Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/18feb3-f3d2-49f3-90d2-9d4b16b59de6/1/i_WqWsY81ryxQ4Wog0HPKrnmO_0.roa
File: i_WqWsY81ryxQ4Wog0HPKrnmO_0.roa (raw, json)
Hash identifier: 3V5/lFCdrH1u7MpvVEriMB+s5XkYQgFhKbaLJk55/yI=
Subject key identifier: 8B:F5:AA:5A:C6:3C:D6:BC:B1:43:85:A8:83:41:CF:2A:B9:E6:3B:FD
Certificate issuer: /CN=082a6e377f1c885a6d73f3f569fd06d7ea4c7a45
Certificate serial: 01857042AA1D0B8D3CB7F299C15FF26876DB
Authority key identifier: 08:2A:6E:37:7F:1C:88:5A:6D:73:F3:F5:69:FD:06:D7:EA:4C:7A:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CCpuN38ciFptc_P1af0G1-pMekU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/18feb3-f3d2-49f3-90d2-9d4b16b59de6/1/i_WqWsY81ryxQ4Wog0HPKrnmO_0.roa
Signing time: Mon 02 Jan 2023 02:14:55 +0000
ROA not before: Mon 02 Jan 2023 02:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200020
IP address blocks: 185.157.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:aa:1d:0b:8d:3c:b7:f2:99:c1:5f:f2:68:76:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=082a6e377f1c885a6d73f3f569fd06d7ea4c7a45
Validity
Not Before: Jan 2 02:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bf5aa5ac63cd6bcb14385a88341cf2ab9e63bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:00:b4:e6:25:ac:42:d6:7f:ea:12:04:62:03:
11:e2:a1:58:9f:4f:79:4c:d1:0f:3f:bc:6d:0c:39:
9e:9d:62:a2:9b:4c:22:e9:20:62:ca:4a:94:26:49:
ec:cc:ca:e0:a5:9f:76:37:ce:26:b2:7f:36:03:8d:
98:de:38:2b:bd:84:45:fd:4c:dc:c1:54:e3:3c:40:
38:d8:1b:e9:54:15:84:db:2b:a2:a2:3f:cc:48:8b:
0f:4c:27:74:26:fd:19:64:51:b2:03:34:8f:10:3d:
07:cd:77:66:fa:56:1b:a7:a4:58:28:c8:27:b1:da:
c0:17:a3:33:02:30:06:e5:f3:b7:e8:91:a2:c1:9d:
8b:e2:a9:30:2a:b6:35:96:fd:4e:5a:2c:19:b0:f9:
c2:43:d5:ba:5f:0f:af:40:b9:7c:5e:a6:a0:65:d5:
b8:c5:15:77:ea:31:e3:b5:87:0b:1a:53:f2:20:51:
24:49:ae:1b:96:b0:71:88:52:62:8c:1d:91:ba:6b:
c7:45:88:70:12:2a:8d:fd:a4:5b:4a:15:d5:df:3d:
5a:d6:a6:ee:b7:63:85:12:48:1d:77:77:4e:e0:22:
0d:d8:76:9c:06:ce:da:f0:e2:bf:c3:d0:51:b2:79:
7c:db:aa:57:90:10:bb:58:0d:8f:17:a7:eb:27:e4:
d9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F5:AA:5A:C6:3C:D6:BC:B1:43:85:A8:83:41:CF:2A:B9:E6:3B:FD
X509v3 Authority Key Identifier:
keyid:08:2A:6E:37:7F:1C:88:5A:6D:73:F3:F5:69:FD:06:D7:EA:4C:7A:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CCpuN38ciFptc_P1af0G1-pMekU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/18feb3-f3d2-49f3-90d2-9d4b16b59de6/1/i_WqWsY81ryxQ4Wog0HPKrnmO_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/18feb3-f3d2-49f3-90d2-9d4b16b59de6/1/CCpuN38ciFptc_P1af0G1-pMekU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.145.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:80:3a:56:cb:da:6c:45:11:13:79:05:5a:82:3b:54:a6:fd:
dd:65:0d:c0:e0:1e:92:1e:cd:01:e0:9c:74:8f:ad:fd:d0:c2:
81:a4:44:30:2a:0a:23:ed:51:9f:5c:b0:69:10:1c:91:b9:b1:
2b:55:55:64:bc:ff:5d:f3:fd:97:c0:89:e1:82:2b:55:45:2d:
6d:2e:0e:ab:14:82:39:15:32:8e:3b:82:f5:a4:63:32:b4:8e:
20:58:3a:e8:f1:4c:da:5a:19:a7:04:a6:4c:ca:f4:0d:9e:41:
4c:20:c1:af:81:d4:76:60:ab:2a:0e:86:ba:1a:5e:10:7f:6d:
60:0e:3b:86:31:73:4c:7d:67:be:36:47:36:f1:7f:3d:67:55:
5b:c5:88:37:9e:66:49:8e:65:96:14:4c:0d:5d:0b:d9:2d:c8:
99:30:de:e2:e9:82:de:b5:e7:5e:0f:7b:cb:3a:ac:d3:a5:c3:
5f:59:ea:9a:94:af:61:30:ee:96:60:40:b2:12:29:fa:30:15:
19:11:e5:a5:2f:7a:1a:02:69:27:10:f9:98:ad:4b:c6:23:f9:
0e:f5:77:6d:c3:31:4f:ab:9f:65:09:55:de:c5:a9:fc:f9:4f:
70:9f:2d:ef:d9:94:6f:15:7b:82:a4:b3:55:4e:30:41:71:7b:
72:9a:31:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQqodC408t/KZwV/yaHbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MmE2ZTM3N2YxYzg4NWE2ZDczZjNmNTY5ZmQwNmQ3ZWE0
YzdhNDUwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY1YWE1YWM2M2NkNmJjYjE0Mzg1YTg4MzQxY2YyYWI5ZTYzYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywC05iWsQtZ/6hIEYgMR4qFYn095
TNEPP7xtDDmenWKim0wi6SBiykqUJknszMrgpZ92N84msn82A42Y3jgrvYRF/Uzc
wVTjPEA42BvpVBWE2yuioj/MSIsPTCd0Jv0ZZFGyAzSPED0HzXdm+lYbp6RYKMgn
sdrAF6MzAjAG5fO36JGiwZ2L4qkwKrY1lv1OWiwZsPnCQ9W6Xw+vQLl8XqagZdW4
xRV36jHjtYcLGlPyIFEkSa4blrBxiFJijB2RumvHRYhwEiqN/aRbShXV3z1a1qbu
t2OFEkgdd3dO4CIN2HacBs7a8OK/w9BRsnl826pXkBC7WA2PF6frJ+TZdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIv1qlrGPNa8sUOFqINBzyq55jv9MB8GA1UdIwQY
MBaAFAgqbjd/HIhabXPz9Wn9BtfqTHpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0NwdU4zOGNpRnB0Y19QMWFmMEcxLXBNZWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8xOGZlYjMtZjNkMi00OWYzLTkwZDIt
OWQ0YjE2YjU5ZGU2LzEvaV9XcVdzWTgxcnl4UTRXb2cwSFBLcm5tT18wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8xOGZlYjMtZjNkMi00OWYzLTkwZDItOWQ0YjE2YjU5ZGU2
LzEvQ0NwdU4zOGNpRnB0Y19QMWFmMEcxLXBNZWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ2RMA0G
CSqGSIb3DQEBCwUAA4IBAQBegDpWy9psRRETeQVagjtUpv3dZQ3A4B6SHs0B4Jx0
j6390MKBpEQwKgoj7VGfXLBpEByRubErVVVkvP9d8/2XwInhgitVRS1tLg6rFII5
FTKOO4L1pGMytI4gWDro8UzaWhmnBKZMyvQNnkFMIMGvgdR2YKsqDoa6Gl4Qf21g
DjuGMXNMfWe+Nkc28X89Z1VbxYg3nmZJjmWWFEwNXQvZLciZMN7i6YLetedeD3vL
OqzTpcNfWeqalK9hMO6WYECyEin6MBUZEeWlL3oaAmknEPmYrUvGI/kO9XdtwzFP
q59lCVXexan8+U9wny3v2ZRvFXuCpLNVTjBBcXtymjGm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:26 2025 by rpki-client