Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/08a7ff-2cef-4248-9fe8-04c8f3eeceeb/1/7cf3nmUVKnhzy9fgy07BW6Ip10U.roa
File: 7cf3nmUVKnhzy9fgy07BW6Ip10U.roa (raw, json)
Hash identifier: gFD3iKiutmRSxIfbTC/gUdhZNVrXU1a+rZ2DHVXT5Mo=
Subject key identifier: ED:C7:F7:9E:65:15:2A:78:73:CB:D7:E0:CB:4E:C1:5B:A2:29:D7:45
Certificate issuer: /CN=571456649692e60566de008e126bbdd1d2ebed45
Certificate serial: 01856F9499B1905DC9341AF20B882BAE3A44
Authority key identifier: 57:14:56:64:96:92:E6:05:66:DE:00:8E:12:6B:BD:D1:D2:EB:ED:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxRWZJaS5gVm3gCOEmu90dLr7UU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/08a7ff-2cef-4248-9fe8-04c8f3eeceeb/1/7cf3nmUVKnhzy9fgy07BW6Ip10U.roa
Signing time: Sun 01 Jan 2023 23:04:47 +0000
ROA not before: Sun 01 Jan 2023 23:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59853
IP address blocks: 185.68.230.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:99:b1:90:5d:c9:34:1a:f2:0b:88:2b:ae:3a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=571456649692e60566de008e126bbdd1d2ebed45
Validity
Not Before: Jan 1 23:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edc7f79e65152a7873cbd7e0cb4ec15ba229d745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:db:5a:55:d1:aa:ce:15:d1:87:f7:ad:4a:f8:
92:7f:6f:90:2d:79:99:72:8a:9c:a0:7a:0b:01:14:
fa:41:49:96:4c:a7:1a:dc:1e:05:22:bc:25:56:69:
4b:47:8a:74:88:da:0b:3c:eb:5b:2e:a1:80:2e:16:
95:37:cb:27:0a:03:37:ef:42:a4:e4:27:86:7c:e0:
5e:a8:87:86:17:20:5c:28:1d:bf:05:79:c2:61:bb:
e5:89:27:c1:2f:90:cd:27:2a:ea:e5:5f:94:5f:b9:
af:06:5e:10:77:75:93:73:5c:71:31:d6:73:63:35:
41:38:97:30:0c:f9:a9:34:c2:8e:00:17:fd:f0:b7:
26:21:ea:da:f1:17:f0:61:00:75:c7:17:b2:d1:58:
0d:a2:1e:d0:ed:6d:3a:56:73:8d:19:69:5f:40:c5:
41:15:05:e8:04:2f:eb:ec:8c:8e:65:de:e9:c8:50:
34:6a:18:df:a1:65:c8:f1:13:8f:84:ed:9b:df:62:
e2:2f:c2:9e:f5:68:5f:4b:ea:6a:fd:c6:c0:6f:c2:
dc:9c:40:78:a1:be:7e:d2:ee:3d:6e:b7:48:a2:39:
8e:39:8f:ff:34:f9:61:a2:ab:c4:ca:39:7b:a8:c5:
42:66:9d:ef:89:84:61:34:3e:1d:37:b7:9e:20:54:
e8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C7:F7:9E:65:15:2A:78:73:CB:D7:E0:CB:4E:C1:5B:A2:29:D7:45
X509v3 Authority Key Identifier:
keyid:57:14:56:64:96:92:E6:05:66:DE:00:8E:12:6B:BD:D1:D2:EB:ED:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxRWZJaS5gVm3gCOEmu90dLr7UU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/08a7ff-2cef-4248-9fe8-04c8f3eeceeb/1/7cf3nmUVKnhzy9fgy07BW6Ip10U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/08a7ff-2cef-4248-9fe8-04c8f3eeceeb/1/VxRWZJaS5gVm3gCOEmu90dLr7UU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.230.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:e1:de:6c:b7:ed:55:a0:9b:5b:0a:84:6e:95:15:76:41:80:
