Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/pZ6sS9JBvCsJm01k4granTZvMBk.roa
File: pZ6sS9JBvCsJm01k4granTZvMBk.roa (raw, json)
Hash identifier: GllA9sBZ2MZtUVD853uzenw0j8gg+6nOYgHFMZGX/+Y=
Subject key identifier: A5:9E:AC:4B:D2:41:BC:2B:09:9B:4D:64:E2:0A:DA:9D:36:6F:30:19
Certificate issuer: /CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Certificate serial: 0185729EB9395CD2EF073C38CB4ADC258E90
Authority key identifier: F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/pZ6sS9JBvCsJm01k4granTZvMBk.roa
Signing time: Mon 02 Jan 2023 13:14:42 +0000
ROA not before: Mon 02 Jan 2023 13:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50622
IP address blocks: 185.47.226.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:b9:39:5c:d2:ef:07:3c:38:cb:4a:dc:25:8e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Validity
Not Before: Jan 2 13:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a59eac4bd241bc2b099b4d64e20ada9d366f3019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8e:82:93:b7:b6:de:50:1b:28:79:ef:72:3d:
ec:76:13:ee:ef:37:60:3d:4f:51:c5:ec:3b:a9:4f:
71:86:4d:13:ce:25:4f:22:90:63:01:b6:10:ce:18:
98:13:e9:ce:d2:d6:2c:7b:c1:1d:a0:8c:26:66:9b:
ac:57:bf:47:ad:07:47:00:c0:9b:2d:f0:06:43:50:
0f:ce:58:bd:63:c6:3f:ed:0d:9b:6c:83:27:02:3c:
ba:92:84:c6:81:8e:0b:8f:c5:a0:53:4a:a4:b3:7b:
fc:61:79:fb:b4:ce:a9:1b:66:56:16:a7:bf:68:7e:
96:ce:cf:af:ce:02:a8:f1:a4:9c:88:3f:99:83:1f:
1f:03:b8:00:1e:92:0d:27:98:81:94:12:7f:d4:50:
bd:7e:46:c0:be:b4:0c:d9:cc:7a:e3:fb:d7:13:21:
49:71:bc:2f:50:9a:f9:45:f9:5c:a4:9c:6b:ec:69:
85:5f:07:6a:87:09:b0:5f:eb:ab:46:b3:86:73:6c:
32:06:fa:3b:52:f1:37:19:44:8d:f5:85:52:b9:fe:
62:cb:7d:de:68:d4:6c:36:5e:19:af:83:74:d3:8a:
c0:32:1f:70:19:8e:0f:5f:b9:fa:e5:a8:8e:72:3a:
cc:2b:8f:c7:02:47:9f:9a:7a:a2:6e:b9:6b:d4:b0:
85:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9E:AC:4B:D2:41:BC:2B:09:9B:4D:64:E2:0A:DA:9D:36:6F:30:19
X509v3 Authority Key Identifier:
keyid:F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/pZ6sS9JBvCsJm01k4granTZvMBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/1-Ogm3hBw2dedqp5BX8QyYTzFflc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.226.0/24
Signature Algorithm: sha256WithRSAEncryption
74:df:82:37:73:4c:d0:6e:70:a4:7f:9c:32:15:10:67:c2:82:
b8:f2:dd:7b:b2:0c:ab:48:44:b2:f4:bc:56:0c:c1:20:a5:05:
fa:2c:b9:6b:5d:e5:36:6b:ed:5d:4a:80:bc:14:48:34:4b:25:
48:45:71:89:07:49:5a:58:7a:48:75:fd:59:df:b5:94:69:47:
17:71:c3:4e:07:1a:1a:d4:a1:24:d4:5b:82:f8:b9:4d:69:fc:
17:ff:ec:15:4c:1b:df:8f:06:39:03:46:c7:c6:8d:2d:08:63:
80:dd:89:35:57:43:db:25:d6:9c:2a:62:25:80:2c:8e:d8:56:
8f:89:56:da:35:bd:38:d5:d0:81:c0:8a:68:e9:e4:23:1e:03:
19:03:9d:d5:57:93:be:56:eb:3a:9e:af:33:16:f2:05:f0:38:
d0:3a:46:69:24:bb:5e:fb:41:83:60:1a:da:22:3d:33:cd:fb:
70:08:dc:cb:0c:b2:2f:cc:00:c4:38:12:a4:2c:f6:05:53:b1:
a1:80:c5:b1:0f:72:d8:83:40:29:36:39:b9:f4:7e:78:85:40:
3b:14:b2:45:2e:ac:83:88:87:31:71:d6:c6:aa:34:07:5e:01:
0d:b5:d3:2c:24:79:3e:a1:7c:e2:36:92:f5:83:7c:c6:ec:7c:
c8:e6:63:f9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVynrk5XNLvBzw4y0rcJY6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTgyNmRlMTA3MGQ5ZDc5ZGFhOWU0MTVmYzQzMjYxM2Nj
NTdlNTcwHhcNMjMwMTAyMTMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTllYWM0YmQyNDFiYzJiMDk5YjRkNjRlMjBhZGE5ZDM2NmYzMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto6Ck7e23lAbKHnvcj3sdhPu7zdg
PU9Rxew7qU9xhk0TziVPIpBjAbYQzhiYE+nO0tYse8EdoIwmZpusV79HrQdHAMCb
LfAGQ1APzli9Y8Y/7Q2bbIMnAjy6koTGgY4Lj8WgU0qks3v8YXn7tM6pG2ZWFqe/
aH6Wzs+vzgKo8aSciD+Zgx8fA7gAHpINJ5iBlBJ/1FC9fkbAvrQM2cx64/vXEyFJ
cbwvUJr5RflcpJxr7GmFXwdqhwmwX+urRrOGc2wyBvo7UvE3GUSN9YVSuf5iy33e
aNRsNl4Zr4N004rAMh9wGY4PX7n65aiOcjrMK4/HAkefmnqibrlr1LCFewIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKWerEvSQbwrCZtNZOIK2p02bzAZMB8GA1UdIwQY
MBaAFPjoJt4QcNnXnaqeQV/EMmE8xX5XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PZ20zaEJ3MmRlZHFwNUJYOFF5WVR6RmZsYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4
LWVhZWRiNzA5ZWZiZi8xL3BaNnNTOUpCdkNzSm0wMWs0Z3JhblRadk1Cay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4LWVhZWRiNzA5ZWZi
Zi8xLzEtT2dtM2hCdzJkZWRxcDVCWDhReVlUekZmbGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5L+Iw
DQYJKoZIhvcNAQELBQADggEBAHTfgjdzTNBucKR/nDIVEGfCgrjy3XuyDKtIRLL0
vFYMwSClBfosuWtd5TZr7V1KgLwUSDRLJUhFcYkHSVpYekh1/VnftZRpRxdxw04H
GhrUoSTUW4L4uU1p/Bf/7BVMG9+PBjkDRsfGjS0IY4DdiTVXQ9sl1pwqYiWALI7Y
Vo+JVto1vTjV0IHAimjp5CMeAxkDndVXk75W6zqerzMW8gXwONA6Rmkku177QYNg
GtoiPTPN+3AI3MsMsi/MAMQ4EqQs9gVTsaGAxbEPctiDQCk2Obn0fniFQDsUskUu
rIOIhzFx1saqNAdeAQ210ywkeT6hfOI2kvWDfMbsfMjmY/k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:08 2025 by rpki-client