Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/2860c9-ab5f-4440-8312-9fb8e2545d73/1/nRHEBfO-x78cEj5Cr9Gu1mOhRCw.roa
File: nRHEBfO-x78cEj5Cr9Gu1mOhRCw.roa (raw, json)
Hash identifier: BEWvwKOkDCN4jPoto8awS0UmVyVS6f2L8G0OWZSXyNY=
Subject key identifier: 9D:11:C4:05:F3:BE:C7:BF:1C:12:3E:42:AF:D1:AE:D6:63:A1:44:2C
Certificate issuer: /CN=ce8e9be248c741ba6a26ac8cfe2c2bb7c2d7a3b1
Certificate serial: 018573B18DF7D66922F1BEB15A123B2523A0
Authority key identifier: CE:8E:9B:E2:48:C7:41:BA:6A:26:AC:8C:FE:2C:2B:B7:C2:D7:A3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo6b4kjHQbpqJqyM_iwrt8LXo7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/2860c9-ab5f-4440-8312-9fb8e2545d73/1/nRHEBfO-x78cEj5Cr9Gu1mOhRCw.roa
Signing time: Mon 02 Jan 2023 18:14:54 +0000
ROA not before: Mon 02 Jan 2023 18:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21060
IP address blocks: 185.126.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:8d:f7:d6:69:22:f1:be:b1:5a:12:3b:25:23:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8e9be248c741ba6a26ac8cfe2c2bb7c2d7a3b1
Validity
Not Before: Jan 2 18:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d11c405f3bec7bf1c123e42afd1aed663a1442c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5b:5e:f6:d1:e0:03:e9:df:3e:95:77:4c:85:
a8:f6:16:d5:53:67:8f:4c:60:fb:d7:7e:2a:22:65:
20:f3:eb:09:4d:b2:8c:97:00:b0:83:ef:ed:01:11:
58:29:74:57:a1:ed:86:8c:71:5f:47:ba:74:81:9f:
f8:ec:58:63:77:3e:12:e2:e1:7a:b5:69:43:38:3e:
84:d4:15:b9:59:23:41:75:53:e3:2e:c7:44:ea:fa:
eb:9d:39:4f:c6:48:6a:ac:66:ab:97:0d:63:87:dc:
79:bc:6d:8a:2a:17:c1:3a:6f:e5:42:10:a7:8c:05:
2a:d5:85:f8:ab:2b:7f:72:5f:6a:9f:ce:81:fe:a0:
8e:4a:35:c3:19:1b:1b:cc:db:9b:e1:c6:c6:79:7f:
53:a9:78:b6:ab:5f:37:75:e3:85:79:09:74:3d:d2:
06:d1:aa:c1:6c:a8:7d:9b:b7:e5:7e:c9:12:d2:9c:
46:0e:9e:60:37:07:8c:83:01:82:ac:98:6e:02:27:
18:d4:72:e8:a8:d4:ac:fd:a2:a4:61:82:20:a8:2a:
81:09:73:e3:16:4c:19:e7:a3:25:e3:4c:b2:34:43:
c0:33:4d:2e:e8:e1:1e:3e:e5:aa:8c:14:3b:b3:87:
1c:a8:52:8b:7b:5a:ee:57:b1:c2:5d:d8:85:3f:19:
c5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:11:C4:05:F3:BE:C7:BF:1C:12:3E:42:AF:D1:AE:D6:63:A1:44:2C
X509v3 Authority Key Identifier:
keyid:CE:8E:9B:E2:48:C7:41:BA:6A:26:AC:8C:FE:2C:2B:B7:C2:D7:A3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo6b4kjHQbpqJqyM_iwrt8LXo7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2860c9-ab5f-4440-8312-9fb8e2545d73/1/nRHEBfO-x78cEj5Cr9Gu1mOhRCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2860c9-ab5f-4440-8312-9fb8e2545d73/1/zo6b4kjHQbpqJqyM_iwrt8LXo7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.52.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:09:e5:e8:ec:ad:de:3d:05:a8:bc:4c:c6:38:76:d9:c8:8b:
52:a1:25:23:b3:21:3a:e1:82:3d:b2:72:95:34:e1:5d:c4:eb:
c6:d1:6d:26:63:8b:98:4a:a4:e7:3f:7e:4b:88:1b:91:ba:db:
41:73:d9:80:4b:e9:b5:c9:88:89:50:e0:6a:e7:83:3a:9a:a8:
5e:24:2e:9e:2b:c9:91:47:7e:10:6f:05:e7:74:6b:ad:e7:f1:
69:ad:3e:58:1e:bc:31:17:5d:cd:cc:bd:a1:c5:5d:1f:ab:42:
0b:ad:46:62:bf:a9:09:ae:7b:24:2d:d6:f5:01:92:5a:c7:4f:
b7:43:4e:9c:88:9f:59:1a:a8:45:91:10:b8:23:30:b7:6d:03:
0e:6e:a5:fc:a2:b0:cf:43:ec:de:72:cb:8a:1b:1e:d9:db:d0:
e4:0c:1d:7a:e5:4b:a9:61:2b:5c:50:5c:dc:7f:66:74:8e:07:
3b:81:30:a4:4a:f7:89:17:9e:f8:09:8f:a5:c4:e4:20:e5:53:
c3:3e:85:77:6a:07:0e:29:73:8c:3d:9a:4f:c9:7d:f6:cc:58:
67:ee:08:3c:86:6c:e4:a9:19:eb:01:c0:06:d4:63:b8:3c:48:
91:c7:e4:8b:90:32:9b:46:ab:41:2b:c9:19:40:c3:b5:9b:09:
3c:92:f1:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzsY331mki8b6xWhI7JSOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGU5YmUyNDhjNzQxYmE2YTI2YWM4Y2ZlMmMyYmI3YzJk
N2EzYjEwHhcNMjMwMTAyMTgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDExYzQwNWYzYmVjN2JmMWMxMjNlNDJhZmQxYWVkNjYzYTE0NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVte9tHgA+nfPpV3TIWo9hbVU2eP
TGD7134qImUg8+sJTbKMlwCwg+/tARFYKXRXoe2GjHFfR7p0gZ/47Fhjdz4S4uF6
tWlDOD6E1BW5WSNBdVPjLsdE6vrrnTlPxkhqrGarlw1jh9x5vG2KKhfBOm/lQhCn
jAUq1YX4qyt/cl9qn86B/qCOSjXDGRsbzNub4cbGeX9TqXi2q183deOFeQl0PdIG
0arBbKh9m7flfskS0pxGDp5gNweMgwGCrJhuAicY1HLoqNSs/aKkYYIgqCqBCXPj
FkwZ56Ml40yyNEPAM00u6OEePuWqjBQ7s4ccqFKLe1ruV7HCXdiFPxnFswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0RxAXzvse/HBI+Qq/RrtZjoUQsMB8GA1UdIwQY
MBaAFM6Om+JIx0G6aiasjP4sK7fC16OxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem82YjRrakhRYnBxSnF5TV9pd3J0OExYbzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8yODYwYzktYWI1Zi00NDQwLTgzMTIt
OWZiOGUyNTQ1ZDczLzEvblJIRUJmTy14NzhjRWo1Q3I5R3UxbU9oUkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8yODYwYzktYWI1Zi00NDQwLTgzMTItOWZiOGUyNTQ1ZDcz
LzEvem82YjRrakhRYnBxSnF5TV9pd3J0OExYbzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX40MA0G
CSqGSIb3DQEBCwUAA4IBAQC8CeXo7K3ePQWovEzGOHbZyItSoSUjsyE64YI9snKV
NOFdxOvG0W0mY4uYSqTnP35LiBuRuttBc9mAS+m1yYiJUOBq54M6mqheJC6eK8mR
R34QbwXndGut5/FprT5YHrwxF13NzL2hxV0fq0ILrUZiv6kJrnskLdb1AZJax0+3
Q06ciJ9ZGqhFkRC4IzC3bQMObqX8orDPQ+zecsuKGx7Z29DkDB165UupYStcUFzc
f2Z0jgc7gTCkSveJF574CY+lxOQg5VPDPoV3agcOKXOMPZpPyX32zFhn7gg8hmzk
qRnrAcAG1GO4PEiRx+SLkDKbRqtBK8kZQMO1mwk8kvHB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:06 2025 by rpki-client