Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/impTm_Vor2D3I3yUdQUsLsox3mQ.roa
File: impTm_Vor2D3I3yUdQUsLsox3mQ.roa (raw, json)
Hash identifier: d4UydAOgQ+M564QNHe6mN9vg2YKIu0SxDDiCSEIg4KM=
Subject key identifier: 8A:6A:53:9B:F5:68:AF:60:F7:23:7C:94:75:05:2C:2E:CA:31:DE:64
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 01856EC22122022DFEA89459A76FC3C35ECC
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/impTm_Vor2D3I3yUdQUsLsox3mQ.roa
Signing time: Sun 01 Jan 2023 19:14:54 +0000
ROA not before: Sun 01 Jan 2023 19:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 185.180.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:21:22:02:2d:fe:a8:94:59:a7:6f:c3:c3:5e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Jan 1 19:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a6a539bf568af60f7237c9475052c2eca31de64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bc:5c:2c:90:e1:a3:ac:bf:31:75:e9:02:59:
0f:b9:12:c0:09:68:7a:9b:5b:0c:3b:21:c6:6c:4a:
42:f8:65:fe:35:76:2b:e5:3a:01:35:7c:28:01:c3:
fd:5d:1f:2f:82:02:7a:62:39:aa:43:c4:56:2e:b5:
66:6f:99:63:a3:25:04:79:b4:ee:94:f7:53:32:a3:
5f:e1:5d:40:6d:1f:6d:63:37:6b:1a:b1:8f:a8:4c:
98:25:b2:ad:57:c6:52:b9:4b:60:86:49:52:b6:58:
40:52:1b:a3:92:0e:cd:fe:f5:95:21:e3:a3:87:db:
d9:d4:dc:14:2e:58:cf:a2:2c:f9:04:fe:e6:40:ea:
10:d0:18:38:dc:6a:70:7c:fb:00:a9:6d:60:6c:98:
ee:21:e9:7b:60:f6:4b:ca:29:8b:17:a1:88:b0:0e:
be:01:06:b8:42:12:8b:bd:1a:8c:94:b8:88:82:32:
a7:8d:ee:ce:3c:c2:9e:e8:3e:2a:66:65:ca:6b:18:
34:40:ac:7e:6c:33:4f:3a:06:37:02:ae:09:92:86:
8d:3a:d7:ee:8e:ba:3a:c8:88:a6:b9:e2:a2:42:32:
07:89:1d:b0:fa:ad:ee:bf:3d:0d:a0:c1:7b:2f:18:
76:2c:66:78:58:f2:d4:f6:3e:77:ce:4f:5e:e4:77:
66:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6A:53:9B:F5:68:AF:60:F7:23:7C:94:75:05:2C:2E:CA:31:DE:64
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/impTm_Vor2D3I3yUdQUsLsox3mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.142.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:2f:9e:c6:40:df:d8:29:db:cc:72:e4:26:45:6a:74:ec:d1:
5a:c9:bf:5f:25:97:8e:1c:34:22:3c:f8:a6:83:7d:c0:9b:83:
4b:db:a1:b0:52:56:b8:88:dd:10:ad:0e:da:13:ca:21:c0:a8:
5b:85:e9:b0:e7:9c:e2:32:c9:50:db:a8:48:f6:35:f2:07:6a:
f6:b1:a7:47:8b:69:b8:38:89:6d:54:a7:5e:7e:6f:2a:c8:74:
ae:a5:fa:16:2c:75:44:b6:dd:19:ba:aa:01:55:cd:26:17:52:
14:fe:e1:f8:7f:32:2f:b4:f2:2f:5a:4d:84:a1:f3:f0:52:ed:
4b:ac:1d:a8:6c:36:21:23:0d:2d:3d:f1:26:da:6c:c9:7a:5d:
ae:36:ba:11:18:19:07:7d:fe:03:4f:ae:35:af:f5:25:d0:a5:
43:86:d8:90:43:af:fe:c9:9a:35:af:dc:70:46:0f:63:60:29:
74:61:10:65:25:d7:66:5e:e9:24:0d:01:18:87:16:08:7d:6b:
eb:5c:8f:75:2d:5f:53:e6:42:b0:ad:35:7e:36:fa:ed:46:4a:
f5:c5:9a:71:4e:8d:49:b4:ae:22:fa:aa:2a:af:30:c5:1f:86:
7b:1d:0b:ce:5c:5d:88:58:3a:61:73:fa:f5:9d:9a:56:74:f2:
ab:86:c8:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwiEiAi3+qJRZp2/Dw17MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTZhNTM5YmY1NjhhZjYwZjcyMzdjOTQ3NTA1MmMyZWNhMzFkZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurxcLJDho6y/MXXpAlkPuRLACWh6
m1sMOyHGbEpC+GX+NXYr5ToBNXwoAcP9XR8vggJ6YjmqQ8RWLrVmb5ljoyUEebTu
lPdTMqNf4V1AbR9tYzdrGrGPqEyYJbKtV8ZSuUtghklStlhAUhujkg7N/vWVIeOj
h9vZ1NwULljPoiz5BP7mQOoQ0Bg43GpwfPsAqW1gbJjuIel7YPZLyimLF6GIsA6+
AQa4QhKLvRqMlLiIgjKnje7OPMKe6D4qZmXKaxg0QKx+bDNPOgY3Aq4JkoaNOtfu
jro6yIimueKiQjIHiR2w+q3uvz0NoMF7Lxh2LGZ4WPLU9j53zk9e5HdmBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpqU5v1aK9g9yN8lHUFLC7KMd5kMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvaW1wVG1fVm9yMkQzSTN5VWRRVXNMc294M21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubSOMA0G
CSqGSIb3DQEBCwUAA4IBAQBML57GQN/YKdvMcuQmRWp07NFayb9fJZeOHDQiPPim
g33Am4NL26GwUla4iN0QrQ7aE8ohwKhbhemw55ziMslQ26hI9jXyB2r2sadHi2m4
OIltVKdefm8qyHSupfoWLHVEtt0ZuqoBVc0mF1IU/uH4fzIvtPIvWk2EofPwUu1L
rB2obDYhIw0tPfEm2mzJel2uNroRGBkHff4DT641r/Ul0KVDhtiQQ6/+yZo1r9xw
Rg9jYCl0YRBlJddmXukkDQEYhxYIfWvrXI91LV9T5kKwrTV+NvrtRkr1xZpxTo1J
tK4i+qoqrzDFH4Z7HQvOXF2IWDphc/r1nZpWdPKrhsi2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:50 2025 by rpki-client