Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/I7exddMozpwXa2KO9H4Zqe2GN0w.roa
File: I7exddMozpwXa2KO9H4Zqe2GN0w.roa (raw, json)
Hash identifier: ICgm1Pa+0Ceeq7EJcy/qmr9bN9J/HgZ1jvF/sAykJxA=
Subject key identifier: 23:B7:B1:75:D3:28:CE:9C:17:6B:62:8E:F4:7E:19:A9:ED:86:37:4C
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 018925AE5C0001A3370AA8BEB37140CECBF7
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/I7exddMozpwXa2KO9H4Zqe2GN0w.roa
Signing time: Wed 05 Jul 2023 10:52:11 +0000
ROA not before: Wed 05 Jul 2023 10:52:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.191.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:ae:5c:00:01:a3:37:0a:a8:be:b3:71:40:ce:cb:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Jul 5 10:52:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23b7b175d328ce9c176b628ef47e19a9ed86374c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9c:c5:4d:22:31:3b:84:64:bc:af:4d:ee:93:
30:da:d9:9a:9d:3c:02:fe:01:f0:64:13:92:b6:a4:
8f:eb:83:fc:05:27:ca:18:3c:3e:10:33:72:ee:de:
c1:a2:15:60:0f:53:f0:17:2f:85:8f:68:f2:cc:83:
01:f8:f8:ed:9d:09:49:b9:ed:59:85:9c:15:a8:fd:
d4:1f:b7:3a:96:13:00:af:72:d2:cc:ed:b5:92:f7:
fe:9d:31:44:5d:5c:ca:2f:a2:5c:13:62:58:13:f5:
67:f6:a7:f4:34:1a:df:61:da:ea:e2:bf:cd:c8:e9:
13:85:be:94:a7:19:7e:06:d0:18:af:7a:f8:0e:0f:
ce:8b:58:e4:01:c0:bc:44:33:54:48:bf:ba:63:c2:
de:63:31:9a:06:8e:a7:5a:36:41:8e:f1:3b:1f:af:
35:4a:35:d1:b2:15:bb:19:0c:5c:87:65:98:cf:f9:
61:04:6f:fd:51:7c:cc:3b:0e:62:52:9e:7d:ce:c1:
1a:0b:e9:b1:89:c2:26:2a:95:3e:02:cb:ee:a6:d9:
7c:42:78:ad:0e:2e:b1:4d:1d:f5:8c:68:6c:b0:66:
cf:cb:2e:39:fc:0b:fb:ba:ee:7a:55:58:dc:80:2e:
43:bf:82:2d:ca:86:1f:65:e1:85:1f:dd:18:5a:34:
91:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B7:B1:75:D3:28:CE:9C:17:6B:62:8E:F4:7E:19:A9:ED:86:37:4C
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/I7exddMozpwXa2KO9H4Zqe2GN0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.144.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:cf:92:d6:9c:1e:a1:d5:82:67:3d:93:f4:31:09:c1:66:68:
39:19:3c:74:72:d5:45:9c:0f:2d:0b:4c:08:f2:90:6d:cb:2f:
e0:4b:5c:60:3d:79:8c:4c:51:0a:49:be:d1:46:08:6b:34:eb:
49:06:59:43:bf:5d:0b:66:0f:d6:04:1c:8d:b7:8c:54:4e:60:
f6:c9:f1:9a:4e:7f:a1:ec:f8:df:b2:ec:1f:52:a6:e3:f3:12:
6f:2d:5b:a3:e4:58:e8:19:2d:99:a8:f7:3b:20:ca:76:1e:b6:
3d:dd:4f:ce:cb:4a:53:34:0e:c7:8f:24:39:c1:2b:89:a2:1d:
04:ba:46:9c:69:44:3a:ff:1f:34:e2:06:79:16:b4:b8:4a:2d:
6a:ad:f2:12:b9:82:d5:de:d0:a9:be:04:14:e7:8f:c9:f0:f1:
79:8d:47:8d:6a:4b:76:b6:7e:b5:02:bf:2d:00:27:71:99:f0:
cf:26:a0:fb:fc:8e:3e:08:41:6f:63:08:24:20:26:6f:5d:dc:
a1:d8:86:e3:b1:07:d7:ca:92:fa:44:f8:92:6e:29:52:b7:07:
3f:f6:7e:8d:d3:68:46:33:1a:0d:64:17:88:3c:db:76:ff:37:
46:15:38:d6:50:53:da:d0:2e:55:ed:5c:31:46:41:ed:e2:79:
ce:43:22:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYklrlwAAaM3Cqi+s3FAzsv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwNzA1MTA1MjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I3YjE3NWQzMjhjZTljMTc2YjYyOGVmNDdlMTlhOWVkODYzNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJzFTSIxO4RkvK9N7pMw2tmanTwC
/gHwZBOStqSP64P8BSfKGDw+EDNy7t7BohVgD1PwFy+Fj2jyzIMB+PjtnQlJue1Z
hZwVqP3UH7c6lhMAr3LSzO21kvf+nTFEXVzKL6JcE2JYE/Vn9qf0NBrfYdrq4r/N
yOkThb6Upxl+BtAYr3r4Dg/Oi1jkAcC8RDNUSL+6Y8LeYzGaBo6nWjZBjvE7H681
SjXRshW7GQxch2WYz/lhBG/9UXzMOw5iUp59zsEaC+mxicImKpU+Asvuptl8Qnit
Di6xTR31jGhssGbPyy45/Av7uu56VVjcgC5Dv4ItyoYfZeGFH90YWjSRkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCO3sXXTKM6cF2tijvR+GanthjdMMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvSTdleGRkTW96cHdYYTJLTzlINFpxZTJHTjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+QMA0G
CSqGSIb3DQEBCwUAA4IBAQC6z5LWnB6h1YJnPZP0MQnBZmg5GTx0ctVFnA8tC0wI
8pBtyy/gS1xgPXmMTFEKSb7RRghrNOtJBllDv10LZg/WBByNt4xUTmD2yfGaTn+h
7PjfsuwfUqbj8xJvLVuj5FjoGS2ZqPc7IMp2HrY93U/Oy0pTNA7HjyQ5wSuJoh0E
ukacaUQ6/x804gZ5FrS4Si1qrfISuYLV3tCpvgQU54/J8PF5jUeNakt2tn61Ar8t
ACdxmfDPJqD7/I4+CEFvYwgkICZvXdyh2IbjsQfXypL6RPiSbilStwc/9n6N02hG
MxoNZBeIPNt2/zdGFTjWUFPa0C5V7VwxRkHt4nnOQyJQ
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:22:20 2025 by rpki-client