Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/iPrCPhYIGY3yyYJN95pX5veFfPc.roa
File: iPrCPhYIGY3yyYJN95pX5veFfPc.roa (raw, json)
Hash identifier: QVHW4NTgpRHr3hTB3SCOZb/6s+bQgIMtXj8NXSQtgSA=
Subject key identifier: 88:FA:C2:3E:16:08:19:8D:F2:C9:82:4D:F7:9A:57:E6:F7:85:7C:F7
Certificate issuer: /CN=3ef46116a11f11f51fc9a1d225a0bfcefdbed786
Certificate serial: 01856DD4238A1F383E904DDB7EB4178C756A
Authority key identifier: 3E:F4:61:16:A1:1F:11:F5:1F:C9:A1:D2:25:A0:BF:CE:FD:BE:D7:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvRhFqEfEfUfyaHSJaC_zv2-14Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/iPrCPhYIGY3yyYJN95pX5veFfPc.roa
Signing time: Sun 01 Jan 2023 14:54:57 +0000
ROA not before: Sun 01 Jan 2023 14:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57513
IP address blocks: 185.132.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:23:8a:1f:38:3e:90:4d:db:7e:b4:17:8c:75:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef46116a11f11f51fc9a1d225a0bfcefdbed786
Validity
Not Before: Jan 1 14:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88fac23e1608198df2c9824df79a57e6f7857cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8b:68:19:97:43:25:2b:eb:1b:19:45:3b:8e:
f1:c2:bb:39:1e:63:48:05:5b:7f:a4:b1:93:e9:33:
01:34:17:b3:ff:ee:35:75:f4:92:52:92:59:14:a5:
d1:59:5a:b0:4d:c0:cc:e5:a8:94:e4:46:24:9e:73:
9c:01:0e:49:ee:ff:be:a8:e2:a2:d5:3c:67:eb:c6:
05:80:66:0e:ac:ef:5d:af:8c:3c:90:b5:97:05:96:
31:ea:71:d2:55:b3:6d:cb:db:0c:2f:59:52:24:cc:
44:ca:28:12:cd:94:6e:08:81:74:a2:c5:49:01:42:
78:0c:cf:a4:23:89:ce:e6:0c:47:fd:f2:22:7f:fe:
87:52:33:22:db:2e:a6:0a:1c:5e:e1:9e:9b:a2:6b:
78:4a:85:9b:21:91:48:26:60:be:ec:3e:08:0b:b4:
76:1c:7e:8f:43:96:8c:75:d4:01:2a:68:ff:3b:6d:
ac:67:21:90:ff:31:b9:25:3f:a7:5d:61:34:17:ff:
aa:69:f8:10:29:5b:17:41:2e:d8:2c:1a:64:5b:7a:
9e:29:99:2c:d7:40:11:fd:12:e3:bd:0d:b8:2b:a9:
98:78:ff:7d:c2:7e:ed:0e:5f:a3:03:16:b4:a2:9f:
59:75:86:a6:aa:23:77:fa:e1:a8:51:44:ef:0a:73:
d5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FA:C2:3E:16:08:19:8D:F2:C9:82:4D:F7:9A:57:E6:F7:85:7C:F7
X509v3 Authority Key Identifier:
keyid:3E:F4:61:16:A1:1F:11:F5:1F:C9:A1:D2:25:A0:BF:CE:FD:BE:D7:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvRhFqEfEfUfyaHSJaC_zv2-14Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/iPrCPhYIGY3yyYJN95pX5veFfPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/PvRhFqEfEfUfyaHSJaC_zv2-14Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.148.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d5:5e:ee:8a:c8:c8:be:7f:48:26:e8:e6:da:e8:54:30:4e:
