Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/5z6VfBGBgsBlc8atXDHNKkIqqcw.roa
File: 5z6VfBGBgsBlc8atXDHNKkIqqcw.roa (raw, json)
Hash identifier: hCKn0T9OO/L8IRdXIqgbMmQ+YNDHdHQso8RlXbhtVXM=
Subject key identifier: E7:3E:95:7C:11:81:82:C0:65:73:C6:AD:5C:31:CD:2A:42:2A:A9:CC
Certificate issuer: /CN=d325fc508a7373256720a54d73fa9057d8a21c13
Certificate serial: 01856ECB82B60F47E036358524F12094D0D4
Authority key identifier: D3:25:FC:50:8A:73:73:25:67:20:A5:4D:73:FA:90:57:D8:A2:1C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0yX8UIpzcyVnIKVNc_qQV9iiHBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/5z6VfBGBgsBlc8atXDHNKkIqqcw.roa
Signing time: Sun 01 Jan 2023 19:25:08 +0000
ROA not before: Sun 01 Jan 2023 19:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205609
IP address blocks: 185.133.252.0/22 maxlen: 22
185.133.252.0/23 maxlen: 23
185.133.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:82:b6:0f:47:e0:36:35:85:24:f1:20:94:d0:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d325fc508a7373256720a54d73fa9057d8a21c13
Validity
Not Before: Jan 1 19:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e73e957c118182c06573c6ad5c31cd2a422aa9cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:90:d1:71:bb:34:09:01:01:80:cd:d0:24:4f:
9e:aa:a4:57:09:82:e0:f4:74:d7:b5:9a:de:76:60:
f9:af:e4:7d:d4:0d:6c:b8:b9:6d:45:97:6b:c4:72:
c9:4b:78:e5:6b:46:ab:f7:c5:4c:8a:c2:fa:8a:1e:
86:ae:77:20:af:e9:e3:5e:e6:6f:4d:bd:94:b1:e6:
89:ad:04:8e:84:6d:71:3e:0b:99:84:eb:01:3f:a9:
0f:ce:59:3f:09:0f:53:06:54:b9:f0:f0:31:c6:38:
06:d1:e9:ae:44:48:ec:29:fe:03:2d:73:43:a6:29:
f0:0b:df:99:83:6c:5a:dd:31:f8:5a:2c:87:f1:19:
cb:23:bb:96:79:28:4b:06:bf:20:ab:95:6d:2c:68:
63:f2:1a:56:73:87:10:e2:02:ea:16:16:66:1c:37:
1a:35:48:a1:9e:6e:22:fb:f4:02:a5:de:61:5d:c0:
31:77:78:60:8b:59:ae:9f:7a:eb:11:6f:17:20:26:
ac:42:0d:3f:6a:45:7a:12:16:17:a7:7d:1f:4b:f3:
68:98:11:80:39:44:f6:1b:0a:83:c7:77:84:83:9a:
e7:2c:6f:00:de:33:1a:b4:3b:4b:1d:87:4a:f9:ac:
1a:5e:7e:79:d3:f1:cc:a8:9e:c7:6a:ce:3a:bc:e3:
f8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3E:95:7C:11:81:82:C0:65:73:C6:AD:5C:31:CD:2A:42:2A:A9:CC
X509v3 Authority Key Identifier:
keyid:D3:25:FC:50:8A:73:73:25:67:20:A5:4D:73:FA:90:57:D8:A2:1C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0yX8UIpzcyVnIKVNc_qQV9iiHBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/5z6VfBGBgsBlc8atXDHNKkIqqcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/0yX8UIpzcyVnIKVNc_qQV9iiHBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.252.0/22
