Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/5tn0KbWXObTravPiIS20ru_pCpo.roa
File: 5tn0KbWXObTravPiIS20ru_pCpo.roa (raw, json)
Hash identifier: AiPokmqVpvAum8fkRX37CULrL79ErJAh/P8xLPXC+jM=
Subject key identifier: E6:D9:F4:29:B5:97:39:B4:EB:6A:F3:E2:21:2D:B4:AE:EF:E9:0A:9A
Certificate issuer: /CN=848d9800d69debae11b7f8161c3ce88181fde7b4
Certificate serial: 0185887F00AE8A0A3F7BBEB47DC3137A24A0
Authority key identifier: 84:8D:98:00:D6:9D:EB:AE:11:B7:F8:16:1C:3C:E8:81:81:FD:E7:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hI2YANad664Rt_gWHDzogYH957Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/5tn0KbWXObTravPiIS20ru_pCpo.roa
Signing time: Fri 06 Jan 2023 19:11:42 +0000
ROA not before: Fri 06 Jan 2023 19:11:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8412
IP address blocks: 185.237.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:88:7f:00:ae:8a:0a:3f:7b:be:b4:7d:c3:13:7a:24:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=848d9800d69debae11b7f8161c3ce88181fde7b4
Validity
Not Before: Jan 6 19:11:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6d9f429b59739b4eb6af3e2212db4aeefe90a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b4:b6:50:8d:52:9b:79:61:ad:d1:3c:7d:7e:
9d:c2:9f:f4:b4:52:3e:d2:63:4e:df:f0:33:b5:ae:
b3:d9:08:71:b6:c6:51:b1:18:f1:24:71:13:10:e7:
cc:c7:b9:f5:ac:ed:7e:b6:a9:e5:7f:ee:65:e9:49:
1b:d9:9e:32:70:e7:cd:c7:b0:4a:28:e2:03:b3:31:
85:a2:6a:22:bc:95:63:55:73:83:9c:c4:ec:3c:d9:
37:4b:97:b0:f8:b4:76:1b:70:9d:96:22:84:4a:d8:
89:fc:d6:a5:70:e8:24:0e:cc:22:2c:4b:7e:38:83:
3c:66:53:7e:e1:4a:41:18:b7:4d:1c:16:aa:d9:f8:
fc:e2:2c:e8:8f:66:1d:11:a2:42:fe:a6:60:77:d7:
6d:5e:a6:ab:71:95:03:9f:6f:4a:a1:2b:af:52:0d:
05:98:30:9d:c7:3c:14:24:db:96:22:55:fb:40:bb:
d7:86:45:3d:d7:57:4c:68:bc:9e:28:3e:87:14:cd:
13:71:63:93:32:3d:bb:2b:dc:9b:03:47:aa:c8:76:
32:a7:51:e1:1f:1d:7b:d9:8a:43:73:12:73:23:3f:
14:78:69:1a:48:62:b3:23:18:52:10:db:56:eb:c4:
27:87:0c:f6:e6:60:ea:16:cb:ad:c1:70:08:40:b9:
3c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D9:F4:29:B5:97:39:B4:EB:6A:F3:E2:21:2D:B4:AE:EF:E9:0A:9A
X509v3 Authority Key Identifier:
keyid:84:8D:98:00:D6:9D:EB:AE:11:B7:F8:16:1C:3C:E8:81:81:FD:E7:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hI2YANad664Rt_gWHDzogYH957Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/5tn0KbWXObTravPiIS20ru_pCpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/387136-3c70-4619-8321-3d93fe6d20aa/1/hI2YANad664Rt_gWHDzogYH957Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.168.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b9:b7:d4:ae:27:74:fd:e7:a3:77:28:57:4e:a9:19:9a:3b:
