Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/dcPAZoF3rt6tIRhuaxFQ902USzA.roa
File: dcPAZoF3rt6tIRhuaxFQ902USzA.roa (raw, json)
Hash identifier: 1JJiuY7MJTMXAw6Ktowd10+yVrRG4pNW5npJ5xeX9og=
Subject key identifier: 75:C3:C0:66:81:77:AE:DE:AD:21:18:6E:6B:11:50:F7:4D:94:4B:30
Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial: 01856BCA44741D102F0832362DB19A857F8F
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/dcPAZoF3rt6tIRhuaxFQ902USzA.roa
Signing time: Sun 01 Jan 2023 05:24:55 +0000
ROA not before: Sun 01 Jan 2023 05:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206382
IP address blocks: 185.186.130.0/23 maxlen: 23
185.186.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:44:74:1d:10:2f:08:32:36:2d:b1:9a:85:7f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Validity
Not Before: Jan 1 05:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75c3c0668177aedead21186e6b1150f74d944b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:73:29:bf:ca:d8:e0:a5:77:72:9a:2d:fc:e3:
b9:df:05:8e:95:c8:30:c4:24:ee:a5:b6:ca:b0:23:
bd:d9:73:6b:a8:44:8d:55:4e:b1:0a:a6:64:67:dd:
8a:b1:3c:e9:5f:e4:da:a0:51:96:3d:22:05:b0:dc:
64:3d:de:60:9f:d8:03:a0:3e:3e:30:b7:4a:c3:88:
95:b1:d1:85:d0:60:a3:df:85:c9:64:8a:8d:b6:9f:
b0:a7:5e:de:0f:02:9f:73:e8:8d:7c:fe:00:c0:a0:
11:bc:04:88:c8:35:d7:4c:ac:0d:61:0c:09:a0:33:
a3:2e:5d:fa:ab:c6:61:43:85:40:1a:26:b2:f5:4d:
6f:89:82:a7:74:ce:a9:a4:e9:4e:eb:8c:d7:89:31:
58:b2:d4:2a:dc:48:0c:2e:5c:55:fd:3c:9c:56:42:
44:ac:d0:3a:13:74:9d:35:88:28:7b:e3:bc:fd:1d:
4d:16:1d:7b:4a:cc:41:83:56:eb:d8:97:15:91:76:
f9:14:1f:0e:3c:6c:fb:2e:80:5b:e3:db:7b:d5:74:
5c:37:0a:e6:5f:e4:b0:71:44:d8:f1:1b:22:fb:1e:
70:0d:22:11:c0:f5:df:08:d0:8d:b3:a8:5b:a8:5f:
ad:0e:18:ba:7c:ca:2d:95:de:d8:55:dc:13:af:a9:
7e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C3:C0:66:81:77:AE:DE:AD:21:18:6E:6B:11:50:F7:4D:94:4B:30
X509v3 Authority Key Identifier:
keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/dcPAZoF3rt6tIRhuaxFQ902USzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.129.0-185.186.131.255
Signature Algorithm: sha256WithRSAEncryption
5c:c0:cc:67:1a:9c:b1:a1:b6:6e:23:32:f7:53:6f:53:7f:93:
d6:5b:cd:0a:75:c1:b5:90:9c:15:87:7e:69:c1:10:d8:63:b7:
f8:0e:bd:4d:1c:15:7e:e6:54:7f:80:75:25:ba:15:01:15:98:
1d:6b:e5:3a:57:80:8e:39:ad:3f:c4:d8:ff:50:56:5f:fe:25:
21:4b:46:bc:17:f1:c0:7b:32:87:0b:6c:61:13:bd:a1:0c:6f:
54:8d:3c:6e:bc:87:09:a9:c2:d4:c1:7b:8d:7c:d0:c1:71:62:
13:34:ed:8e:85:f2:7a:b5:5f:b0:c3:24:cb:61:3f:76:ad:a2:
98:ae:4e:41:bf:69:26:04:4b:e3:70:54:26:c8:db:32:3b:d0:
9a:95:74:75:f8:8d:5c:0d:4f:a1:79:10:11:dd:26:03:fc:4b:
fb:cf:71:ff:3b:26:6d:39:ad:41:f8:23:95:18:61:3f:53:3b:
8e:48:a6:82:4a:3b:ca:cf:f0:4a:c8:b8:ae:e4:ae:b5:3f:63:
eb:93:a9:14:62:df:5e:c9:04:b8:96:0e:10:05:93:dd:64:d3:
84:63:46:77:d4:90:ae:ec:13:1b:51:4a:bb:51:58:76:b8:6f:
89:3b:d8:ac:33:fa:6d:67:22:62:5a:25:20:60:16:f1:25:cb:
34:bf:5c:f8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVrykR0HRAvCDI2LbGahX+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk
ODI0MGIwHhcNMjMwMTAxMDUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWMzYzA2NjgxNzdhZWRlYWQyMTE4NmU2YjExNTBmNzRkOTQ0YjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3Mpv8rY4KV3cpot/OO53wWOlcgw
xCTupbbKsCO92XNrqESNVU6xCqZkZ92KsTzpX+TaoFGWPSIFsNxkPd5gn9gDoD4+
MLdKw4iVsdGF0GCj34XJZIqNtp+wp17eDwKfc+iNfP4AwKARvASIyDXXTKwNYQwJ
oDOjLl36q8ZhQ4VAGiay9U1viYKndM6ppOlO64zXiTFYstQq3EgMLlxV/TycVkJE
rNA6E3SdNYgoe+O8/R1NFh17SsxBg1br2JcVkXb5FB8OPGz7LoBb49t71XRcNwrm
X+SwcUTY8Rsi+x5wDSIRwPXfCNCNs6hbqF+tDhi6fMotld7YVdwTr6l+vwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHXDwGaBd67erSEYbmsRUPdNlEswMB8GA1UdIwQY
MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt
MWQ3MDNiNDk2NjM0LzEvZGNQQVpvRjNydDZ0SVJodWF4RlE5MDJVU3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0
LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5uoED
BAK5uoAwDQYJKoZIhvcNAQELBQADggEBAFzAzGcanLGhtm4jMvdTb1N/k9ZbzQp1
wbWQnBWHfmnBENhjt/gOvU0cFX7mVH+AdSW6FQEVmB1r5TpXgI45rT/E2P9QVl/+
JSFLRrwX8cB7MocLbGETvaEMb1SNPG68hwmpwtTBe4180MFxYhM07Y6F8nq1X7DD
JMthP3atopiuTkG/aSYES+NwVCbI2zI70JqVdHX4jVwNT6F5EBHdJgP8S/vPcf87
Jm05rUH4I5UYYT9TO45IpoJKO8rP8ErIuK7krrU/Y+uTqRRi317JBLiWDhAFk91k
04RjRnfUkK7sExtRSrtRWHa4b4k72Kwz+m1nImJaJSBgFvElyzS/XPg=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:29 2025 by rpki-client