Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/CjZwsobg0P5n136i5gVrfgEaevI.roa
File: CjZwsobg0P5n136i5gVrfgEaevI.roa (raw, json)
Hash identifier: IsimKdLxgAEbVEY8KfMQtoK6GhsFyw1PPKwPz68KkoE=
Subject key identifier: 0A:36:70:B2:86:E0:D0:FE:67:D7:7E:A2:E6:05:6B:7E:01:1A:7A:F2
Certificate issuer: /CN=53a77fdfdd14c2df158ebfc2e6cfc2a279a648c1
Certificate serial: 015CB93B
Authority key identifier: 53:A7:7F:DF:DD:14:C2:DF:15:8E:BF:C2:E6:CF:C2:A2:79:A6:48:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6d_390Uwt8Vjr_C5s_ConmmSME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/CjZwsobg0P5n136i5gVrfgEaevI.roa
Signing time: Sat 01 Jan 2022 13:56:06 +0000
ROA not before: Sat 01 Jan 2022 13:56:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211054
IP address blocks: 185.233.129.0/24 maxlen: 24
2a11:2c00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22853947 (0x15cb93b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53a77fdfdd14c2df158ebfc2e6cfc2a279a648c1
Validity
Not Before: Jan 1 13:56:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a3670b286e0d0fe67d77ea2e6056b7e011a7af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:71:06:d0:ce:76:41:4e:ac:78:12:d5:33:d9:
e5:e9:be:76:16:3f:21:4c:d3:a6:71:e4:46:23:f4:
49:9b:b8:af:c9:34:0d:18:7a:fa:23:19:2b:bf:02:
c9:b8:2d:41:49:e8:73:cb:13:04:ee:27:b6:cc:1a:
fa:03:73:a1:2f:84:5c:7d:f2:bc:82:fa:2f:04:31:
2f:31:67:04:e6:b4:13:4f:cc:b7:cf:df:e9:f0:aa:
07:d1:20:b4:96:b7:f3:85:85:fb:81:5d:73:1f:e0:
12:e1:f8:17:2f:94:41:c1:43:57:44:b8:62:06:ab:
fa:bd:3a:7a:6c:64:81:99:31:aa:89:f7:38:34:21:
34:ad:35:b8:1b:dc:25:42:71:d5:29:ef:0a:6c:d6:
8c:a3:92:15:cd:ad:b0:f4:72:30:ef:d6:42:f1:a1:
7b:cc:e0:ad:84:e6:8c:e3:eb:aa:9f:d4:4d:03:85:
06:30:bf:36:91:28:e2:96:de:e1:5d:c5:7a:f3:93:
ea:15:2f:af:0f:3b:5f:2f:d0:cd:95:07:d3:ef:de:
fc:bc:b3:1f:c7:85:5b:aa:1d:ea:16:0b:03:11:4c:
25:59:90:3e:4a:aa:92:ba:38:f0:88:b4:90:4c:46:
d9:99:5c:f1:a9:32:83:d0:f5:de:4a:3b:9d:30:5a:
b1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:36:70:B2:86:E0:D0:FE:67:D7:7E:A2:E6:05:6B:7E:01:1A:7A:F2
X509v3 Authority Key Identifier:
keyid:53:A7:7F:DF:DD:14:C2:DF:15:8E:BF:C2:E6:CF:C2:A2:79:A6:48:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6d_390Uwt8Vjr_C5s_ConmmSME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/CjZwsobg0P5n136i5gVrfgEaevI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/U6d_390Uwt8Vjr_C5s_ConmmSME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.129.0/24
IPv6:
2a11:2c00::/29
Signature Algorithm: sha256WithRSAEncryption
