Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5c4a71-b38a-4eb4-8633-24b3572a83bb/1/pNMFxHHRxSm3QU7z7Y2rKk2PGpE.roa
File: pNMFxHHRxSm3QU7z7Y2rKk2PGpE.roa (raw, json)
Hash identifier: NAyTrV1B/ixy2+PqhSuO0TYRFtE6hRZTvQ9V4MciUJw=
Subject key identifier: A4:D3:05:C4:71:D1:C5:29:B7:41:4E:F3:ED:8D:AB:2A:4D:8F:1A:91
Certificate issuer: /CN=2fe17bf80ee1e2e70db3ea05dc16f304e7090cf4
Certificate serial: 01857295CDE5841A56739CEDEADD2242D838
Authority key identifier: 2F:E1:7B:F8:0E:E1:E2:E7:0D:B3:EA:05:DC:16:F3:04:E7:09:0C:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-F7-A7h4ucNs-oF3BbzBOcJDPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5c4a71-b38a-4eb4-8633-24b3572a83bb/1/pNMFxHHRxSm3QU7z7Y2rKk2PGpE.roa
Signing time: Mon 02 Jan 2023 13:04:58 +0000
ROA not before: Mon 02 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203713
IP address blocks: 185.153.76.0/22 maxlen: 24
2a06:9880::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:cd:e5:84:1a:56:73:9c:ed:ea:dd:22:42:d8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fe17bf80ee1e2e70db3ea05dc16f304e7090cf4
Validity
Not Before: Jan 2 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4d305c471d1c529b7414ef3ed8dab2a4d8f1a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f9:90:d9:bf:be:6b:8d:c3:a9:91:e6:37:6c:
ad:fb:2a:84:a5:b0:f6:b1:df:73:ad:82:7d:25:7c:
9c:dc:f5:97:37:e5:65:3e:7f:e6:ad:5d:d4:ca:c6:
9a:a3:f0:c9:d6:f2:ec:97:c3:24:ae:7b:a9:f5:83:
0a:bb:d1:35:06:e3:63:35:d3:a8:f7:84:7b:d4:eb:
03:af:85:a8:76:81:61:d9:19:02:df:25:33:66:f1:
db:16:9b:c5:b5:57:6c:1b:85:f5:1c:e3:51:ed:da:
69:6f:dd:1f:95:fc:e2:57:dd:f5:89:e8:60:d8:aa:
6b:1d:5b:b6:0d:a1:49:11:b5:cb:2b:9c:0a:73:65:
7d:10:17:82:b4:ff:01:f2:fd:88:47:f8:f0:51:a3:
c6:c3:bb:7c:4e:ea:70:79:c3:6e:0a:6a:89:a1:66:
c3:5b:20:a3:5c:4b:9f:4b:27:09:0a:8f:f1:7b:73:
53:7c:e1:d9:ff:13:1f:fb:96:13:98:44:8d:07:bc:
b2:67:f5:9e:59:20:92:32:4d:8f:e9:22:61:4c:b2:
c3:af:3d:d0:f8:29:e4:de:dc:8d:f8:0e:bf:e2:a3:
15:29:0c:b1:2d:d0:0d:63:72:22:4d:f2:4c:ce:71:
39:a9:4a:29:fe:53:cc:b1:c8:1c:36:ee:05:3a:ae:
f5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D3:05:C4:71:D1:C5:29:B7:41:4E:F3:ED:8D:AB:2A:4D:8F:1A:91
X509v3 Authority Key Identifier:
keyid:2F:E1:7B:F8:0E:E1:E2:E7:0D:B3:EA:05:DC:16:F3:04:E7:09:0C:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-F7-A7h4ucNs-oF3BbzBOcJDPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5c4a71-b38a-4eb4-8633-24b3572a83bb/1/pNMFxHHRxSm3QU7z7Y2rKk2PGpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5c4a71-b38a-4eb4-8633-24b3572a83bb/1/L-F7-A7h4ucNs-oF3BbzBOcJDPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.76.0/22
