Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/EdSxAgQ-giczcKE06nxI-Y9A8vc.roa
File: EdSxAgQ-giczcKE06nxI-Y9A8vc.roa (raw, json)
Hash identifier: d8GC2zxxNnhHkwaueS859uvonXM/YXPqmRX2n5R8qhI=
Subject key identifier: 11:D4:B1:02:04:3E:82:27:33:70:A1:34:EA:7C:48:F9:8F:40:F2:F7
Certificate issuer: /CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Certificate serial: 14478BE0
Authority key identifier: C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/EdSxAgQ-giczcKE06nxI-Y9A8vc.roa
Signing time: Sat 01 Jan 2022 15:01:59 +0000
ROA not before: Sat 01 Jan 2022 15:01:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203523
IP address blocks: 185.122.220.0/23 maxlen: 23
185.122.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 340233184 (0x14478be0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Validity
Not Before: Jan 1 15:01:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11d4b102043e82273370a134ea7c48f98f40f2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:39:c2:bc:e4:0d:77:13:f3:50:cc:eb:d0:44:
3d:bb:20:ec:8d:ca:e8:9b:5a:64:eb:07:60:01:85:
fc:cb:14:17:5a:77:76:45:d6:7a:21:e1:3a:af:bb:
0f:58:34:4e:35:7b:fe:76:cf:c7:2f:0e:d9:eb:26:
63:0c:3f:dd:4d:fb:95:44:20:0a:2b:88:f7:8c:5c:
36:b1:ce:d2:1c:bb:eb:48:4f:aa:07:d1:8e:ab:7c:
c2:ca:88:cb:fc:74:8b:3f:a7:e0:76:97:22:2c:44:
ae:69:73:23:1e:f9:41:3a:ae:7b:8b:01:73:a7:29:
00:7f:19:67:35:e2:80:ed:dc:d0:98:42:ba:79:3c:
09:6d:7f:3b:da:ab:03:89:07:f5:37:50:37:96:a2:
41:51:94:8e:84:44:ad:b3:1d:eb:e7:cc:37:0b:ee:
90:ac:4d:ad:8d:e0:8f:29:dd:0a:c4:df:45:1e:26:
36:a9:43:71:31:fa:c8:26:44:a5:5c:b3:c1:d0:39:
ff:83:4c:93:de:7f:da:5f:37:88:34:75:c0:41:68:
51:31:99:bb:4d:ae:eb:f4:bc:34:a9:e3:60:a0:ce:
e7:c7:f2:88:25:fa:af:a1:b6:97:40:41:d0:52:d6:
d2:10:5a:d9:f9:e7:6d:36:ef:7d:5d:ec:06:48:e4:
15:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D4:B1:02:04:3E:82:27:33:70:A1:34:EA:7C:48:F9:8F:40:F2:F7
X509v3 Authority Key Identifier:
keyid:C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/EdSxAgQ-giczcKE06nxI-Y9A8vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.220.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:c1:e2:74:a9:ec:21:8c:8a:62:aa:b4:e5:65:5a:c9:50:aa:
54:82:93:82:b0:50:54:56:fa:36:93:95:5a:6f:57:e6:ff:11:
f7:08:b1:48:8b:ee:b6:eb:1c:1a:ff:79:df:d2:8e:fc:94:25:
95:a5:e5:bb:28:91:c7:1f:39:2c:d2:c4:5c:6c:ac:b1:54:33:
cf:c4:92:bd:a1:a1:3f:09:0d:20:7f:2e:c2:e4:87:16:92:95:
7c:ec:9c:08:f7:70:6d:f5:c9:da:97:b2:e5:ba:3f:dc:b2:7b:
2f:d1:72:c7:00:14:5a:5c:d1:a5:80:3f:6c:0a:96:c4:21:10:
b8:a5:03:4d:2b:2c:c7:b6:b3:b2:fd:7b:f5:8a:ae:7b:03:21:
6c:a2:47:b1:78:a8:88:57:8f:a7:be:1e:2c:9f:cc:32:b6:db:
b3:14:43:1a:ac:b9:30:d6:81:4a:1d:59:87:89:9b:3a:a1:7e:
a8:d7:93:be:8b:9c:fd:1e:98:09:d7:a0:68:4d:32:25:66:fd:
15:6b:01:9c:c1:f5:94:3f:0e:65:b1:be:17:b4:60:d8:aa:b0:
d6:91:ca:af:c2:7d:da:27:30:d3:96:bb:38:6c:17:0f:4b:93:
64:77:1f:a1:0c:f5:64:2c:97:0a:29:df:07:fa:0f:f5:3f:b2:
fe:8d:62:e9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFEeL4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2MwNTkxZTJlYjQ5ZDA1NTllNmZjZTdlZTJhYTgxZjBmNTliYTZmMB4XDTIyMDEw
MTE1MDE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTFkNGIxMDIwNDNl
ODIyNzMzNzBhMTM0ZWE3YzQ4Zjk4ZjQwZjJmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJo5wrzkDXcT81DM69BEPbsg7I3K6JtaZOsHYAGF/MsUF1p3
dkXWeiHhOq+7D1g0TjV7/nbPxy8O2esmYww/3U37lUQgCiuI94xcNrHO0hy760hP
qgfRjqt8wsqIy/x0iz+n4HaXIixErmlzIx75QTque4sBc6cpAH8ZZzXigO3c0JhC
unk8CW1/O9qrA4kH9TdQN5aiQVGUjoRErbMd6+fMNwvukKxNrY3gjyndCsTfRR4m
NqlDcTH6yCZEpVyzwdA5/4NMk95/2l83iDR1wEFoUTGZu02u6/S8NKnjYKDO58fy
iCX6r6G2l0BB0FLW0hBa2fnnbTbvfV3sBkjkFb0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQR1LECBD6CJzNwoTTqfEj5j0Dy9zAfBgNVHSMEGDAWgBTDwFkeLrSdBVnm
/OfuKqgfD1m6bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c4QlpIaTYwblFWWjV2em43aXFvSHc5WnVtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNGI4YWFiLTIwOTktNDNhZi1iNDFkLWUzNDA3MTc0NjYzYi8x
L0VkU3hBZ1EtZ2ljemNLRTA2bnhJLVk5QTh2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NGI4YWFiLTIwOTktNDNhZi1iNDFkLWUzNDA3MTc0NjYzYi8xL3c4QlpIaTYwblFW
WjV2em43aXFvSHc5WnVtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbl63DANBgkqhkiG9w0BAQsFAAOC
AQEAHMHidKnsIYyKYqq05WVayVCqVIKTgrBQVFb6NpOVWm9X5v8R9wixSIvutusc
Gv9539KO/JQllaXluyiRxx85LNLEXGyssVQzz8SSvaGhPwkNIH8uwuSHFpKVfOyc
CPdwbfXJ2pey5bo/3LJ7L9FyxwAUWlzRpYA/bAqWxCEQuKUDTSssx7azsv179Yqu
ewMhbKJHsXioiFePp74eLJ/MMrbbsxRDGqy5MNaBSh1Zh4mbOqF+qNeTvouc/R6Y
CdegaE0yJWb9FWsBnMH1lD8OZbG+F7Rg2Kqw1pHKr8J92icw05a7OGwXD0uTZHcf
oQz1ZCyXCinfB/oP9T+y/o1i6Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:35 2025 by rpki-client