Signature Algorithm: sha256WithRSAEncryption
37:1b:7d:e5:8d:1f:ea:d9:88:01:c8:44:6f:2b:d7:cb:a8:ab:
62:66:65:f9:3f:d7:e5:8f:85:68:30:fc:7f:13:1b:ac:74:4b:
45:1c:77:98:ec:4f:2b:b1:24:e1:77:28:b5:6b:2f:0d:ff:60:
9c:03:6d:45:2c:c6:a7:3f:ca:04:0a:98:f0:2a:ee:d7:d7:f3:
73:d5:a7:c8:88:e8:49:0f:85:56:ee:c8:94:66:57:98:ad:9b:
29:c7:3d:1a:64:85:de:3f:b0:2d:18:13:0c:66:77:00:b7:cf:
1f:cc:71:e3:6f:6e:89:7a:66:e3:8d:2d:1b:f5:f5:0b:83:9a:
41:ec:da:3e:33:82:4e:fb:dd:8c:b2:08:67:e2:7a:86:65:a7:
a2:57:c9:80:09:59:79:4a:4b:ef:19:de:0f:87:f7:b8:1a:bb:
50:5c:d9:cd:92:c7:76:5e:03:47:ce:2a:e6:8b:20:66:7a:41:
05:43:5c:7b:f5:1e:1d:a7:24:b6:35:ad:d1:05:70:67:40:35:
a7:fd:a8:e5:bb:00:3e:3c:be:6b:aa:55:c0:6e:38:cd:c8:17:
7a:29:29:cc:f6:9e:f9:b5:e3:af:31:8e:ec:ef:19:37:7d:fb:
e6:73:c1:66:d3:70:3c:0e:3e:cd:62:23:c3:ea:48:68:38:a1:
12:4d:77:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy4K2D0fgNjWFJPEglNDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMjVmYzUwOGE3MzczMjU2NzIwYTU0ZDczZmE5MDU3ZDhh
MjFjMTMwHhcNMjMwMTAxMTkyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNlOTU3YzExODE4MmMwNjU3M2M2YWQ1YzMxY2QyYTQyMmFhOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJDRcbs0CQEBgM3QJE+eqqRXCYLg
9HTXtZredmD5r+R91A1suLltRZdrxHLJS3jla0ar98VMisL6ih6Grncgr+njXuZv
Tb2UseaJrQSOhG1xPguZhOsBP6kPzlk/CQ9TBlS58PAxxjgG0emuREjsKf4DLXND
pinwC9+Zg2xa3TH4WiyH8RnLI7uWeShLBr8gq5VtLGhj8hpWc4cQ4gLqFhZmHDca
NUihnm4i+/QCpd5hXcAxd3hgi1mun3rrEW8XICasQg0/akV6EhYXp30fS/NomBGA
OUT2GwqDx3eEg5rnLG8A3jMatDtLHYdK+awaXn550/HMqJ7Has46vOP4gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOc+lXwRgYLAZXPGrVwxzSpCKqnMMB8GA1UdIwQY
MBaAFNMl/FCKc3MlZyClTXP6kFfYohwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHlYOFVJcHpjeVZuSUtWTmNfcVFWOWlpSEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kYzE3MjQtMzE2NS00N2VmLWE2ZmUt
MWM2YWExZjZiNzBiLzEvNXo2VmZCR0Jnc0JsYzhhdFhESE5La0lxcWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kYzE3MjQtMzE2NS00N2VmLWE2ZmUtMWM2YWExZjZiNzBi
LzEvMHlYOFVJcHpjeVZuSUtWTmNfcVFWOWlpSEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYX8MA0G
CSqGSIb3DQEBCwUAA4IBAQA3G33ljR/q2YgByERvK9fLqKtiZmX5P9flj4VoMPx/
ExusdEtFHHeY7E8rsSThdyi1ay8N/2CcA21FLManP8oECpjwKu7X1/Nz1afIiOhJ
D4VW7siUZleYrZspxz0aZIXeP7AtGBMMZncAt88fzHHjb26JembjjS0b9fULg5pB
7No+M4JO+92Msghn4nqGZaeiV8mACVl5SkvvGd4Ph/e4GrtQXNnNksd2XgNHzirm
iyBmekEFQ1x79R4dpyS2Na3RBXBnQDWn/ajluwA+PL5rqlXAbjjNyBd6KSnM9p75
teOvMY7s7xk3ffvmc8Fm03A8Dj7NYiPD6khoOKESTXeY
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:59:01 2025 by rpki-client