Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1-IeStNPSG3xBvoFxEEnVVzN2wyM.roa
File: 1-IeStNPSG3xBvoFxEEnVVzN2wyM.roa (raw, json)
Hash identifier: Q6q/PSdVAKfDd7BhheHHMSiPlgngeuSAHiskdStvtbM=
Subject key identifier: F8:87:92:B4:D3:D2:1B:7C:41:BE:81:71:10:49:D5:57:33:76:C3:23
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 1B24FB
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1-IeStNPSG3xBvoFxEEnVVzN2wyM.roa
Signing time: Thu 17 Feb 2022 10:44:28 +0000
ROA not before: Thu 17 Feb 2022 10:44:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 185.191.146.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1778939 (0x1b24fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Feb 17 10:44:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f88792b4d3d21b7c41be81711049d5573376c323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ed:71:55:a9:5f:86:c5:fa:a4:4c:c3:2d:ab:
24:88:ac:3a:f6:8b:1c:3a:bb:c8:4f:75:b9:2d:11:
2c:f8:96:55:08:4c:d3:6d:ba:cf:e0:f8:9c:38:b7:
08:8f:9c:ef:0e:28:26:c8:0e:2b:3f:2c:67:02:21:
45:21:44:23:82:7a:17:66:a5:ac:15:40:ed:79:91:
21:b1:81:4f:42:c1:96:92:0f:82:ec:e9:9f:60:c6:
fd:66:83:2d:7a:52:89:77:8d:e0:49:1f:50:53:e3:
8a:26:2a:11:25:7c:55:91:12:1b:8a:b7:40:7d:3a:
cc:48:e2:b3:f8:c1:d7:9f:82:57:b8:7c:16:75:1d:
26:c8:72:3c:36:b1:67:28:68:b9:99:68:8a:2c:73:
76:72:59:26:93:62:0a:99:f6:3b:d6:b3:da:56:6c:
37:75:d1:74:93:82:ba:0d:57:fb:dc:e7:b3:4c:ff:
ca:85:ce:5d:c1:a1:1b:04:d1:6b:f0:c5:81:dd:07:
f8:4d:68:1d:1c:b6:02:ea:38:90:5f:97:c9:b8:b7:
02:b0:74:3d:75:fa:7b:d5:cc:eb:4c:d7:0f:a6:89:
6a:3c:2a:51:25:e3:a0:85:dd:34:e9:2b:bc:5a:59:
f0:21:1b:76:f9:87:89:11:26:84:79:32:fc:9e:2c:
f7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:87:92:B4:D3:D2:1B:7C:41:BE:81:71:10:49:D5:57:33:76:C3:23
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1-IeStNPSG3xBvoFxEEnVVzN2wyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.146.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:ba:ac:5c:1a:12:39:04:fa:b1:c1:52:80:05:7e:16:97:7d:
19:bd:42:52:e7:fb:ab:6f:6e:99:2f:c3:9d:d6:69:56:f3:a4:
c3:59:e4:2b:fe:1e:22:63:71:0a:99:4b:05:37:7a:3a:1d:7e:
dc:87:c0:10:55:34:33:7f:d2:2d:49:a7:e5:96:4c:5d:d1:d8:
27:4d:9f:88:98:10:d4:e8:58:7c:2e:18:e7:65:8e:e2:82:43:
ae:41:64:6f:62:ee:60:60:4a:03:e7:13:25:4b:14:63:e9:a8:
82:4b:73:1b:8a:6b:22:9c:ae:5a:86:ff:e3:1b:dd:4a:d7:8d:
10:03:ff:f9:26:ab:3f:1a:a4:dd:ee:91:a0:24:15:d0:bc:b9:
a4:d7:b1:1b:43:38:1c:00:ad:8c:fc:f2:e3:1f:15:f0:f4:e8:
dc:c4:36:d5:a9:38:7c:1e:3c:4b:14:42:07:3f:ef:1b:cc:da:
8c:7d:17:10:39:2b:f6:dc:5a:84:ad:c5:a2:55:20:be:90:3c:
09:c6:6b:f8:21:86:cf:22:e8:04:8d:99:fe:d5:c5:ed:9b:ae:
7c:75:41:e2:52:58:e6:7e:a7:04:75:90:3a:eb:4a:0c:dd:8a:
d7:d3:c4:b4:45:6b:b3:30:4c:d4:1e:ac:27:27:87:5c:d1:57:
f9:f6:d0:58
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDGyT7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRk
NjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQyYjg3OTYwHhcNMjIwMjE3
MTA0NDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmODg3OTJiNGQzZDIx
YjdjNDFiZTgxNzExMDQ5ZDU1NzMzNzZjMzIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3+1xValfhsX6pEzDLaskiKw69oscOrvIT3W5LREs+JZVCEzT
bbrP4PicOLcIj5zvDigmyA4rPyxnAiFFIUQjgnoXZqWsFUDteZEhsYFPQsGWkg+C
7OmfYMb9ZoMtelKJd43gSR9QU+OKJioRJXxVkRIbirdAfTrMSOKz+MHXn4JXuHwW
dR0myHI8NrFnKGi5mWiKLHN2clkmk2IKmfY71rPaVmw3ddF0k4K6DVf73OezTP/K
hc5dwaEbBNFr8MWB3Qf4TWgdHLYC6jiQX5fJuLcCsHQ9dfp71czrTNcPpolqPCpR
JeOghd006Su8WlnwIRt2+YeJESaEeTL8niz30QIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFPiHkrTT0ht8Qb6BcRBJ1VczdsMjMB8GA1UdIwQYMBaAFN1kAznlmt3HX9l4
EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCBjgYIKwYBBQUHAQsEgYEw
fzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRiLzEv
MS1JZVN0TlBTRzN4QnZvRnhFRW5WVnpOMnd5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
NzYxNmU1LWE4Y2MtNDVkMS1iM2QwLTYxYjczMzU0YWJkYi8xLzNXUURPZVdhM2Nk
ZjJYZ1FHMEFJSzEwcmg1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbm/kjANBgkqhkiG9w0BAQsFAAOC
AQEAu7qsXBoSOQT6scFSgAV+Fpd9Gb1CUuf7q29umS/DndZpVvOkw1nkK/4eImNx
CplLBTd6Oh1+3IfAEFU0M3/SLUmn5ZZMXdHYJ02fiJgQ1OhYfC4Y52WO4oJDrkFk
b2LuYGBKA+cTJUsUY+mogktzG4prIpyuWob/4xvdSteNEAP/+SarPxqk3e6RoCQV
0Ly5pNexG0M4HACtjPzy4x8V8PTo3MQ21ak4fB48SxRCBz/vG8zajH0XEDkr9txa
hK3FolUgvpA8CcZr+CGGzyLoBI2Z/tXF7ZuufHVB4lJY5n6nBHWQOutKDN2K19PE
tEVrszBM1B6sJyeHXNFX+fbQWA==
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:07:59 2025 by rpki-client