Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/vdvF2YWVzyatq3Y4Tjg7id3CA3g.roa
File: vdvF2YWVzyatq3Y4Tjg7id3CA3g.roa (raw, json)
Hash identifier: 3NU6jLI1n+Jf4LMER3Q1pZlkcLXZ18lPxOQdL6Tb3R4=
Subject key identifier: BD:DB:C5:D9:85:95:CF:26:AD:AB:76:38:4E:38:3B:89:DD:C2:03:78
Certificate issuer: /CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Certificate serial: 02A5ECD7
Authority key identifier: 4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/vdvF2YWVzyatq3Y4Tjg7id3CA3g.roa
Signing time: Sat 01 Jan 2022 16:02:17 +0000
ROA not before: Sat 01 Jan 2022 16:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211623
IP address blocks: 185.253.58.0/24 maxlen: 24
2a10:b9c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44428503 (0x2a5ecd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Validity
Not Before: Jan 1 16:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bddbc5d98595cf26adab76384e383b89ddc20378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9e:be:88:b3:03:9b:39:a6:5c:6e:f1:05:82:
3b:13:c7:06:70:91:14:2d:1f:73:c4:f5:ff:95:b0:
18:49:82:de:6e:54:5f:26:db:4d:90:72:29:37:fa:
6b:38:f0:e6:46:1d:28:e6:05:1b:b8:6d:e6:53:c3:
cd:82:86:b5:21:c5:2d:03:a5:9e:f8:13:d8:1c:42:
3c:10:69:35:75:bd:f8:9f:91:a1:e4:24:55:51:32:
df:50:0f:32:ea:50:2d:eb:1e:e4:58:41:b5:4c:ba:
6a:bc:27:79:d2:3c:1a:c5:ae:e4:71:19:a6:96:4f:
21:c6:ce:2e:82:64:c1:04:97:8b:be:3d:30:b3:ea:
6b:80:45:a7:06:81:2b:4b:ee:be:a8:59:60:c8:05:
0f:93:5f:fd:08:59:4b:f1:52:d3:f0:4f:c9:58:71:
bb:15:3e:74:c0:0c:b3:38:51:27:60:6c:6b:dc:f6:
8f:9d:50:86:22:a2:de:af:6d:cf:ab:9d:f2:94:ba:
39:21:b0:8e:b3:99:2e:65:9e:ec:bb:f9:38:7a:c0:
89:30:2f:48:8d:68:18:25:7d:c4:8f:a1:c6:cc:52:
77:cb:52:ab:eb:c9:85:f3:b1:a5:50:a1:ff:e2:dc:
23:f2:df:82:86:85:7a:6d:45:77:84:24:30:8f:ee:
cd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DB:C5:D9:85:95:CF:26:AD:AB:76:38:4E:38:3B:89:DD:C2:03:78
X509v3 Authority Key Identifier:
keyid:4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/vdvF2YWVzyatq3Y4Tjg7id3CA3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.58.0/24
IPv6:
2a10:b9c0::/29
Signature Algorithm: sha256WithRSAEncryption
ea:d5:b6:96:be:7d:ff:8e:fd:a0:cb:91:2c:75:0e:ae:4f:fc:
7d:d0:14:34:8a:e0:5d:98:09:b6:cd:c2:b1:1b:c0:73:d8:27:
cf:e8:b1:57:38:38:12:fe:33:e9:c5:41:60:af:e8:7a:04:a9:
47:3c:d2:13:e8:9b:1a:8c:3b:d0:a7:77:b9:b6:c7:0b:38:c8:
46:76:d0:8c:00:c2:ca:dd:40:77:cc:bc:fb:08:94:74:96:db:
86:7b:4b:7d:2d:1c:8e:7e:c1:58:b8:1e:4f:db:97:42:90:7c:
32:9b:5b:d7:55:6b:cf:91:85:e1:80:66:eb:64:e3:ff:d1:78:
b9:16:3c:ad:a5:b7:de:ef:7c:c7:f2:69:5b:b5:da:7c:01:5f:
c8:d2:fb:fc:eb:2c:ff:de:6c:d0:95:82:2d:87:dd:3f:31:f9:
a6:c8:64:81:62:93:c2:e8:75:f4:ee:c3:70:34:69:5a:2d:c8:
4c:cb:65:31:da:a8:70:80:4d:7a:a4:57:22:58:47:76:42:81:
9f:5f:ee:98:d7:d4:11:9e:78:e7:83:25:f4:b4:d3:98:c6:6d:
42:f9:db:4d:b8:9e:fd:e3:33:c8:37:67:b5:25:67:6e:16:bf:
42:47:40:6d:54:9f:ba:e6:12:c2:08:f0:49:99:d1:f1:72:3d:
49:c4:1e:80
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAqXs1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTdmNGY4YWM4Y2E3MzQzZWQxYjRmZjEyY2UyNzYzMThiNjlkMTBlMB4XDTIyMDEw
MTE2MDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmRkYmM1ZDk4NTk1
Y2YyNmFkYWI3NjM4NGUzODNiODlkZGMyMDM3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKievoizA5s5plxu8QWCOxPHBnCRFC0fc8T1/5WwGEmC3m5U
XybbTZByKTf6azjw5kYdKOYFG7ht5lPDzYKGtSHFLQOlnvgT2BxCPBBpNXW9+J+R
oeQkVVEy31APMupQLese5FhBtUy6arwnedI8GsWu5HEZppZPIcbOLoJkwQSXi749
MLPqa4BFpwaBK0vuvqhZYMgFD5Nf/QhZS/FS0/BPyVhxuxU+dMAMszhRJ2Bsa9z2
j51QhiKi3q9tz6ud8pS6OSGwjrOZLmWe7Lv5OHrAiTAvSI1oGCV9xI+hxsxSd8tS
q+vJhfOxpVCh/+LcI/LfgoaFem1Fd4QkMI/uzcsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS928XZhZXPJq2rdjhOODuJ3cIDeDAfBgNVHSMEGDAWgBRKf0+KyMpzQ+0b
T/Es4nYxi2nRDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NuOVBpc2pLYzBQdEcwX3hMT0oyTVl0cDBRNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMGU2OTYyLTk2YjctNGZiOC1hODM5LTllYzdhZGQwZWI2OC8x
L3ZkdkYyWVdWenlhdHEzWTRUamc3aWQzQ0EzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MGU2OTYyLTk2YjctNGZiOC1hODM5LTllYzdhZGQwZWI2OC8xL1NuOVBpc2pLYzBQ
dEcwX3hMT0oyTVl0cDBRNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALn9OjANBAIAAjAHAwUDKhC5wDAN
BgkqhkiG9w0BAQsFAAOCAQEA6tW2lr59/479oMuRLHUOrk/8fdAUNIrgXZgJts3C
sRvAc9gnz+ixVzg4Ev4z6cVBYK/oegSpRzzSE+ibGow70Kd3ubbHCzjIRnbQjADC
yt1Ad8y8+wiUdJbbhntLfS0cjn7BWLgeT9uXQpB8Mptb11Vrz5GF4YBm62Tj/9F4
uRY8raW33u98x/JpW7XafAFfyNL7/Oss/95s0JWCLYfdPzH5pshkgWKTwuh19O7D
cDRpWi3ITMtlMdqocIBNeqRXIlhHdkKBn1/umNfUEZ5454Ml9LTTmMZtQvnbTbie
/eMzyDdntSVnbha/QkdAbVSfuuYSwgjwSZnR8XI9ScQegA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org