IPv6:
2a06:9880::/29
Signature Algorithm: sha256WithRSAEncryption
c5:3a:59:84:49:db:18:01:e1:9a:21:89:1a:07:9f:6a:37:70:
8f:b6:04:9c:3a:c6:c8:ea:70:6b:c3:7d:03:0e:83:a1:2e:2c:
84:70:3e:c4:25:b1:bb:a7:ee:b2:1e:26:e3:40:72:ae:b0:f5:
11:e4:2a:f2:60:1c:7d:1f:30:28:29:4f:95:08:be:76:6d:98:
13:bf:da:35:e2:78:64:4e:06:57:bc:50:dd:1c:b4:28:64:a7:
bf:82:fc:f7:0a:e1:ca:0e:19:a0:41:54:cd:57:d5:6a:79:d8:
b9:4d:eb:f6:77:e5:05:04:1c:a2:1a:3d:49:e2:4c:60:cd:05:
89:b7:1a:48:71:c1:0a:83:6e:06:70:77:4c:50:35:6c:d7:d4:
5d:74:58:de:9c:56:aa:d0:75:8b:a7:67:ee:c3:15:78:ce:af:
f1:45:c2:41:09:c6:98:1b:32:38:59:d1:b6:a9:d3:75:fc:ac:
b6:88:9b:38:b7:b9:30:c3:0e:96:17:71:4f:7b:fc:4b:6e:56:
48:86:51:c8:0f:a3:ec:b2:84:9a:9b:2d:44:73:77:ce:30:e7:
4e:04:ed:28:76:c6:84:9e:bb:b2:19:96:ad:fa:45:f4:30:f0:
b2:f8:15:fb:2b:0f:b8:9b:ab:a1:e1:e4:73:0d:18:14:96:ed:
4e:18:fe:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVylc3lhBpWc5zt6t0iQtg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZTE3YmY4MGVlMWUyZTcwZGIzZWEwNWRjMTZmMzA0ZTcw
OTBjZjQwHhcNMjMwMTAyMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGQzMDVjNDcxZDFjNTI5Yjc0MTRlZjNlZDhkYWIyYTRkOGYxYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifmQ2b++a43DqZHmN2yt+yqEpbD2
sd9zrYJ9JXyc3PWXN+VlPn/mrV3Uysaao/DJ1vLsl8Mkrnup9YMKu9E1BuNjNdOo
94R71OsDr4WodoFh2RkC3yUzZvHbFpvFtVdsG4X1HONR7dppb90flfziV931iehg
2KprHVu2DaFJEbXLK5wKc2V9EBeCtP8B8v2IR/jwUaPGw7t8TupwecNuCmqJoWbD
WyCjXEufSycJCo/xe3NTfOHZ/xMf+5YTmESNB7yyZ/WeWSCSMk2P6SJhTLLDrz3Q
+Cnk3tyN+A6/4qMVKQyxLdANY3IiTfJMznE5qUop/lPMscgcNu4FOq71VwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKTTBcRx0cUpt0FO8+2NqypNjxqRMB8GA1UdIwQY
MBaAFC/he/gO4eLnDbPqBdwW8wTnCQz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTC1GNy1BN2g0dWNOcy1vRjNCYnpCT2NKRFBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81YzRhNzEtYjM4YS00ZWI0LTg2MzMt
MjRiMzU3MmE4M2JiLzEvcE5NRnhISFJ4U20zUVU3ejdZMnJLazJQR3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81YzRhNzEtYjM4YS00ZWI0LTg2MzMtMjRiMzU3MmE4M2Ji
LzEvTC1GNy1BN2g0dWNOcy1vRjNCYnpCT2NKRFBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZlMMA0E
AgACMAcDBQMqBpiAMA0GCSqGSIb3DQEBCwUAA4IBAQDFOlmESdsYAeGaIYkaB59q
N3CPtgScOsbI6nBrw30DDoOhLiyEcD7EJbG7p+6yHibjQHKusPUR5CryYBx9HzAo
KU+VCL52bZgTv9o14nhkTgZXvFDdHLQoZKe/gvz3CuHKDhmgQVTNV9Vqedi5Tev2
d+UFBByiGj1J4kxgzQWJtxpIccEKg24GcHdMUDVs19RddFjenFaq0HWLp2fuwxV4
zq/xRcJBCcaYGzI4WdG2qdN1/Ky2iJs4t7kwww6WF3FPe/xLblZIhlHID6PssoSa
my1Ec3fOMOdOBO0odsaEnruyGZat+kX0MPCy+BX7Kw+4m6uh4eRzDRgUlu1OGP5z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:52 2025 by rpki-client