85:b3:45:3e:ba:d3:49:57:e2:3c:36:22:a0:58:0f:5c:33:8a:
84:33:da:ba:d2:de:83:c0:0e:ef:ce:d2:5f:be:5b:62:c6:d5:
29:49:a6:bb:38:e7:a9:90:e5:6a:fa:a7:c8:78:fd:89:26:52:
fc:da:81:d0:ee:64:68:3a:d1:4d:59:33:96:4a:8c:d0:0f:5c:
04:0e:f2:7e:e0:8e:db:e0:91:ad:27:f5:64:c0:92:f0:6c:9e:
35:97:b4:88:44:5b:93:d5:a2:96:f4:38:5a:c8:06:00:43:b5:
c1:af:dd:e4:20:fb:d8:48:e9:9d:a8:0c:a2:19:e3:6f:56:a1:
20:e3:45:80:78:28:c3:15:98:aa:cf:91:f9:1f:98:71:01:21:
84:42:57:7a:00:c6:c0:69:88:a7:77:13:99:9d:e8:e3:f1:f2:
be:68:e2:c4:76:05:74:5b:c3:e2:31:a9:30:da:d8:29:ef:c8:
c6:8c:9a:fa:c5:30:de:fd:68:a4:5d:dc:d2:d8:77:e5:95:5e:
85:b3:0e:b9:38:d3:55:21:f6:5e:1d:a8:54:6b:8e:70:82:69:
f9:e1:e5:6a:d9:9f:ba:75:19:8d:07:23:62:dc:15:23:1c:51:
dd:f3:8c:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWIfwCuigo/e760fcMTeiSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OGQ5ODAwZDY5ZGViYWUxMWI3ZjgxNjFjM2NlODgxODFm
ZGU3YjQwHhcNMjMwMTA2MTkxMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ5ZjQyOWI1OTczOWI0ZWI2YWYzZTIyMTJkYjRhZWVmZTkwYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7S2UI1Sm3lhrdE8fX6dwp/0tFI+
0mNO3/Azta6z2QhxtsZRsRjxJHETEOfMx7n1rO1+tqnlf+5l6Ukb2Z4ycOfNx7BK
KOIDszGFomoivJVjVXODnMTsPNk3S5ew+LR2G3CdliKEStiJ/NalcOgkDswiLEt+
OIM8ZlN+4UpBGLdNHBaq2fj84izoj2YdEaJC/qZgd9dtXqarcZUDn29KoSuvUg0F
mDCdxzwUJNuWIlX7QLvXhkU911dMaLyeKD6HFM0TcWOTMj27K9ybA0eqyHYyp1Hh
Hx172YpDcxJzIz8UeGkaSGKzIxhSENtW68Qnhwz25mDqFsutwXAIQLk8zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObZ9Cm1lzm062rz4iEttK7v6QqaMB8GA1UdIwQY
MBaAFISNmADWneuuEbf4Fhw86IGB/ee0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEkyWUFOYWQ2NjRSdF9nV0hEem9nWUg5NTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zODcxMzYtM2M3MC00NjE5LTgzMjEt
M2Q5M2ZlNmQyMGFhLzEvNXRuMEtiV1hPYlRyYXZQaUlTMjBydV9wQ3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zODcxMzYtM2M3MC00NjE5LTgzMjEtM2Q5M2ZlNmQyMGFh
LzEvaEkyWUFOYWQ2NjRSdF9nV0hEem9nWUg5NTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue2oMA0G
CSqGSIb3DQEBCwUAA4IBAQBwubfUrid0/eejdyhXTqkZmjuFs0U+utNJV+I8NiKg
WA9cM4qEM9q60t6DwA7vztJfvltixtUpSaa7OOepkOVq+qfIeP2JJlL82oHQ7mRo
OtFNWTOWSozQD1wEDvJ+4I7b4JGtJ/VkwJLwbJ41l7SIRFuT1aKW9DhayAYAQ7XB
r93kIPvYSOmdqAyiGeNvVqEg40WAeCjDFZiqz5H5H5hxASGEQld6AMbAaYindxOZ
nejj8fK+aOLEdgV0W8PiMakw2tgp78jGjJr6xTDe/WikXdzS2HfllV6Fsw65ONNV
IfZeHahUa45wgmn54eVq2Z+6dRmNByNi3BUjHFHd84xJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:57 2025 by rpki-client