Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/IOFhsvAg4nYOTprN6NL1xwA74mw.roa
File: IOFhsvAg4nYOTprN6NL1xwA74mw.roa (raw, json)
Hash identifier: Fi0lK5uPYCcJw1qp257gvpZ3Gb96yHpX1pYu11viNCQ=
Subject key identifier: 20:E1:61:B2:F0:20:E2:76:0E:4E:9A:CD:E8:D2:F5:C7:00:3B:E2:6C
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 01856F14EC144396CE5630E922BD3AA532D1
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/IOFhsvAg4nYOTprN6NL1xwA74mw.roa
Signing time: Sun 01 Jan 2023 20:45:20 +0000
ROA not before: Sun 01 Jan 2023 20:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202029
IP address blocks: 185.212.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ec:14:43:96:ce:56:30:e9:22:bd:3a:a5:32:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Jan 1 20:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20e161b2f020e2760e4e9acde8d2f5c7003be26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:74:27:86:6b:32:20:44:61:a7:3e:66:54:ad:
4e:c2:33:fb:42:89:db:e1:84:d1:50:18:e4:67:6d:
86:08:81:db:fc:0b:74:44:ff:64:cc:f5:15:32:bc:
d9:9d:e4:72:7e:e0:43:23:aa:69:05:7b:6e:de:e7:
46:62:09:09:29:80:f0:fe:71:ba:4a:5f:bf:0b:ee:
84:8a:6d:c9:85:0f:bc:64:d1:09:07:d9:6f:6b:86:
df:d2:44:be:75:7e:11:b2:4f:3c:57:86:2a:f0:cd:
3d:1a:ea:94:8a:f3:b9:ae:7a:45:32:b8:da:84:04:
70:b7:4a:3b:74:bb:f7:91:52:42:c9:8e:14:77:6f:
5f:79:d0:db:e6:0f:a9:f6:1f:82:ba:d6:bd:45:d7:
ad:bd:2a:db:4f:19:41:d0:9e:90:88:62:b6:c4:08:
b3:02:d2:4c:0e:04:53:0c:7a:97:33:68:12:e3:98:
14:08:12:49:4b:8d:49:50:c4:f0:12:78:84:81:4a:
f7:0a:9c:08:a3:ca:21:33:fd:49:53:b8:f1:03:50:
20:c2:75:df:00:33:56:7d:88:51:ec:d8:e1:2f:84:
a2:ca:97:b6:e0:f3:36:2c:9d:7c:56:08:68:7b:30:
f6:e0:50:c1:5b:7a:ae:17:2e:35:fc:62:26:4c:ad:
a5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E1:61:B2:F0:20:E2:76:0E:4E:9A:CD:E8:D2:F5:C7:00:3B:E2:6C
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/IOFhsvAg4nYOTprN6NL1xwA74mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.194.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a2:c9:ae:f8:5c:d7:72:94:d9:d5:0c:cf:1d:83:b8:ae:81:
0e:f6:5c:af:c3:f5:7f:7a:ae:d4:54:38:4a:b2:67:68:ac:1a:
47:ac:95:9c:a0:19:d7:bc:98:2b:07:e6:b8:ad:16:e5:8b:1a:
40:4f:14:8f:e0:61:4c:7b:4a:66:7a:d3:70:5d:df:7b:f1:57:
b1:9e:92:7a:d0:9b:45:67:57:4e:45:ab:3f:81:46:8a:cb:ff:
c3:bf:0b:e9:9a:03:fc:8e:77:92:49:e3:b2:2d:1f:b7:0a:5e:
5e:28:82:23:aa:d0:e5:39:1c:7f:5c:14:a9:dc:5a:53:67:fb:
50:37:63:9b:b3:6a:93:77:f5:e6:c5:29:9c:aa:fe:f9:d3:77:
8b:9f:6a:2a:8e:cd:9d:33:8c:fb:4d:4d:9e:1e:dc:d1:8f:07:
08:e9:7d:9e:f8:c4:6a:07:e0:4f:78:ff:cc:cb:27:a8:bf:7c:
d7:75:b0:d8:15:73:92:18:97:9c:ab:27:10:54:00:38:8f:58:
f9:31:61:6d:48:a0:62:0a:67:9e:77:ca:81:1f:a7:98:aa:42:
d9:35:96:fb:68:74:5e:3b:0b:de:89:b1:e4:c3:47:3a:d1:60:
13:16:79:3c:cf:65:d0:4d:85:fe:e8:0f:97:8c:c4:bb:d9:9e:
ac:13:e5:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFOwUQ5bOVjDpIr06pTLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjMwMTAxMjA0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGUxNjFiMmYwMjBlMjc2MGU0ZTlhY2RlOGQyZjVjNzAwM2JlMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHQnhmsyIERhpz5mVK1OwjP7Qonb
4YTRUBjkZ22GCIHb/At0RP9kzPUVMrzZneRyfuBDI6ppBXtu3udGYgkJKYDw/nG6
Sl+/C+6Eim3JhQ+8ZNEJB9lva4bf0kS+dX4Rsk88V4Yq8M09GuqUivO5rnpFMrja
hARwt0o7dLv3kVJCyY4Ud29fedDb5g+p9h+Cuta9RdetvSrbTxlB0J6QiGK2xAiz
AtJMDgRTDHqXM2gS45gUCBJJS41JUMTwEniEgUr3CpwIo8ohM/1JU7jxA1AgwnXf
ADNWfYhR7NjhL4Siype24PM2LJ18VghoezD24FDBW3quFy41/GImTK2lhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDhYbLwIOJ2Dk6azejS9ccAO+JsMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvSU9GaHN2QWc0bllPVHByTjZOTDF4d0E3NG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudTCMA0G
CSqGSIb3DQEBCwUAA4IBAQCFosmu+FzXcpTZ1QzPHYO4roEO9lyvw/V/eq7UVDhK
smdorBpHrJWcoBnXvJgrB+a4rRblixpATxSP4GFMe0pmetNwXd978VexnpJ60JtF
Z1dORas/gUaKy//DvwvpmgP8jneSSeOyLR+3Cl5eKIIjqtDlORx/XBSp3FpTZ/tQ
N2Obs2qTd/XmxSmcqv7503eLn2oqjs2dM4z7TU2eHtzRjwcI6X2e+MRqB+BPeP/M
yyeov3zXdbDYFXOSGJecqycQVAA4j1j5MWFtSKBiCmeed8qBH6eYqkLZNZb7aHRe
OwveibHkw0c60WATFnk8z2XQTYX+6A+XjMS72Z6sE+XP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:15 2025 by rpki-client