Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/sTcGPFKVsbOzOwzINDyzGjjCfQM.roa
File: sTcGPFKVsbOzOwzINDyzGjjCfQM.roa (raw, json)
Hash identifier: fCMcGTp+ElfS3JG/Dwr4UZG2fopWXQQ+TUBhXCbpn/Y=
Subject key identifier: B1:37:06:3C:52:95:B1:B3:B3:3B:0C:C8:34:3C:B3:1A:38:C2:7D:03
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 018510A5B482DA0C093B96A3C0E6EC56098F
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/sTcGPFKVsbOzOwzINDyzGjjCfQM.roa
Signing time: Wed 14 Dec 2022 12:39:33 +0000
ROA not before: Wed 14 Dec 2022 12:39:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212609
IP address blocks: 185.191.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:a5:b4:82:da:0c:09:3b:96:a3:c0:e6:ec:56:09:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Dec 14 12:39:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b137063c5295b1b3b33b0cc8343cb31a38c27d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:12:27:ec:d6:21:88:5d:53:10:8a:5a:19:cf:
be:d7:50:bc:4c:87:a4:64:08:f0:c4:85:2a:07:97:
7a:d6:07:60:e0:a6:8c:90:a7:48:61:77:b5:77:37:
fa:ce:46:74:75:8f:e0:c0:16:c7:92:a4:23:d3:9f:
86:ff:39:5c:38:23:41:f3:56:31:05:3b:a3:60:53:
7d:97:2a:18:74:2f:ac:c3:e1:cf:3d:f3:0e:76:43:
e7:bd:59:69:88:1d:71:c8:f1:b7:a2:b3:03:3a:3a:
b9:f3:89:bf:b0:b8:40:f8:1c:ce:72:a4:71:79:fa:
f5:35:85:0f:86:ae:f8:a6:d5:74:04:2e:3b:16:77:
f0:b8:8b:d5:a9:00:9b:31:7b:46:4f:33:e7:0c:ec:
44:c7:10:95:27:c0:42:f5:ae:d0:15:71:63:c1:c2:
c4:00:a2:01:28:ce:00:fe:19:64:5d:e2:c0:96:cb:
6d:ad:73:e8:83:da:e6:26:4d:c9:ed:26:db:aa:3d:
96:25:64:a9:ae:0a:62:3d:6f:f4:70:32:88:06:07:
79:bc:2b:25:72:f7:16:48:af:ac:0b:e5:2e:83:a4:
7f:c9:0f:7c:f1:f7:88:49:6a:ad:7e:33:e4:7d:fa:
d6:40:f5:b5:b9:76:37:14:27:bb:f6:74:c8:b4:43:
f6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:37:06:3C:52:95:B1:B3:B3:3B:0C:C8:34:3C:B3:1A:38:C2:7D:03
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/sTcGPFKVsbOzOwzINDyzGjjCfQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.146.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:ce:16:64:9b:e1:45:0b:ba:44:e1:83:0c:7e:aa:3f:75:68:
d7:d9:26:3c:51:05:0f:25:c1:8d:f5:e4:ed:c1:87:00:6b:38:
67:58:f3:50:cd:8f:a7:49:b4:96:a7:4d:e7:d0:cf:27:31:0a:
cd:0d:10:63:fa:ec:7b:a5:cc:4b:39:cd:47:5c:4d:ac:1a:18:
ad:18:ef:86:ab:20:3a:e4:c4:e8:57:af:b8:c6:cd:f7:2b:98:
b4:1f:96:b9:a9:ef:4c:a8:0c:37:41:39:c3:cd:8f:02:bd:5e:
b6:d3:39:c4:0e:b2:ca:cb:5f:0c:1a:8d:c5:47:6e:83:f9:f6:
76:85:6b:a7:92:62:9d:19:23:6a:9c:8a:3a:3d:19:0e:f0:15:
6a:ae:cc:6f:4f:37:db:81:d2:63:fd:5f:de:5f:f0:62:85:62:
20:a1:4d:92:9a:ca:7f:ba:27:6e:2a:4e:8a:ca:a4:02:90:db:
7c:ae:d4:75:2b:b5:47:ce:4c:ad:16:49:67:7f:3e:82:05:9e:
26:37:88:91:fd:66:56:e5:91:f9:89:1e:42:81:65:84:1a:70:
cb:5e:1b:33:8e:d0:65:73:b3:a4:0a:d8:05:b8:6c:99:93:b6:
6e:49:49:9d:36:ac:2e:28:de:6a:09:2e:1c:ee:fb:3a:12:b3:
a7:60:39:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUQpbSC2gwJO5ajwObsVgmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjIxMjE0MTIzOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTM3MDYzYzUyOTViMWIzYjMzYjBjYzgzNDNjYjMxYTM4YzI3ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhIn7NYhiF1TEIpaGc++11C8TIek
ZAjwxIUqB5d61gdg4KaMkKdIYXe1dzf6zkZ0dY/gwBbHkqQj05+G/zlcOCNB81Yx
BTujYFN9lyoYdC+sw+HPPfMOdkPnvVlpiB1xyPG3orMDOjq584m/sLhA+BzOcqRx
efr1NYUPhq74ptV0BC47FnfwuIvVqQCbMXtGTzPnDOxExxCVJ8BC9a7QFXFjwcLE
AKIBKM4A/hlkXeLAlsttrXPog9rmJk3J7Sbbqj2WJWSprgpiPW/0cDKIBgd5vCsl
cvcWSK+sC+Uug6R/yQ988feISWqtfjPkffrWQPW1uXY3FCe79nTItEP2KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLE3BjxSlbGzszsMyDQ8sxo4wn0DMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvc1RjR1BGS1ZzYk96T3d6SU5EeXpHampDZlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+SMA0G
CSqGSIb3DQEBCwUAA4IBAQCwzhZkm+FFC7pE4YMMfqo/dWjX2SY8UQUPJcGN9eTt
wYcAazhnWPNQzY+nSbSWp03n0M8nMQrNDRBj+ux7pcxLOc1HXE2sGhitGO+GqyA6
5MToV6+4xs33K5i0H5a5qe9MqAw3QTnDzY8CvV620znEDrLKy18MGo3FR26D+fZ2
hWunkmKdGSNqnIo6PRkO8BVqrsxvTzfbgdJj/V/eX/BihWIgoU2Smsp/uiduKk6K
yqQCkNt8rtR1K7VHzkytFklnfz6CBZ4mN4iR/WZW5ZH5iR5CgWWEGnDLXhszjtBl
c7OkCtgFuGyZk7ZuSUmdNqwuKN5qCS4c7vs6ErOnYDlZ
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:01:21 2025 by rpki-client