Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/eCSdgDCUzkUrESsvxQHRVlL5Xpo.roa
File: eCSdgDCUzkUrESsvxQHRVlL5Xpo.roa (raw, json)
Hash identifier: /wi0OqD3G590EiUhetpk7iIaIHCBJtu/b1Cg4Ul6D/0=
Subject key identifier: 78:24:9D:80:30:94:CE:45:2B:11:2B:2F:C5:01:D1:56:52:F9:5E:9A
Certificate issuer: /CN=3ff58dffba4df6ac34bd9f48119ae11cfef8a76c
Certificate serial: 018216C45A258EC462D7E10D3AA3615FA513
Authority key identifier: 3F:F5:8D:FF:BA:4D:F6:AC:34:BD:9F:48:11:9A:E1:1C:FE:F8:A7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P_WN_7pN9qw0vZ9IEZrhHP74p2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/eCSdgDCUzkUrESsvxQHRVlL5Xpo.roa
Signing time: Tue 19 Jul 2022 14:02:23 +0000
ROA not before: Tue 19 Jul 2022 14:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209836
IP address blocks: 213.232.124.0/24 maxlen: 24
185.126.201.0/24 maxlen: 24
213.232.125.0/24 maxlen: 24
185.126.200.0/24 maxlen: 24
213.232.127.0/24 maxlen: 24
213.232.126.0/24 maxlen: 24
2a0a:2fc0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:c4:5a:25:8e:c4:62:d7:e1:0d:3a:a3:61:5f:a5:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ff58dffba4df6ac34bd9f48119ae11cfef8a76c
Validity
Not Before: Jul 19 14:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78249d803094ce452b112b2fc501d15652f95e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b8:68:7e:01:65:e3:3b:95:1f:a3:bc:fc:3a:
b5:26:93:e4:1b:b9:4e:f6:72:34:a8:5f:3f:f6:8f:
c6:6f:28:7a:60:d6:d6:6d:13:b7:73:ba:73:2b:61:
2f:ec:22:72:9c:ab:55:0d:ae:a9:2f:36:76:c6:62:
94:3f:8b:b9:72:20:3c:52:dd:3f:2d:2d:37:cc:65:
9b:3d:5a:fa:30:17:cb:c3:20:ef:51:15:97:07:3a:
64:4a:05:6e:cd:1a:fe:9f:f6:ca:10:7c:ac:24:8e:
3a:c4:84:b7:ab:8a:fd:e8:eb:5a:08:4f:f7:6e:20:
c2:29:cf:13:6c:35:6a:4d:f4:ef:35:49:1f:d0:e7:
37:cb:43:f6:53:2c:22:f1:61:99:e6:fb:2f:56:af:
89:2d:02:dd:d2:75:e7:86:bf:e6:82:94:1c:60:f3:
d7:69:5c:f6:0e:df:92:02:05:25:61:30:52:e7:f0:
64:cb:e6:0a:31:16:ab:9f:85:99:21:65:e0:b5:a0:
e4:2f:c6:9e:32:45:f7:4c:f0:bf:1e:2f:c1:1a:e2:
2d:12:47:93:23:e1:4e:b3:78:97:63:d3:18:a2:5b:
ed:61:ea:3e:1b:37:02:9b:58:e3:88:f7:f7:b9:ea:
aa:94:9d:1c:97:19:70:83:cd:5f:35:29:bf:c0:40:
b0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:24:9D:80:30:94:CE:45:2B:11:2B:2F:C5:01:D1:56:52:F9:5E:9A
X509v3 Authority Key Identifier:
keyid:3F:F5:8D:FF:BA:4D:F6:AC:34:BD:9F:48:11:9A:E1:1C:FE:F8:A7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P_WN_7pN9qw0vZ9IEZrhHP74p2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/eCSdgDCUzkUrESsvxQHRVlL5Xpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/P_WN_7pN9qw0vZ9IEZrhHP74p2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.200.0/23