cf:af:b9:73:9e:90:0c:c5:a1:f3:00:06:39:35:0f:87:70:14:
ff:35:26:bf:b1:98:0e:9c:b9:de:40:9b:5b:15:3e:95:03:05:
13:1b:c7:b9:4c:08:91:00:9e:d6:76:55:93:17:06:62:cd:c5:
83:60:1a:04:4e:43:e4:f5:ab:07:a2:bd:e8:de:31:7c:77:12:
42:e8:bf:06:a0:eb:c6:24:7c:40:0a:a0:72:f3:e2:41:57:05:
fd:1d:f0:36:e2:d3:02:22:a2:8d:47:76:e9:78:ea:cf:dd:96:
3b:cb:74:46:02:8d:62:b2:8a:75:6e:57:09:52:04:fb:7b:13:
bf:33:76:41:71:a8:6c:4b:e0:fe:50:f3:d7:ea:32:d5:ad:3c:
de:2e:fd:53:bd:8a:38:81:92:83:55:73:1b:95:a6:aa:d8:ee:
cf:a6:17:38:b2:46:3a:ac:4f:b9:b6:e9:05:81:83:5a:57:de:
cf:18:57:17:66:05:76:23:b6:86:c2:ae:d4:ca:4f:4d:c0:2e:
4a:ac:bf:46:f3:38:63:c7:30:a8:cf:dc:fa:be:28:78:49:58:
d4:bb:68:11:6e:99:a7:da:e8:ec:3a:3d:85:ff:53:2c:73:68:
eb:00:63:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlJmxkF3JNBryC4grrjpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTQ1NjY0OTY5MmU2MDU2NmRlMDA4ZTEyNmJiZGQxZDJl
YmVkNDUwHhcNMjMwMTAxMjMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGM3Zjc5ZTY1MTUyYTc4NzNjYmQ3ZTBjYjRlYzE1YmEyMjlkNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdtaVdGqzhXRh/etSviSf2+QLXmZ
coqcoHoLART6QUmWTKca3B4FIrwlVmlLR4p0iNoLPOtbLqGALhaVN8snCgM370Kk
5CeGfOBeqIeGFyBcKB2/BXnCYbvliSfBL5DNJyrq5V+UX7mvBl4Qd3WTc1xxMdZz
YzVBOJcwDPmpNMKOABf98LcmIera8RfwYQB1xxey0VgNoh7Q7W06VnONGWlfQMVB
FQXoBC/r7IyOZd7pyFA0ahjfoWXI8ROPhO2b32LiL8Ke9WhfS+pq/cbAb8LcnEB4
ob5+0u49brdIojmOOY//NPlhoqvEyjl7qMVCZp3viYRhND4dN7eeIFTo5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO3H955lFSp4c8vX4MtOwVuiKddFMB8GA1UdIwQY
MBaAFFcUVmSWkuYFZt4AjhJrvdHS6+1FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhSV1pKYVM1Z1ZtM2dDT0VtdTkwZExyN1VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wOGE3ZmYtMmNlZi00MjQ4LTlmZTgt
MDRjOGYzZWVjZWViLzEvN2NmM25tVVZLbmh6eTlmZ3kwN0JXNklwMTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wOGE3ZmYtMmNlZi00MjQ4LTlmZTgtMDRjOGYzZWVjZWVi
LzEvVnhSV1pKYVM1Z1ZtM2dDT0VtdTkwZExyN1VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUTmMA0G
CSqGSIb3DQEBCwUAA4IBAQAe4d5st+1VoJtbCoRulRV2QYDPr7lznpAMxaHzAAY5
NQ+HcBT/NSa/sZgOnLneQJtbFT6VAwUTG8e5TAiRAJ7WdlWTFwZizcWDYBoETkPk
9asHor3o3jF8dxJC6L8GoOvGJHxACqBy8+JBVwX9HfA24tMCIqKNR3bpeOrP3ZY7
y3RGAo1isop1blcJUgT7exO/M3ZBcahsS+D+UPPX6jLVrTzeLv1TvYo4gZKDVXMb
laaq2O7Pphc4skY6rE+5tukFgYNaV97PGFcXZgV2I7aGwq7Uyk9NwC5KrL9G8zhj
xzCoz9z6vih4SVjUu2gRbpmn2ujsOj2F/1Msc2jrAGNa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:12 2025 by rpki-client