Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/i1vA5dyRXcONT_q3mA61QxJN7JA.roa
File: i1vA5dyRXcONT_q3mA61QxJN7JA.roa (raw, json)
Hash identifier: v141+gAFXZIwYU9oU1IE42po+NSJaq8E+J1NUZPIaLk=
Subject key identifier: 8B:5B:C0:E5:DC:91:5D:C3:8D:4F:FA:B7:98:0E:B5:43:12:4D:EC:90
Certificate issuer: /CN=26bd5ffbce6bf8707fa3e5967e0d38b455d9d4e1
Certificate serial: 018571F0E57887FBA23859D2F18859E1C962
Authority key identifier: 26:BD:5F:FB:CE:6B:F8:70:7F:A3:E5:96:7E:0D:38:B4:55:D9:D4:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr1f-85r-HB_o-WWfg04tFXZ1OE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/i1vA5dyRXcONT_q3mA61QxJN7JA.roa
Signing time: Mon 02 Jan 2023 10:04:50 +0000
ROA not before: Mon 02 Jan 2023 10:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5602
IP address blocks: 185.169.176.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:e5:78:87:fb:a2:38:59:d2:f1:88:59:e1:c9:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bd5ffbce6bf8707fa3e5967e0d38b455d9d4e1
Validity
Not Before: Jan 2 10:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b5bc0e5dc915dc38d4ffab7980eb543124dec90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:92:88:b2:8c:f5:6f:78:ca:34:c1:01:87:a2:
02:2c:ab:3f:53:63:14:d8:bd:78:ae:fd:b5:c6:58:
94:df:67:d8:f0:3f:c4:37:c4:d8:2a:f3:ed:94:31:
ee:3a:80:c4:3c:8f:34:b8:d1:4b:5c:91:ce:bd:be:
c3:b3:ea:4e:a2:7f:f1:be:57:00:25:7f:f5:72:1b:
38:6e:84:99:86:43:c2:da:ea:77:6e:f6:c6:34:d9:
e4:8b:d2:c3:02:f7:42:15:75:5f:6e:80:f2:1f:23:
7a:c2:82:46:67:a2:b2:78:92:96:1c:0f:e4:31:0e:
ec:63:e1:9b:8a:8b:38:e4:a1:7e:2a:93:ee:56:9e:
41:65:22:25:35:83:f8:81:0c:fe:2b:42:67:7b:26:
54:ea:85:0e:57:ff:22:1b:1d:c0:a6:22:6f:bd:c0:
57:fc:26:74:70:50:66:12:cd:0e:d9:57:98:e6:e1:
7f:aa:a9:ba:c0:3a:37:dc:64:de:b7:f6:01:11:11:
61:16:bd:4c:84:e1:59:9d:31:74:85:9d:91:4e:af:
ec:92:7c:35:a3:b9:6e:83:de:69:a8:f4:0c:42:38:
e6:9e:a0:da:58:11:ac:fa:9e:c0:82:b3:65:0a:14:
d4:6f:94:93:06:66:74:41:fa:4c:68:e6:82:58:ff:
c9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5B:C0:E5:DC:91:5D:C3:8D:4F:FA:B7:98:0E:B5:43:12:4D:EC:90
X509v3 Authority Key Identifier:
keyid:26:BD:5F:FB:CE:6B:F8:70:7F:A3:E5:96:7E:0D:38:B4:55:D9:D4:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr1f-85r-HB_o-WWfg04tFXZ1OE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/i1vA5dyRXcONT_q3mA61QxJN7JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/Jr1f-85r-HB_o-WWfg04tFXZ1OE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.176.0/22
