Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/506b38-76ec-472e-a94b-87034f9fce61/1/1-XOZsCQ-tWMNLl4lonn4ev6Msec.roa
File: 1-XOZsCQ-tWMNLl4lonn4ev6Msec.roa (raw, json)
Hash identifier: wHnlZK+4M5hWvBNsNZI++dUj/u9y0AIxFnGooTnbUP8=
Subject key identifier: F9:73:99:B0:24:3E:B5:63:0D:2E:5E:25:A2:79:F8:7A:FE:8C:B1:E7
Certificate issuer: /CN=1ffa7f772b323b24dbe69d3f3acf755e69d601cd
Certificate serial: 01892AB970F432E2F5DA712B564C1C71BB0F
Authority key identifier: 1F:FA:7F:77:2B:32:3B:24:DB:E6:9D:3F:3A:CF:75:5E:69:D6:01:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H_p_dysyOyTb5p0_Os91XmnWAc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/506b38-76ec-472e-a94b-87034f9fce61/1/1-XOZsCQ-tWMNLl4lonn4ev6Msec.roa
Signing time: Thu 06 Jul 2023 10:22:23 +0000
ROA not before: Thu 06 Jul 2023 10:22:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202936
IP address blocks: 185.241.232.0/22 maxlen: 23
185.148.64.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:b9:70:f4:32:e2:f5:da:71:2b:56:4c:1c:71:bb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ffa7f772b323b24dbe69d3f3acf755e69d601cd
Validity
Not Before: Jul 6 10:22:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f97399b0243eb5630d2e5e25a279f87afe8cb1e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b7:f0:0b:0e:18:7c:5a:2d:61:6c:33:79:b1:
8d:40:1d:df:55:f0:a5:64:dd:51:49:ad:14:0a:59:
78:a3:8f:45:8c:54:b0:51:66:76:8d:60:24:8f:49:
80:7e:9e:97:4a:ed:88:69:f9:d5:f9:89:fc:85:28:
67:5c:57:a5:b4:c9:34:ce:40:b5:9d:4e:24:f8:7c:
f1:ff:af:a5:72:67:ba:c5:c8:00:52:bf:6c:b9:e4:
ab:18:ac:d4:aa:93:26:ce:b2:29:23:56:f0:9c:99:
32:c0:4a:93:68:3b:5b:cd:d5:a0:52:17:c3:d8:a6:
5f:5e:a0:86:79:4a:2a:45:4a:9c:ae:74:8e:df:bb:
46:3c:b5:d1:82:e8:31:d0:7d:bb:e2:61:53:4c:6a:
0a:c4:4d:bc:88:8c:64:c3:83:ce:f6:70:32:4c:5b:
98:75:78:72:3b:5c:ed:15:88:3c:31:cb:ee:69:b2:
19:d3:d1:68:b2:38:6f:85:a7:56:22:b8:2d:ff:b8:
67:84:74:6a:8e:40:36:86:a9:ca:98:00:aa:5f:26:
02:83:cd:e0:e4:7e:8e:82:2a:1c:a0:ac:fb:44:51:
f7:68:1d:5f:a0:94:f3:b6:66:9d:d1:76:49:59:47:
5b:bd:63:b4:65:c9:41:4e:bb:72:20:52:7c:63:92:
9d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:73:99:B0:24:3E:B5:63:0D:2E:5E:25:A2:79:F8:7A:FE:8C:B1:E7
X509v3 Authority Key Identifier:
keyid:1F:FA:7F:77:2B:32:3B:24:DB:E6:9D:3F:3A:CF:75:5E:69:D6:01:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H_p_dysyOyTb5p0_Os91XmnWAc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/506b38-76ec-472e-a94b-87034f9fce61/1/1-XOZsCQ-tWMNLl4lonn4ev6Msec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/506b38-76ec-472e-a94b-87034f9fce61/1/H_p_dysyOyTb5p0_Os91XmnWAc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.64.0/22
