Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/C7i6bGXU7jhXrxjxCt16hbvHy3g.roa
File: C7i6bGXU7jhXrxjxCt16hbvHy3g.roa (raw, json)
Hash identifier: 80rUPvy0XFq0DINcC7+ARuRdNKvXtGkL99G+FZDYJMU=
Subject key identifier: 0B:B8:BA:6C:65:D4:EE:38:57:AF:18:F1:0A:DD:7A:85:BB:C7:CB:78
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 01856F5DC9A5E0BE9E50E06C514E1BAE60D2
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/C7i6bGXU7jhXrxjxCt16hbvHy3g.roa
Signing time: Sun 01 Jan 2023 22:04:55 +0000
ROA not before: Sun 01 Jan 2023 22:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 185.157.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:c9:a5:e0:be:9e:50:e0:6c:51:4e:1b:ae:60:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Jan 1 22:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bb8ba6c65d4ee3857af18f10add7a85bbc7cb78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c6:5b:81:0c:50:e1:81:89:6d:68:d9:ea:a9:
e7:be:40:83:5a:ab:70:05:85:33:95:53:65:ef:71:
a4:68:45:f0:65:fd:f5:57:01:ce:59:42:28:99:ac:
35:50:76:e9:25:90:9f:5e:a7:ee:a7:bf:05:a2:99:
b5:49:4a:d1:eb:a2:d1:5a:53:47:13:89:e0:df:9a:
8b:f1:eb:0b:3e:6d:de:c5:60:d0:3b:44:18:9b:2d:
c2:7f:c8:c6:29:b0:e2:5b:5b:63:d5:20:a7:ab:6f:
50:ae:9d:59:86:88:53:65:36:80:df:60:f4:df:e0:
9d:2e:78:45:3d:e0:8a:2a:12:d9:4e:40:28:f6:dd:
35:db:cc:68:d2:a8:29:5f:b5:5b:07:11:9e:1d:9f:
b1:bc:07:03:ec:26:59:2d:d8:1d:ca:95:57:a6:4e:
15:b9:a0:64:78:96:35:58:ec:65:ff:b3:c0:34:73:
9b:3c:c5:59:db:03:f7:f6:26:e8:c7:d0:b1:e5:16:
d7:d5:c3:59:69:41:0c:a1:61:a2:1d:c4:28:29:e4:
84:d2:b0:3a:a3:66:9b:4d:1d:68:93:27:87:c5:65:
3a:99:9b:a8:53:0b:9a:c5:3a:13:6e:b5:53:3d:29:
d5:4f:14:be:eb:5d:e4:04:2e:a7:89:91:be:dc:13:
9c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B8:BA:6C:65:D4:EE:38:57:AF:18:F1:0A:DD:7A:85:BB:C7:CB:78
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/C7i6bGXU7jhXrxjxCt16hbvHy3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.50.0/24
Signature Algorithm: sha256WithRSAEncryption
89:1f:23:25:95:d2:36:95:95:df:97:b5:e9:24:9d:a0:98:da:
77:9b:56:04:78:ae:43:88:76:7f:de:37:09:1f:b4:92:e6:1b:
3c:32:29:fc:dc:62:07:d8:55:01:f1:2b:c1:40:53:97:fc:3c:
84:c0:a1:fe:24:b1:27:74:c0:58:00:ec:66:ec:5e:d1:d1:a1:
11:57:8a:fd:98:13:c1:54:91:3d:db:bd:ff:87:57:27:54:c5:
5f:bc:56:94:05:9e:08:ca:ad:e7:9f:d9:9e:67:79:c9:5c:45:
3f:af:0f:99:db:a3:f7:6b:e0:df:05:b6:2d:d8:7d:93:f0:32:
c2:4f:a6:f0:b8:f6:ec:ce:39:6a:6d:94:40:40:dc:5d:46:76:
b8:8d:7f:4a:3e:49:66:96:34:88:35:08:15:4e:91:e2:08:2e:
37:be:93:f6:91:49:66:c3:6b:c4:66:b8:8f:e3:b5:75:b3:31:
98:91:be:98:bf:51:1b:24:c6:e2:1a:2f:37:bc:4b:70:99:46:
05:c0:78:d3:b0:80:1b:f6:89:c5:26:d2:f2:a4:6c:cc:d9:8a:
3a:47:5b:c2:1b:95:85:43:b8:8f:e6:de:be:31:a3:05:bc:1a:
52:4a:99:e1:64:28:1e:1c:be:6f:03:c1:b9:fa:fa:35:bc:e9:
ff:72:f2:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXcml4L6eUOBsUU4brmDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjMwMTAxMjIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmI4YmE2YzY1ZDRlZTM4NTdhZjE4ZjEwYWRkN2E4NWJiYzdjYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMZbgQxQ4YGJbWjZ6qnnvkCDWqtw
BYUzlVNl73GkaEXwZf31VwHOWUIomaw1UHbpJZCfXqfup78Fopm1SUrR66LRWlNH
E4ng35qL8esLPm3exWDQO0QYmy3Cf8jGKbDiW1tj1SCnq29Qrp1ZhohTZTaA32D0
3+CdLnhFPeCKKhLZTkAo9t0128xo0qgpX7VbBxGeHZ+xvAcD7CZZLdgdypVXpk4V
uaBkeJY1WOxl/7PANHObPMVZ2wP39ibox9Cx5RbX1cNZaUEMoWGiHcQoKeSE0rA6
o2abTR1okyeHxWU6mZuoUwuaxToTbrVTPSnVTxS+613kBC6niZG+3BOc8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAu4umxl1O44V68Y8QrdeoW7x8t4MB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEvQzdpNmJHWFU3amhYcnhqeEN0MTZoYnZIeTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ0yMA0G
CSqGSIb3DQEBCwUAA4IBAQCJHyMlldI2lZXfl7XpJJ2gmNp3m1YEeK5DiHZ/3jcJ
H7SS5hs8Min83GIH2FUB8SvBQFOX/DyEwKH+JLEndMBYAOxm7F7R0aERV4r9mBPB
VJE9273/h1cnVMVfvFaUBZ4Iyq3nn9meZ3nJXEU/rw+Z26P3a+DfBbYt2H2T8DLC
T6bwuPbszjlqbZRAQNxdRna4jX9KPklmljSINQgVTpHiCC43vpP2kUlmw2vEZriP
47V1szGYkb6Yv1EbJMbiGi83vEtwmUYFwHjTsIAb9onFJtLypGzM2Yo6R1vCG5WF
Q7iP5t6+MaMFvBpSSpnhZCgeHL5vA8G5+vo1vOn/cvLX
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:22:16 2025 by rpki-client