213.232.124.0/22
IPv6:
2a0a:2fc0::/30
Signature Algorithm: sha256WithRSAEncryption
58:a4:5b:af:e4:43:a0:47:b8:98:c8:11:7c:b4:4a:92:ac:47:
da:3f:c5:8a:e3:5a:22:7b:2f:0b:9a:58:e7:23:35:a9:5c:15:
78:21:fa:7a:78:16:7f:0f:8f:50:62:29:6d:4a:20:ab:98:e9:
90:11:21:d4:22:d4:f1:5a:be:7d:38:1f:1c:2a:b2:7c:31:45:
ca:48:02:9c:0a:bb:43:02:40:dd:98:f4:10:72:c9:a1:42:c7:
38:f9:fe:02:64:34:4e:b3:a6:2d:f8:84:75:cd:28:26:8d:5a:
1c:ec:a3:6c:c2:14:b5:1b:9d:fd:54:03:4c:21:f1:ac:f2:bb:
8f:4e:8d:60:84:0f:91:26:89:fa:a6:c7:40:6a:72:71:ff:e1:
0d:dc:ac:58:08:4f:07:74:99:2c:a7:70:a6:9b:21:35:95:b3:
99:a1:6e:80:7c:57:00:66:2c:aa:ab:7a:1b:00:2c:9e:ca:40:
6e:f9:07:a7:89:f9:87:6c:16:01:e4:d6:7d:0c:df:99:63:87:
5c:32:c7:c8:1b:c5:b2:76:30:28:c5:e7:89:e9:55:04:f5:9f:
bb:74:b6:d3:21:e1:31:1e:72:bf:1a:b8:94:f3:fe:c0:92:e5:
72:a3:e6:ef:a3:fe:3a:b3:45:cf:ee:aa:d9:d1:81:ac:f5:00:
43:6e:47:1e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYIWxFoljsRi1+ENOqNhX6UTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZjU4ZGZmYmE0ZGY2YWMzNGJkOWY0ODExOWFlMTFjZmVm
OGE3NmMwHhcNMjIwNzE5MTQwMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODI0OWQ4MDMwOTRjZTQ1MmIxMTJiMmZjNTAxZDE1NjUyZjk1ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7hofgFl4zuVH6O8/Dq1JpPkG7lO
9nI0qF8/9o/Gbyh6YNbWbRO3c7pzK2Ev7CJynKtVDa6pLzZ2xmKUP4u5ciA8Ut0/
LS03zGWbPVr6MBfLwyDvURWXBzpkSgVuzRr+n/bKEHysJI46xIS3q4r96OtaCE/3
biDCKc8TbDVqTfTvNUkf0Oc3y0P2Uywi8WGZ5vsvVq+JLQLd0nXnhr/mgpQcYPPX
aVz2Dt+SAgUlYTBS5/Bky+YKMRarn4WZIWXgtaDkL8aeMkX3TPC/Hi/BGuItEkeT
I+FOs3iXY9MYolvtYeo+GzcCm1jjiPf3ueqqlJ0clxlwg81fNSm/wECwRwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHgknYAwlM5FKxErL8UB0VZS+V6aMB8GA1UdIwQY
MBaAFD/1jf+6TfasNL2fSBGa4Rz++KdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9XTl83cE45cXcwdlo5SUVacmhIUDc0cDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yOGZjZTQtODFmMS00Y2QzLWE4ZWQt
YWI5NGFmZmI5MDNhLzEvZUNTZGdEQ1V6a1VyRVNzdnhRSFJWbEw1WHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yOGZjZTQtODFmMS00Y2QzLWE4ZWQtYWI5NGFmZmI5MDNh
LzEvUF9XTl83cE45cXcwdlo5SUVacmhIUDc0cDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuX7IAwQC
1eh8MA0EAgACMAcDBQIqCi/AMA0GCSqGSIb3DQEBCwUAA4IBAQBYpFuv5EOgR7iY
yBF8tEqSrEfaP8WK41oiey8LmljnIzWpXBV4Ifp6eBZ/D49QYiltSiCrmOmQESHU
ItTxWr59OB8cKrJ8MUXKSAKcCrtDAkDdmPQQcsmhQsc4+f4CZDROs6Yt+IR1zSgm
jVoc7KNswhS1G539VANMIfGs8ruPTo1ghA+RJon6psdAanJx/+EN3KxYCE8HdJks
p3CmmyE1lbOZoW6AfFcAZiyqq3obACyeykBu+QenifmHbBYB5NZ9DN+ZY4dcMsfI
G8WydjAoxeeJ6VUE9Z+7dLbTIeExHnK/GriU8/7AkuVyo+bvo/46s0XP7qrZ0YGs
9QBDbkce
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:13 2025 by rpki-client