4f:27:64:f8:0e:75:99:4c:cc:17:55:72:42:59:40:3d:d0:b0:
01:c8:21:67:c0:10:04:29:5e:ac:10:43:76:e7:74:f2:99:34:
96:c9:bb:22:f6:34:7b:56:fe:50:83:e8:99:a4:48:c0:c6:68:
04:36:63:5d:7a:f0:7f:0d:d6:cc:d5:cc:0c:a4:11:49:05:74:
1c:dc:07:7f:bb:ba:9a:c8:fd:b0:64:27:1b:4d:19:f7:4b:92:
ed:9c:e4:a7:da:26:58:91:bb:35:77:5f:82:b1:7f:b9:68:79:
e7:e6:6b:5c:94:cb:ef:dc:5a:4a:a3:6d:4d:93:c6:b9:c8:fd:
dd:12:41:f1:2f:d9:9e:44:7d:44:c5:ae:b3:9c:a9:55:82:b2:
dd:aa:37:0b:06:aa:01:a6:72:c5:6f:55:66:8d:f6:d3:8b:79:
45:81:06:32:80:2b:81:6b:f4:55:70:02:75:cd:7a:9c:68:a6:
28:e7:83:91:aa:5b:d7:22:49:86:e4:a0:9d:37:2d:8b:27:ba:
60:b9:fe:d7:83:c9:81:2e:b0:73:9f:21:31:f8:dc:ba:89:86:
91:56:6e:ff:ba:0d:0f:d0:9d:7f:0d:37:34:06:ab:a7:0f:ef:
d1:c7:8c:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1COKHzg+kE3bfrQXjHVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjQ2MTE2YTExZjExZjUxZmM5YTFkMjI1YTBiZmNlZmRi
ZWQ3ODYwHhcNMjMwMTAxMTQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZhYzIzZTE2MDgxOThkZjJjOTgyNGRmNzlhNTdlNmY3ODU3Y2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiItoGZdDJSvrGxlFO47xwrs5HmNI
BVt/pLGT6TMBNBez/+41dfSSUpJZFKXRWVqwTcDM5aiU5EYknnOcAQ5J7v++qOKi
1Txn68YFgGYOrO9dr4w8kLWXBZYx6nHSVbNty9sML1lSJMxEyigSzZRuCIF0osVJ
AUJ4DM+kI4nO5gxH/fIif/6HUjMi2y6mChxe4Z6bomt4SoWbIZFIJmC+7D4IC7R2
HH6PQ5aMddQBKmj/O22sZyGQ/zG5JT+nXWE0F/+qafgQKVsXQS7YLBpkW3qeKZks
10AR/RLjvQ24K6mYeP99wn7tDl+jAxa0op9ZdYamqiN3+uGoUUTvCnPVvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIj6wj4WCBmN8smCTfeaV+b3hXz3MB8GA1UdIwQY
MBaAFD70YRahHxH1H8mh0iWgv879vteGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZSaEZxRWZFZlVmeWFIU0phQ196djItMTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMTBhMWMtMGFkZS00YmNiLWJiZmMt
NjdiYTdhMjE1NjMwLzEvaVByQ1BoWUlHWTN5eVlKTjk1cFg1dmVGZlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMTBhMWMtMGFkZS00YmNiLWJiZmMtNjdiYTdhMjE1NjMw
LzEvUHZSaEZxRWZFZlVmeWFIU0phQ196djItMTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYSUMA0G
CSqGSIb3DQEBCwUAA4IBAQBf1V7uisjIvn9IJujm2uhUME5PJ2T4DnWZTMwXVXJC
WUA90LAByCFnwBAEKV6sEEN253TymTSWybsi9jR7Vv5Qg+iZpEjAxmgENmNdevB/
DdbM1cwMpBFJBXQc3Ad/u7qayP2wZCcbTRn3S5LtnOSn2iZYkbs1d1+CsX+5aHnn
5mtclMvv3FpKo21Nk8a5yP3dEkHxL9meRH1Exa6znKlVgrLdqjcLBqoBpnLFb1Vm
jfbTi3lFgQYygCuBa/RVcAJ1zXqcaKYo54ORqlvXIkmG5KCdNy2LJ7pguf7Xg8mB
LrBznyEx+Ny6iYaRVm7/ug0P0J1/DTc0BqunD+/Rx4wE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:21 2025 by rpki-client