185.241.232.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:7f:e8:5c:08:f0:e6:f3:50:0d:70:c0:28:2f:45:3e:17:f6:
2a:0d:86:3a:6d:b8:57:6c:f7:01:a9:8d:2d:46:26:0d:3e:99:
e8:3f:05:74:83:c9:80:c5:b3:59:49:74:48:76:3d:43:44:c8:
2f:d1:3f:ed:64:76:da:6a:52:37:1d:2d:3d:92:92:ba:8d:d0:
a3:53:71:7b:5b:4c:d6:45:44:14:62:bc:1e:af:39:4d:b7:3a:
98:b3:18:02:7c:53:ce:94:13:a4:5a:5e:72:d0:eb:b1:07:35:
b8:b5:5e:7e:f5:f9:3e:6e:43:5c:bc:2f:c8:bd:f9:af:65:59:
6b:e6:d5:81:5c:3b:f9:73:92:32:d4:85:a8:84:f0:2a:7e:c8:
28:8d:ca:02:c1:58:f2:65:20:b2:ac:16:91:d1:f6:37:2a:8f:
e4:f3:6e:c1:ae:be:6c:c0:2a:6f:e5:90:0a:70:7f:d2:aa:32:
38:b7:ae:43:6b:38:83:e6:eb:0e:e6:42:f7:57:12:3e:64:4e:
61:f9:c7:7b:93:eb:fa:7e:63:11:eb:fa:8e:f4:6d:13:bb:ba:
e7:18:cb:96:9e:2b:78:3f:d0:df:fe:00:60:12:dc:b7:f1:9e:
9b:64:8b:e9:e6:97:11:46:fc:71:55:37:1f:2a:ac:99:8d:60:
63:a1:7a:2b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYkquXD0MuL12nErVkwccbsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZmE3Zjc3MmIzMjNiMjRkYmU2OWQzZjNhY2Y3NTVlNjlk
NjAxY2QwHhcNMjMwNzA2MTAyMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTczOTliMDI0M2ViNTYzMGQyZTVlMjVhMjc5Zjg3YWZlOGNiMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbfwCw4YfFotYWwzebGNQB3fVfCl
ZN1RSa0UCll4o49FjFSwUWZ2jWAkj0mAfp6XSu2IafnV+Yn8hShnXFeltMk0zkC1
nU4k+Hzx/6+lcme6xcgAUr9sueSrGKzUqpMmzrIpI1bwnJkywEqTaDtbzdWgUhfD
2KZfXqCGeUoqRUqcrnSO37tGPLXRgugx0H274mFTTGoKxE28iIxkw4PO9nAyTFuY
dXhyO1ztFYg8McvuabIZ09FosjhvhadWIrgt/7hnhHRqjkA2hqnKmACqXyYCg83g
5H6OgiocoKz7RFH3aB1foJTztmad0XZJWUdbvWO0ZclBTrtyIFJ8Y5Kd/QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlzmbAkPrVjDS5eJaJ5+Hr+jLHnMB8GA1UdIwQY
MBaAFB/6f3crMjsk2+adPzrPdV5p1gHNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSF9wX2R5c3lPeVRiNXAwX09zOTFYbW5XQWMwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MDZiMzgtNzZlYy00NzJlLWE5NGIt
ODcwMzRmOWZjZTYxLzEvMS1YT1pzQ1EtdFdNTkxsNGxvbm40ZXY2TXNlYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvNTA2YjM4LTc2ZWMtNDcyZS1hOTRiLTg3MDM0ZjlmY2U2
MS8xL0hfcF9keXN5T3lUYjVwMF9PczkxWG1uV0FjMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArmUQAME
Arnx6DANBgkqhkiG9w0BAQsFAAOCAQEAfH/oXAjw5vNQDXDAKC9FPhf2Kg2GOm24
V2z3AamNLUYmDT6Z6D8FdIPJgMWzWUl0SHY9Q0TIL9E/7WR22mpSNx0tPZKSuo3Q
o1Nxe1tM1kVEFGK8Hq85Tbc6mLMYAnxTzpQTpFpectDrsQc1uLVefvX5Pm5DXLwv
yL35r2VZa+bVgVw7+XOSMtSFqITwKn7IKI3KAsFY8mUgsqwWkdH2NyqP5PNuwa6+
bMAqb+WQCnB/0qoyOLeuQ2s4g+brDuZC91cSPmROYfnHe5Pr+n5jEev6jvRtE7u6
5xjLlp4reD/Q3/4AYBLct/Gem2SL6eaXEUb8cVU3HyqsmY1gY6F6Kw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:46 2025 by rpki-client