Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/fd30a8-c0bf-414f-aba7-b1651a64f35e/1/4BAX1UwLF4I_cIyS8cwBbTJ7XRc.roa
File: 4BAX1UwLF4I_cIyS8cwBbTJ7XRc.roa (raw, json)
Hash identifier: iMf0QTexQHewMfwHepg2LgWkYaHxbl3wbC5OFPtmMPE=
Subject key identifier: E0:10:17:D5:4C:0B:17:82:3F:70:8C:92:F1:CC:01:6D:32:7B:5D:17
Certificate issuer: /CN=f3443f5b5c78d68e739d4fa6feafdd243b052a4b
Certificate serial: 0185A5330C9E2FBCF967897E941DA5742A66
Authority key identifier: F3:44:3F:5B:5C:78:D6:8E:73:9D:4F:A6:FE:AF:DD:24:3B:05:2A:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80Q_W1x41o5znU-m_q_dJDsFKks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/fd30a8-c0bf-414f-aba7-b1651a64f35e/1/4BAX1UwLF4I_cIyS8cwBbTJ7XRc.roa
Signing time: Thu 12 Jan 2023 08:57:44 +0000
ROA not before: Thu 12 Jan 2023 08:57:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31452
IP address blocks: 185.7.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:33:0c:9e:2f:bc:f9:67:89:7e:94:1d:a5:74:2a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3443f5b5c78d68e739d4fa6feafdd243b052a4b
Validity
Not Before: Jan 12 08:57:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e01017d54c0b17823f708c92f1cc016d327b5d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0b:a5:ed:8a:4a:14:8b:43:c5:50:a7:a7:b2:
94:4f:6d:a7:ff:c9:30:e4:3b:28:35:c5:35:7e:6e:
23:41:85:42:39:3f:2a:80:d1:cf:94:3f:35:f4:95:
e5:68:54:60:e8:4c:af:7a:75:95:fd:94:f4:22:ca:
11:87:91:d8:8c:c2:67:a2:ba:f0:d6:a1:d6:e4:8b:
89:93:a4:ea:a6:ab:65:8b:60:eb:44:bc:67:f3:4d:
f9:aa:a6:71:3e:e4:2f:42:ae:c0:f7:e6:48:7a:7c:
98:9f:57:5d:7e:b4:b2:06:81:3e:66:72:d8:25:79:
66:57:ea:a9:f3:d6:23:92:c8:83:64:ca:be:b9:a6:
0a:ce:d7:c2:81:03:1c:e4:e0:7b:f8:f7:50:76:26:
35:55:eb:64:2e:d8:91:0a:33:ee:41:0b:a3:59:42:
1b:24:7d:7f:39:3f:cd:63:e9:da:be:cf:6c:2b:9e:
e3:ed:66:9a:ac:6c:97:6d:53:76:c3:7b:f7:e2:2e:
8a:6a:85:25:0c:0e:6a:e8:67:8b:07:9a:a6:2f:7b:
b6:60:9d:1d:24:f0:3e:33:39:e6:d3:27:34:9a:56:
5d:c5:d0:45:83:c2:b2:97:cb:51:c5:43:e0:f8:2d:
ed:2d:e9:39:82:cd:0d:c9:5b:97:89:59:0a:29:97:
26:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:10:17:D5:4C:0B:17:82:3F:70:8C:92:F1:CC:01:6D:32:7B:5D:17
X509v3 Authority Key Identifier:
keyid:F3:44:3F:5B:5C:78:D6:8E:73:9D:4F:A6:FE:AF:DD:24:3B:05:2A:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80Q_W1x41o5znU-m_q_dJDsFKks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fd30a8-c0bf-414f-aba7-b1651a64f35e/1/4BAX1UwLF4I_cIyS8cwBbTJ7XRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fd30a8-c0bf-414f-aba7-b1651a64f35e/1/80Q_W1x41o5znU-m_q_dJDsFKks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.8.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:06:7a:b6:d9:92:07:f5:5a:15:dd:dd:01:3a:b0:1c:67:21:
a0:73:f9:8a:97:20:d9:74:53:70:01:ba:28:f2:35:5c:49:96:
5c:24:c8:2c:d9:90:e0:14:c2:29:db:86:19:7a:ea:1b:79:77:
4b:24:71:3c:4d:97:b7:c4:ab:c0:f0:66:bc:3d:fd:6e:77:82:
2e:ae:93:59:c9:8e:c0:9d:23:38:0c:bb:17:85:ea:c2:05:c3:
ae:71:02:ad:a8:b4:86:72:84:1a:0f:a1:97:6d:ae:0d:d2:60:
c5:b1:b2:44:d8:c9:74:78:03:fa:60:92:de:1b:98:b8:26:3e:
0b:19:ab:1c:9f:40:07:c4:11:51:49:02:4f:5f:96:05:10:81:
f3:dc:f5:74:89:cc:63:fc:93:4c:55:f3:44:3c:1c:d8:14:a4:
0e:72:f5:3c:eb:ad:93:90:d3:b4:52:fa:5e:ab:a9:d5:45:04:
0f:4b:a7:1a:35:bd:a1:aa:e0:39:71:cf:c0:9f:e2:26:4f:cf:
55:ae:9c:a9:e2:85:3f:19:e1:2c:da:20:d0:47:50:6d:6f:95:
76:1b:96:4d:55:02:aa:c2:10:fc:2c:e4:a8:ab:b2:f2:e8:fa:
5b:83:78:20:57:de:15:5f:ad:8d:63:10:7e:ec:cc:e2:ba:39:
82:69:9b:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWlMwyeL7z5Z4l+lB2ldCpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDQzZjViNWM3OGQ2OGU3MzlkNGZhNmZlYWZkZDI0M2Iw
NTJhNGIwHhcNMjMwMTEyMDg1NzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDEwMTdkNTRjMGIxNzgyM2Y3MDhjOTJmMWNjMDE2ZDMyN2I1ZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQul7YpKFItDxVCnp7KUT22n/8kw
5DsoNcU1fm4jQYVCOT8qgNHPlD819JXlaFRg6EyvenWV/ZT0IsoRh5HYjMJnorrw
1qHW5IuJk6Tqpqtli2DrRLxn8035qqZxPuQvQq7A9+ZIenyYn1ddfrSyBoE+ZnLY
JXlmV+qp89YjksiDZMq+uaYKztfCgQMc5OB7+PdQdiY1VetkLtiRCjPuQQujWUIb
JH1/OT/NY+navs9sK57j7WaarGyXbVN2w3v34i6KaoUlDA5q6GeLB5qmL3u2YJ0d
JPA+Mznm0yc0mlZdxdBFg8Kyl8tRxUPg+C3tLek5gs0NyVuXiVkKKZcm3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOAQF9VMCxeCP3CMkvHMAW0ye10XMB8GA1UdIwQY
MBaAFPNEP1tceNaOc51Ppv6v3SQ7BSpLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBRX1cxeDQxbzV6blUtbV9xX2RKRHNGS2tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mZDMwYTgtYzBiZi00MTRmLWFiYTct
YjE2NTFhNjRmMzVlLzEvNEJBWDFVd0xGNElfY0l5Uzhjd0JiVEo3WFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mZDMwYTgtYzBiZi00MTRmLWFiYTctYjE2NTFhNjRmMzVl
LzEvODBRX1cxeDQxbzV6blUtbV9xX2RKRHNGS2tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQcIMA0G
CSqGSIb3DQEBCwUAA4IBAQCeBnq22ZIH9VoV3d0BOrAcZyGgc/mKlyDZdFNwAboo
8jVcSZZcJMgs2ZDgFMIp24YZeuobeXdLJHE8TZe3xKvA8Ga8Pf1ud4IurpNZyY7A
nSM4DLsXherCBcOucQKtqLSGcoQaD6GXba4N0mDFsbJE2Ml0eAP6YJLeG5i4Jj4L
Gascn0AHxBFRSQJPX5YFEIHz3PV0icxj/JNMVfNEPBzYFKQOcvU8662TkNO0Uvpe
q6nVRQQPS6caNb2hquA5cc/An+ImT89Vrpyp4oU/GeEs2iDQR1Btb5V2G5ZNVQKq
whD8LOSoq7Ly6Ppbg3ggV94VX62NYxB+7MziujmCaZvn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:23 2025 by rpki-client