Signature Algorithm: sha256WithRSAEncryption
79:51:17:87:af:c8:bd:cf:67:4f:a4:bb:4b:ae:4f:0a:27:69:
66:4b:42:99:7e:20:2a:2d:31:7b:59:aa:6c:9d:2e:ca:a8:d3:
5c:84:c6:e9:bb:b7:02:1e:ca:ef:a7:69:d9:a6:fb:94:96:ae:
99:4a:ef:ae:1e:0b:70:12:de:b1:f8:ff:7e:67:87:ee:36:63:
e5:04:0f:58:c0:13:65:45:d7:3e:de:8a:ac:b5:57:d7:cc:8e:
95:b5:a8:27:8f:33:b7:22:f5:ed:d3:41:0d:ea:66:71:d6:af:
ee:11:cd:ff:8d:05:67:bb:f2:4a:28:64:47:b2:fe:0b:2b:00:
93:4b:1f:2d:80:84:36:e0:39:69:13:71:17:a9:71:f9:7c:5d:
f1:cd:c9:c5:51:e3:05:17:a5:ab:9a:2e:0d:7a:e5:cc:1e:bd:
0e:fa:83:20:08:bd:6e:96:86:d1:e5:13:7a:ca:c7:97:a2:97:
02:7d:ef:f3:41:61:87:54:47:b8:dc:38:bf:f1:90:91:e6:55:
92:35:c2:14:6c:52:bb:06:43:0d:cf:1b:a1:2c:0e:26:fd:f2:
5c:58:fd:9f:f9:92:11:60:53:89:5e:55:b3:32:6e:51:78:44:
74:26:31:f5:8f:2a:25:0a:fe:cc:94:f1:65:1c:c8:ba:d1:3f:
48:9a:71:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8OV4h/uiOFnS8YhZ4cliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmQ1ZmZiY2U2YmY4NzA3ZmEzZTU5NjdlMGQzOGI0NTVk
OWQ0ZTEwHhcNMjMwMTAyMTAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjViYzBlNWRjOTE1ZGMzOGQ0ZmZhYjc5ODBlYjU0MzEyNGRlYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZKIsoz1b3jKNMEBh6ICLKs/U2MU
2L14rv21xliU32fY8D/EN8TYKvPtlDHuOoDEPI80uNFLXJHOvb7Ds+pOon/xvlcA
JX/1chs4boSZhkPC2up3bvbGNNnki9LDAvdCFXVfboDyHyN6woJGZ6KyeJKWHA/k
MQ7sY+Gbios45KF+KpPuVp5BZSIlNYP4gQz+K0JneyZU6oUOV/8iGx3ApiJvvcBX
/CZ0cFBmEs0O2VeY5uF/qqm6wDo33GTet/YBERFhFr1MhOFZnTF0hZ2RTq/sknw1
o7lug95pqPQMQjjmnqDaWBGs+p7AgrNlChTUb5STBmZ0QfpMaOaCWP/JiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItbwOXckV3DjU/6t5gOtUMSTeyQMB8GA1UdIwQY
MBaAFCa9X/vOa/hwf6Plln4NOLRV2dThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIxZi04NXItSEJfby1XV2ZnMDR0RlhaMU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mNDk4YTItZDg2ZC00Yzc1LWJmZDMt
ZThjNTU5YzcxZDY2LzEvaTF2QTVkeVJYY09OVF9xM21BNjFReEpON0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mNDk4YTItZDg2ZC00Yzc1LWJmZDMtZThjNTU5YzcxZDY2
LzEvSnIxZi04NXItSEJfby1XV2ZnMDR0RlhaMU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuamwMA0G
CSqGSIb3DQEBCwUAA4IBAQB5UReHr8i9z2dPpLtLrk8KJ2lmS0KZfiAqLTF7Waps
nS7KqNNchMbpu7cCHsrvp2nZpvuUlq6ZSu+uHgtwEt6x+P9+Z4fuNmPlBA9YwBNl
Rdc+3oqstVfXzI6VtagnjzO3IvXt00EN6mZx1q/uEc3/jQVnu/JKKGRHsv4LKwCT
Sx8tgIQ24DlpE3EXqXH5fF3xzcnFUeMFF6Wrmi4NeuXMHr0O+oMgCL1ulobR5RN6
yseXopcCfe/zQWGHVEe43Di/8ZCR5lWSNcIUbFK7BkMNzxuhLA4m/fJcWP2f+ZIR
YFOJXlWzMm5ReER0JjH1jyolCv7MlPFlHMi60T9ImnFM
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:55 2025 by rpki-client