Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/P529CQOEZk3A4yc4ByaKW6sbaBY.roa
File: P529CQOEZk3A4yc4ByaKW6sbaBY.roa (raw, json)
Hash identifier: 5lgMGhEa5ZQd9LzY8kVLuFS7+T6EoWH4ElvsfCEbACw=
Subject key identifier: 3F:9D:BD:09:03:84:66:4D:C0:E3:27:38:07:26:8A:5B:AB:1B:68:16
Certificate issuer: /CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Certificate serial: 0184BD83590EC42D7B3F7C0070DF19FCE54C
Authority key identifier: 85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/P529CQOEZk3A4yc4ByaKW6sbaBY.roa
Signing time: Mon 28 Nov 2022 09:13:32 +0000
ROA not before: Mon 28 Nov 2022 09:13:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210301
IP address blocks: 185.146.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:83:59:0e:c4:2d:7b:3f:7c:00:70:df:19:fc:e5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Validity
Not Before: Nov 28 09:13:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f9dbd090384664dc0e3273807268a5bab1b6816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b2:a5:6b:e4:31:90:9a:36:cd:53:cc:71:72:
42:d4:e2:b6:e2:76:d6:9c:57:29:4c:ce:c0:21:8b:
59:61:ff:c0:5f:5d:05:5e:17:9a:86:59:2d:27:7c:
20:1b:10:3b:2e:59:48:5a:36:1d:09:8c:5b:67:16:
a3:db:53:ee:6e:4c:7b:b8:69:db:3b:63:8c:7b:5e:
d2:80:0f:ff:5f:50:cd:ef:62:24:d2:39:b0:c7:83:
b0:0e:f7:43:f8:74:3f:3c:1e:5c:d8:07:80:c3:c5:
3f:1b:1c:4f:ba:c2:53:6f:14:b7:a9:0f:a0:03:59:
2d:8b:26:16:94:1a:a6:ff:3a:30:f6:3e:96:9e:c9:
ac:6a:48:d0:fc:6c:9a:d2:09:ea:fd:0f:d2:a4:09:
71:90:39:06:ef:78:13:4b:da:56:19:fe:19:92:d3:
8a:09:67:ce:39:22:9b:ea:11:f3:6f:fc:4a:19:83:
9e:72:9d:0c:12:98:a7:e0:1f:7a:d6:d2:65:4c:22:
f8:8b:dc:1d:82:7d:d1:1e:e3:db:34:b8:17:8e:de:
af:d3:76:94:8e:55:0e:95:53:ce:dc:b5:a3:9e:89:
5b:b5:95:fb:a4:7b:fa:be:dd:70:5d:a8:a5:c6:1f:
f8:35:ab:b6:7f:15:f8:ca:b7:22:41:32:ed:dc:5b:
53:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9D:BD:09:03:84:66:4D:C0:E3:27:38:07:26:8A:5B:AB:1B:68:16
X509v3 Authority Key Identifier:
keyid:85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/P529CQOEZk3A4yc4ByaKW6sbaBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/hfTuFPbTinzwcSed_3s5FwLjcTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.227.0/24
Signature Algorithm: sha256WithRSAEncryption
34:fe:99:69:30:ce:ed:03:b9:30:81:64:8f:73:c7:01:66:ee:
ad:eb:bd:22:17:f0:b1:95:f8:de:44:77:2e:b3:94:9b:96:e2:
3c:43:27:10:e9:0d:6a:d7:10:43:c9:67:9b:71:98:5a:99:bc:
2c:c2:cb:b1:a8:bc:1e:df:8e:78:38:42:e7:d1:c9:16:80:95:
1e:f8:36:66:17:64:88:ca:24:d3:45:50:4d:30:84:7f:54:86:
91:34:6b:61:c0:32:88:e9:7b:f8:a5:83:90:78:ec:85:5e:8b:
9a:9f:f9:8f:a6:3d:4b:9e:56:94:9a:e3:21:4c:62:b2:b7:97:
da:b5:b4:bd:bb:ac:69:05:eb:b8:4b:9c:34:b8:7f:c2:05:a7:
24:42:0a:ff:00:b0:6e:3c:63:91:f3:9d:c4:62:a7:3d:d9:81:
6e:aa:70:be:44:60:ed:4a:58:3a:0b:66:0e:52:7d:38:20:4b:
1e:35:76:4c:2c:3c:d9:8f:bc:2f:ff:03:d1:12:3d:ef:5c:53:
c5:b5:c2:23:0d:6f:f9:13:15:3c:0f:40:a6:dc:f4:e6:68:fd:
83:13:45:8a:cc:1f:e5:de:a8:58:92:c4:36:42:a0:19:a7:f9:
12:93:43:2b:f0:eb:21:6a:e6:8b:66:9a:3c:b9:09:e9:18:31:
7f:12:ea:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS9g1kOxC17P3wAcN8Z/OVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZjRlZTE0ZjZkMzhhN2NmMDcxMjc5ZGZmN2IzOTE3MDJl
MzcxMzUwHhcNMjIxMTI4MDkxMzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjlkYmQwOTAzODQ2NjRkYzBlMzI3MzgwNzI2OGE1YmFiMWI2ODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rKla+QxkJo2zVPMcXJC1OK24nbW
nFcpTM7AIYtZYf/AX10FXheahlktJ3wgGxA7LllIWjYdCYxbZxaj21Pubkx7uGnb
O2OMe17SgA//X1DN72Ik0jmwx4OwDvdD+HQ/PB5c2AeAw8U/GxxPusJTbxS3qQ+g
A1ktiyYWlBqm/zow9j6WnsmsakjQ/Gya0gnq/Q/SpAlxkDkG73gTS9pWGf4ZktOK
CWfOOSKb6hHzb/xKGYOecp0MEpin4B961tJlTCL4i9wdgn3RHuPbNLgXjt6v03aU
jlUOlVPO3LWjnolbtZX7pHv6vt1wXailxh/4Nau2fxX4yrciQTLt3FtTfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD+dvQkDhGZNwOMnOAcmilurG2gWMB8GA1UdIwQY
MBaAFIX07hT204p88HEnnf97ORcC43E1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUt
YmZkOTVhOWE2ZTY0LzEvUDUyOUNRT0VaazNBNHljNEJ5YUtXNnNiYUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUtYmZkOTVhOWE2ZTY0
LzEvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZLjMA0G
CSqGSIb3DQEBCwUAA4IBAQA0/plpMM7tA7kwgWSPc8cBZu6t670iF/CxlfjeRHcu
s5SbluI8QycQ6Q1q1xBDyWebcZhambwswsuxqLwe3454OELn0ckWgJUe+DZmF2SI
yiTTRVBNMIR/VIaRNGthwDKI6Xv4pYOQeOyFXouan/mPpj1LnlaUmuMhTGKyt5fa
tbS9u6xpBeu4S5w0uH/CBackQgr/ALBuPGOR853EYqc92YFuqnC+RGDtSlg6C2YO
Un04IEseNXZMLDzZj7wv/wPREj3vXFPFtcIjDW/5ExU8D0Cm3PTmaP2DE0WKzB/l
3qhYksQ2QqAZp/kSk0Mr8OshauaLZpo8uQnpGDF/EurJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:03 2024 by rpki-client on console-fra.rpki-client.org