3b:40:d2:9a:4e:75:7e:67:74:1a:53:31:eb:76:06:0a:c8:22:
3f:c3:58:86:6d:bb:e0:f1:bf:2b:75:30:cf:90:d4:b1:8d:40:
86:74:6e:ff:ef:7f:20:2a:71:27:c5:1d:d9:53:92:ec:40:a8:
df:07:d1:30:4d:00:dd:c2:ca:41:db:4a:2c:5b:80:cf:86:a5:
b5:64:83:85:fd:4f:51:d9:bb:88:56:c7:eb:e6:f7:81:b8:37:
d9:06:97:43:42:c7:92:b1:fb:1b:1b:25:9f:ed:50:77:27:be:
22:5d:00:8d:e2:20:8b:05:de:eb:4c:c8:8e:cb:b0:bd:39:31:
d8:44:77:ef:d5:02:c7:59:e3:a9:5a:98:48:d4:50:f5:3e:96:
f2:02:11:47:35:f9:f6:19:63:24:f3:b7:ee:d3:70:b4:0c:77:
fc:e3:94:cc:6c:30:a4:92:3b:f1:d0:af:e4:9f:19:1a:67:19:
63:b2:1a:db:b3:99:7b:aa:cc:e4:40:5b:f9:5d:09:e3:ad:c7:
15:14:9f:bd:87:4a:6b:bb:ab:d1:a0:3c:88:e1:e7:50:43:ca:
0e:bb:42:3b:f2:95:6e:fb:a5:8a:f2:ac:fd:46:cc:bd:b4:27:
8b:df:3a:62:a0:02:77:b4:8d:7f:d1:cc:ef:ca:c5:b3:3e:95:
be:63:3d:88
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAVy5OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2E3N2ZkZmRkMTRjMmRmMTU4ZWJmYzJlNmNmYzJhMjc5YTY0OGMxMB4XDTIyMDEw
MTEzNTYwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGEzNjcwYjI4NmUw
ZDBmZTY3ZDc3ZWEyZTYwNTZiN2UwMTFhN2FmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRxBtDOdkFOrHgS1TPZ5em+dhY/IUzTpnHkRiP0SZu4r8k0
DRh6+iMZK78CybgtQUnoc8sTBO4ntswa+gNzoS+EXH3yvIL6LwQxLzFnBOa0E0/M
t8/f6fCqB9EgtJa384WF+4Fdcx/gEuH4Fy+UQcFDV0S4Ygar+r06emxkgZkxqon3
ODQhNK01uBvcJUJx1SnvCmzWjKOSFc2tsPRyMO/WQvGhe8zgrYTmjOPrqp/UTQOF
BjC/NpEo4pbe4V3FevOT6hUvrw87Xy/QzZUH0+/e/LyzH8eFW6od6hYLAxFMJVmQ
Pkqqkro48Ii0kExG2Zlc8akyg9D13ko7nTBasVUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQKNnCyhuDQ/mfXfqLmBWt+ARp68jAfBgNVHSMEGDAWgBRTp3/f3RTC3xWO
v8Lmz8KieaZIwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1U2ZF8zOTBVd3Q4VmpyX0M1c19Db25tbVNNRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDYvMTVhN2RmLTk5YjUtNGE5MS05YmM3LWQ4YTQyZjMyMGVhZS8x
L0NqWndzb2JnMFA1bjEzNmk1Z1ZyZmdFYWV2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYv
MTVhN2RmLTk5YjUtNGE5MS05YmM3LWQ4YTQyZjMyMGVhZS8xL1U2ZF8zOTBVd3Q4
VmpyX0M1c19Db25tbVNNRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnpgTANBAIAAjAHAwUDKhEsADAN
BgkqhkiG9w0BAQsFAAOCAQEAO0DSmk51fmd0GlMx63YGCsgiP8NYhm274PG/K3Uw
z5DUsY1AhnRu/+9/ICpxJ8Ud2VOS7ECo3wfRME0A3cLKQdtKLFuAz4altWSDhf1P
Udm7iFbH6+b3gbg32QaXQ0LHkrH7Gxsln+1Qdye+Il0AjeIgiwXe60zIjsuwvTkx
2ER379UCx1njqVqYSNRQ9T6W8gIRRzX59hljJPO37tNwtAx3/OOUzGwwpJI78dCv
5J8ZGmcZY7Ia27OZe6rM5EBb+V0J463HFRSfvYdKa7ur0aA8iOHnUEPKDrtCO/KV
bvulivKs/UbMvbQni986YqACd7SNf9HM78rFsz6VvmM9iA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:36:15 2025 by rpki-client