Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/43hRBYtcZL8a5p2-SFuFeznXWRQ.roa
File: 43hRBYtcZL8a5p2-SFuFeznXWRQ.roa (raw, json)
Hash identifier: GyCGsn6eNLrOoPtdlabeQlQfU0CsIkJ+Wy4uhFMLcvQ=
Subject key identifier: E3:78:51:05:8B:5C:64:BF:1A:E6:9D:BE:48:5B:85:7B:39:D7:59:14
Certificate issuer: /CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Certificate serial: 0D0A6F07
Authority key identifier: 90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/43hRBYtcZL8a5p2-SFuFeznXWRQ.roa
Signing time: Sat 01 Jan 2022 07:58:33 +0000
ROA not before: Sat 01 Jan 2022 07:58:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212911
IP address blocks: 185.220.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 218787591 (0xd0a6f07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Validity
Not Before: Jan 1 07:58:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e37851058b5c64bf1ae69dbe485b857b39d75914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:28:f2:6f:0d:fe:50:0c:26:8f:7b:4e:6a:f5:
75:6d:03:05:6b:da:0c:66:0e:81:f3:a5:14:09:9b:
32:ee:dd:43:f0:1e:c9:09:7a:f0:0e:f1:b1:13:95:
52:e4:0b:fd:02:94:b6:38:97:89:bf:8f:3e:9f:d4:
5a:eb:8b:4b:a9:35:89:ce:12:f8:94:cc:aa:01:fe:
59:f4:6f:25:5c:db:bf:d1:a0:8a:3a:31:ad:01:e1:
b8:3a:77:c0:1d:9a:05:9d:0d:db:20:74:c0:28:b1:
63:91:8d:50:14:3f:71:5e:d7:4f:38:f7:4e:b6:75:
f6:8d:2b:fd:51:55:14:97:d9:0c:90:44:3f:80:a8:
19:ec:6d:f1:89:9f:7e:a1:2e:4e:09:04:4b:3c:7f:
39:b2:d7:04:45:f6:6d:5c:6b:41:a5:71:1b:90:e5:
ec:82:c5:82:d3:2f:cd:6a:43:01:28:72:99:24:a7:
22:99:5f:38:ce:85:09:24:3f:b9:a6:6f:f8:59:3b:
50:34:74:5d:42:0e:3d:6a:c3:29:fb:4b:67:45:cd:
b2:3a:d2:cc:94:cf:fa:e8:97:1c:ed:b4:bb:dc:95:
ef:34:7c:26:20:36:2c:e1:75:00:04:23:c3:70:2f:
54:a2:99:fd:5e:1c:f8:99:95:d0:5a:41:0f:50:ba:
1e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:78:51:05:8B:5C:64:BF:1A:E6:9D:BE:48:5B:85:7B:39:D7:59:14
X509v3 Authority Key Identifier:
keyid:90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/43hRBYtcZL8a5p2-SFuFeznXWRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/kPJzpjxR6vP55a57n6r9spMTQN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.119.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4a:cc:14:de:e3:16:d6:69:1d:aa:77:ae:e3:95:54:58:8e:
1b:10:3f:66:55:30:6e:f1:81:9a:b3:de:23:5d:8a:7b:74:27:
27:bd:9d:01:0a:c1:02:7f:fd:1f:1e:73:bd:4b:03:0d:d7:1b:
65:bf:13:ee:77:4f:24:75:9a:e9:4c:b3:3e:f9:4f:71:6a:bf:
e5:33:55:5c:f0:94:13:e9:db:7a:cc:1f:97:fc:7f:58:02:0c:
20:10:c2:95:1f:9e:4a:80:6f:2f:9c:87:5c:8c:3e:4a:1d:13:
a2:08:a8:ed:0c:6f:cb:59:4c:b1:bf:2f:03:6e:01:73:b4:ce:
b6:0f:c4:12:6a:68:32:fd:fd:23:26:dd:4c:fc:e9:30:0c:60:
a8:bd:0f:a2:17:3e:8f:52:9a:d1:3e:18:74:0e:77:d5:9b:a7:
c7:f6:e1:8d:64:8f:37:86:f6:48:ea:23:df:07:f1:11:4c:4b:
59:d4:da:25:6d:95:b2:27:03:bf:56:ae:50:f0:52:6a:45:ed:
c8:2e:aa:17:cc:c2:9c:b2:31:a9:90:55:86:68:1b:48:c1:aa:
39:fb:1d:f8:71:cd:7b:fe:05:90:75:c4:0e:cf:2d:3c:8a:77:
bd:d5:23:cb:ae:4c:67:a4:6d:74:73:27:59:8b:fe:f3:4c:04:
1c:be:d9:ea
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDQpvBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGYyNzNhNjNjNTFlYWYzZjllNWFlN2I5ZmFhZmRiMjkzMTM0MGRmMB4XDTIyMDEw
MTA3NTgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM3ODUxMDU4YjVj
NjRiZjFhZTY5ZGJlNDg1Yjg1N2IzOWQ3NTkxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYo8m8N/lAMJo97Tmr1dW0DBWvaDGYOgfOlFAmbMu7dQ/Ae
yQl68A7xsROVUuQL/QKUtjiXib+PPp/UWuuLS6k1ic4S+JTMqgH+WfRvJVzbv9Gg
ijoxrQHhuDp3wB2aBZ0N2yB0wCixY5GNUBQ/cV7XTzj3TrZ19o0r/VFVFJfZDJBE
P4CoGext8YmffqEuTgkESzx/ObLXBEX2bVxrQaVxG5Dl7ILFgtMvzWpDAShymSSn
IplfOM6FCSQ/uaZv+Fk7UDR0XUIOPWrDKftLZ0XNsjrSzJTP+uiXHO20u9yV7zR8
JiA2LOF1AAQjw3AvVKKZ/V4c+JmV0FpBD1C6HvECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjeFEFi1xkvxrmnb5IW4V7OddZFDAfBgNVHSMEGDAWgBSQ8nOmPFHq8/nl
rnufqv2ykxNA3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tQSnpwanhSNnZQNTVhNTduNnI5c3BNVFFOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvYmM2NzZiLWMwYjYtNGZiYi05MzNmLTUwODJjMjhiNzE1Zi8x
LzQzaFJCWXRjWkw4YTVwMi1TRnVGZXpuWFdSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
YmM2NzZiLWMwYjYtNGZiYi05MzNmLTUwODJjMjhiNzE1Zi8xL2tQSnpwanhSNnZQ
NTVhNTduNnI5c3BNVFFOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALncdzANBgkqhkiG9w0BAQsFAAOC
AQEAGErMFN7jFtZpHap3ruOVVFiOGxA/ZlUwbvGBmrPeI12Ke3QnJ72dAQrBAn/9
Hx5zvUsDDdcbZb8T7ndPJHWa6UyzPvlPcWq/5TNVXPCUE+nbeswfl/x/WAIMIBDC
lR+eSoBvL5yHXIw+Sh0Togio7Qxvy1lMsb8vA24Bc7TOtg/EEmpoMv39IybdTPzp
MAxgqL0Pohc+j1Ka0T4YdA531Zunx/bhjWSPN4b2SOoj3wfxEUxLWdTaJW2VsicD
v1auUPBSakXtyC6qF8zCnLIxqZBVhmgbSMGqOfsd+HHNe/4FkHXEDs8tPIp3vdUj
y65MZ6RtdHMnWYv+80wEHL7Z6g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:37 2025 by rpki-client