Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/vwUpTxYNCeGdvYflN1aPkdrf-P8.roa
File: vwUpTxYNCeGdvYflN1aPkdrf-P8.roa (raw, json)
Hash identifier: 9UlLbH7AA6bZPV4MJ4DklUNS9y9sNHb1FLiZqgtG+xI=
Subject key identifier: BF:05:29:4F:16:0D:09:E1:9D:BD:87:E5:37:56:8F:91:DA:DF:F8:FF
Certificate issuer: /CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Certificate serial: 018571BA2D3F8819EAB5BCE50F00732E24B1
Authority key identifier: 32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/vwUpTxYNCeGdvYflN1aPkdrf-P8.roa
Signing time: Mon 02 Jan 2023 09:05:04 +0000
ROA not before: Mon 02 Jan 2023 09:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212538
IP address blocks: 185.180.30.0/24 maxlen: 24
185.180.31.0/24 maxlen: 24
185.180.28.0/24 maxlen: 24
185.180.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:2d:3f:88:19:ea:b5:bc:e5:0f:00:73:2e:24:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Validity
Not Before: Jan 2 09:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf05294f160d09e19dbd87e537568f91dadff8ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cc:81:9d:71:55:03:10:dc:11:81:76:e8:65:
8f:80:1e:b4:8c:24:17:dc:96:23:b9:47:ee:41:41:
25:57:88:ab:6b:1c:a5:91:f3:e1:72:80:ca:a0:ec:
38:48:20:ea:db:78:a1:16:47:a6:93:f7:4f:42:48:
53:d1:e5:5b:bb:59:9e:fe:1e:8e:f0:61:0a:59:ae:
ce:2d:73:81:f5:3f:8a:9f:a2:27:e0:fa:34:df:e4:
52:50:95:85:01:44:a3:cf:99:4f:78:7f:85:d9:eb:
eb:2a:57:32:2f:02:7a:99:e4:c1:61:9a:b5:69:2e:
6e:2a:88:0e:5c:85:c7:2a:74:9c:8e:d1:27:b5:f2:
43:05:16:e5:6a:57:71:b3:82:16:1b:98:b4:99:9f:
fb:cb:41:be:33:a5:aa:f4:cb:00:07:85:aa:f0:d2:
ef:a3:50:6a:30:4d:01:04:b5:ce:ea:d9:39:56:0f:
3e:2d:4b:9f:31:95:b9:44:b4:c3:a3:76:6d:93:b4:
5f:95:a9:4c:04:59:1c:c2:d6:ca:70:ea:dc:5d:6b:
58:d8:48:01:9a:af:09:a7:77:a2:1d:b5:e0:64:30:
23:82:3e:a5:a7:89:37:f6:84:af:8b:60:58:22:5f:
85:7f:26:cc:ca:6a:72:b6:02:7c:02:92:07:09:88:
af:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:05:29:4F:16:0D:09:E1:9D:BD:87:E5:37:56:8F:91:DA:DF:F8:FF
X509v3 Authority Key Identifier:
keyid:32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/vwUpTxYNCeGdvYflN1aPkdrf-P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.28.0/22
Signature Algorithm: sha256WithRSAEncryption
23:31:29:ab:3c:07:ad:dd:62:56:b4:f6:b9:91:ae:5a:70:5f:
20:8e:50:6b:42:65:5e:be:32:a7:7d:ef:53:95:93:fb:49:ee:
ae:cf:0c:21:46:ae:72:2f:39:20:67:d8:b3:98:30:57:49:08:
9b:66:96:8b:e0:cc:57:9b:9c:d8:f5:fc:25:72:1c:a6:d8:62:
32:67:64:35:a7:27:bb:17:d7:07:06:a6:fa:c0:0f:7a:80:65:
b7:5a:95:46:a0:63:33:0a:86:5a:73:0e:00:e1:fd:d2:97:0c:
64:eb:ab:37:35:7d:81:6c:13:d8:b2:bc:55:b4:41:eb:77:d7:
e6:06:1d:50:8f:94:86:07:22:a9:84:e6:26:f9:e0:f7:d1:99:
b4:ae:99:92:1f:7d:9a:25:b6:dd:42:00:65:90:09:8d:4f:56:
e7:c1:57:96:36:6f:d5:81:dd:fd:eb:71:eb:16:d0:14:43:68:
d3:7b:8d:4b:7c:65:2b:77:0a:99:13:74:72:16:b5:3b:de:57:
76:d6:d3:b3:e6:39:f9:f8:e1:a2:c5:23:f1:a4:b5:2c:95:ee:
22:28:a6:b9:51:9a:b3:ef:62:b2:a7:0d:f1:4a:cf:bc:c2:10:
07:d1:aa:8e:38:af:e5:0d:e5:84:96:4a:c7:52:37:18:19:eb:
16:4a:b4:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxui0/iBnqtbzlDwBzLiSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWQ2NzAwMmRjNzMwN2U4NTYzYjZlNDkzNGNjZDU3MjNh
NDRmM2UwHhcNMjMwMTAyMDkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjA1Mjk0ZjE2MGQwOWUxOWRiZDg3ZTUzNzU2OGY5MWRhZGZmOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMyBnXFVAxDcEYF26GWPgB60jCQX
3JYjuUfuQUElV4iraxylkfPhcoDKoOw4SCDq23ihFkemk/dPQkhT0eVbu1me/h6O
8GEKWa7OLXOB9T+Kn6In4Po03+RSUJWFAUSjz5lPeH+F2evrKlcyLwJ6meTBYZq1
aS5uKogOXIXHKnScjtEntfJDBRblaldxs4IWG5i0mZ/7y0G+M6Wq9MsAB4Wq8NLv
o1BqME0BBLXO6tk5Vg8+LUufMZW5RLTDo3Ztk7RflalMBFkcwtbKcOrcXWtY2EgB
mq8Jp3eiHbXgZDAjgj6lp4k39oSvi2BYIl+FfybMympytgJ8ApIHCYivqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8FKU8WDQnhnb2H5TdWj5Ha3/j/MB8GA1UdIwQY
MBaAFDLtZwAtxzB+hWO25JNMzVcjpE8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMt
ZjFlOWJjNDFkOTJmLzEvdndVcFR4WU5DZUdkdllmbE4xYVBrZHJmLVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMtZjFlOWJjNDFkOTJm
LzEvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubQcMA0G
CSqGSIb3DQEBCwUAA4IBAQAjMSmrPAet3WJWtPa5ka5acF8gjlBrQmVevjKnfe9T
lZP7Se6uzwwhRq5yLzkgZ9izmDBXSQibZpaL4MxXm5zY9fwlchym2GIyZ2Q1pye7
F9cHBqb6wA96gGW3WpVGoGMzCoZacw4A4f3Slwxk66s3NX2BbBPYsrxVtEHrd9fm
Bh1Qj5SGByKphOYm+eD30Zm0rpmSH32aJbbdQgBlkAmNT1bnwVeWNm/Vgd3963Hr
FtAUQ2jTe41LfGUrdwqZE3RyFrU73ld21tOz5jn5+OGixSPxpLUsle4iKKa5UZqz
72Kypw3xSs+8whAH0aqOOK/lDeWElkrHUjcYGesWSrSg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:16 2025 by rpki-client