:71:e4:67:fd:78:4f:9d:76:8b:61:90:
d6:00:3f:71:d1:93:7f:95:1a:fa:66:db:a9:63:9c:
05:d9:21:bc:96:7c:ee:01:21:75:bc:c3:4e:5b:ce:
68:3d:d9:48:3b:a0:db:65:46:43:40:ae:97:19:a0:
23:c8:d7:fd:00:25:fd:7d:13:d3:c5:d1:a8:9c:28:
11:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:DB:76:D5:F6:5D:C8:FB:AA:A9:D5:38:36:F7:FC:AF:7F:5B:8B:29
X509v3 Authority Key Identifier:
keyid:79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/ett21fZdyPuqqdU4Nvf8r39biyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.40.0/23
IPv6:
2a04:c140::/29
Signature Algorithm: sha256WithRSAEncryption
0a:d6:02:ca:a0:4e:53:1b:15:a0:b8:f9:70:7a:3f:d4:c7:a1:
c0:d3:82:d3:fb:e2:d0:fa:30:77:97:ef:c2:c2:bf:aa:cd:9f:
ef:9a:37:44:5b:79:4c:50:da:eb:01:05:dc:fe:83:41:46:a3:
29:78:84:6b:f2:20:31:7c:b2:51:79:ed:ca:bf:7d:9e:78:7c:
cf:c7:29:e0:0e:0c:1a:9e:b8:07:46:61:2e:73:1b:77:98:2d:
c5:01:ed:ca:95:f1:61:59:13:97:be:cc:0e:d9:e9:63:62:0f:
00:7b:07:8d:24:0d:a3:65:10:a6:ff:f3:4d:8b:4c:0f:1f:70:
2d:f7:52:e7:e5:8b:e0:02:08:52:ea:cc:bf:20:03:6d:3b:23:
ff:6d:d6:f3:c1:c1:9e:42:2e:79:34:b5:d1:1d:39:f3:be:a6:
50:5f:fa:9d:30:a8:29:43:a8:be:88:54:db:fc:5e:62:d5:ee:
1a:35:02:1c:70:03:00:b4:0c:85:f4:95:4a:8e:e4:05:21:62:
41:33:69:e3:b4:41:ac:18:52:25:dd:17:04:14:d0:48:ba:50:
a5:76:58:e7:85:94:80:d6:14:a7:e0:1e:46:48:91:94:f5:9e:
54:42:3b:5d:77:e3:6a:d7:0b:40:25:33:e8:75:11:fa:00:ae:
e6:f5:76:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrrrxA6RDvbGaR9PAi7z5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MzhkZmI5ZWI5MjQwNzliYjcwNmNiNjE2ZWRhNTcyODY0
YTllMTMwHhcNMjMwMTAxMDQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWRiNzZkNWY2NWRjOGZiYWFhOWQ1MzgzNmY3ZmNhZjdmNWI4YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn33dHg3WCRjUamSTNJEVJMoBiShA
nxrPJbfkzDqO3QN6nEH2uZmFdhX+UudexXatzH8DHa+wR85JFLyfkzrizqjCQXBr
41LJRC2Y+kH+96wZwSEoQI76lAC6qfpfCkQJtAwOexmp9iC2XTWK0Xmnytk97+8n
fjBZFd9eWC6OV4nmSalKNE0j3yURXZ7nobFpVxZvERbBbr93otfPBoydYIKt+xP/
SoyYCO6x0HXn8psNvtW8GgzSceRn/XhPnXaLYZDWAD9x0ZN/lRr6ZtupY5wF2SG8
lnzuASF1vMNOW85oPdlIO6DbZUZDQK6XGaAjyNf9ACX9fRPTxdGonCgRPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHrbdtX2Xcj7qqnVODb3/K9/W4spMB8GA1UdIwQY
MBaAFHk437nrkkB5u3BsthbtpXKGSp4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQt
MDZkYTJiYjA2MDcxLzEvZXR0MjFmWmR5UHVxcWRVNE52ZjhyMzliaXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQtMDZkYTJiYjA2MDcx
LzEvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuTMoMA0E
AgACMAcDBQMqBMFAMA0GCSqGSIb3DQEBCwUAA4IBAQAK1gLKoE5TGxWguPlwej/U
x6HA04LT++LQ+jB3l+/Cwr+qzZ/vmjdEW3lMUNrrAQXc/oNBRqMpeIRr8iAxfLJR
ee3Kv32eeHzPxyngDgwanrgHRmEucxt3mC3FAe3KlfFhWROXvswO2eljYg8AeweN
JA2jZRCm//NNi0wPH3At91Ln5YvgAghS6sy/IANtOyP/bdbzwcGeQi55NLXRHTnz
vqZQX/qdMKgpQ6i+iFTb/F5i1e4aNQIccAMAtAyF9JVKjuQFIWJBM2njtEGsGFIl
3RcEFNBIulCldljnhZSA1hSn4B5GSJGU9Z5UQjtdd+Nq1wtAJTPodRH6AK7m9XYb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:04 2025 by rpki-client