Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/iEE1jMXw0VioQ_3KadeQYWeEi6Y.roa
File: iEE1jMXw0VioQ_3KadeQYWeEi6Y.roa (raw, json)
Hash identifier: A8jXFxSBBBffjGAkkBwAX2mIV4upjjcuKKDut1ep/zE=
Subject key identifier: 88:41:35:8C:C5:F0:D1:58:A8:43:FD:CA:69:D7:90:61:67:84:8B:A6
Certificate issuer: /CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Certificate serial: 0184E7D275E53A00B59102732F8052011F50
Authority key identifier: E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/iEE1jMXw0VioQ_3KadeQYWeEi6Y.roa
Signing time: Tue 06 Dec 2022 14:24:00 +0000
ROA not before: Tue 06 Dec 2022 14:24:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209817
IP address blocks: 185.253.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:d2:75:e5:3a:00:b5:91:02:73:2f:80:52:01:1f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Validity
Not Before: Dec 6 14:24:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8841358cc5f0d158a843fdca69d7906167848ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1c:8a:17:39:4c:22:74:6b:d6:a3:63:16:73:
3d:a7:d6:21:48:14:0a:c0:a8:82:ca:89:05:4e:ef:
30:f6:09:ed:06:b9:b2:fa:bf:e7:d0:19:9c:66:2c:
f1:02:a2:4b:16:85:ae:27:c1:12:62:a3:03:07:81:
5f:91:b8:19:7d:c1:5f:4c:cb:6e:51:2c:d0:b9:ec:
df:38:e7:84:db:16:20:51:a5:1c:b7:73:39:1e:02:
d4:11:9a:9a:14:b0:9d:4b:7f:2a:02:6b:fc:78:43:
83:e9:57:4a:63:a9:f7:2e:d5:3c:e8:da:d1:85:2c:
23:a6:01:8e:cf:ce:fe:bb:8b:03:31:a4:46:4e:0f:
c5:48:25:3f:fb:11:c2:b0:af:3f:41:04:01:31:8b:
75:73:c6:9e:6d:76:4a:ca:e6:03:5d:8f:cf:1a:00:
62:71:16:7a:db:7c:27:f4:a3:22:4a:a7:7c:89:ad:
1e:3f:1c:eb:41:9f:95:c5:f3:0d:7d:61:ad:3a:ed:
43:4a:7d:6d:cb:65:b2:e2:95:8d:57:5b:cd:71:a6:
e9:fc:56:af:f1:d3:3c:e2:dd:1c:d5:3b:24:ee:f9:
61:1f:c5:89:16:20:08:e5:5e:bc:57:9e:77:01:c4:
db:d9:31:80:56:ab:c7:10:72:b9:2e:fe:41:c9:0a:
10:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:41:35:8C:C5:F0:D1:58:A8:43:FD:CA:69:D7:90:61:67:84:8B:A6
X509v3 Authority Key Identifier:
keyid:E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/iEE1jMXw0VioQ_3KadeQYWeEi6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.235.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:bd:9e:af:aa:1f:c3:85:35:9e:03:74:58:f6:b5:6f:da:2d:
34:09:25:20:21:a7:13:d6:49:c5:e7:2f:6c:5f:f9:fa:73:93:
25:9c:eb:ae:05:b3:e2:e8:8e:97:74:c0:b8:15:a0:49:1e:ce:
ee:a9:c6:52:37:f7:8c:72:18:25:29:b7:44:d8:0f:35:50:75:
a1:f4:3b:32:a9:2a:e8:a4:eb:be:05:42:46:50:bf:a3:1c:b3:
3d:8b:0b:69:71:9b:a6:94:89:d2:1d:b1:f1:d5:69:08:2b:3d:
9a:8c:29:23:63:99:60:d2:23:62:17:02:21:cf:93:92:72:3d:
29:9a:db:81:b9:ff:03:06:52:34:0c:b5:39:46:9e:b8:63:0e:
e4:a8:a7:9b:d8:30:bc:ee:c1:36:ad:d6:35:b2:7f:cb:89:e2:
7e:00:f0:52:8d:83:d0:10:8e:d7:5a:24:a7:9c:28:be:01:4b:
34:42:5a:70:3d:e2:cb:7b:e3:70:7d:29:a5:bf:36:de:e8:bf:
b7:92:90:69:82:c8:4f:31:36:f8:21:78:e5:50:88:83:a6:01:
d1:8a:38:be:81:08:cf:0e:35:7f:f7:f2:fa:47:75:91:d6:78:
46:2a:7c:5c:16:2f:6e:ed:26:79:37:0b:2c:d5:fd:3c:ac:0d:
d6:18:f9:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTn0nXlOgC1kQJzL4BSAR9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmU4ZWZlYzFmYjAzZDhhZjk3OWFmMWNiYTEzYTA4NDVh
N2IwYmEwHhcNMjIxMjA2MTQyNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQxMzU4Y2M1ZjBkMTU4YTg0M2ZkY2E2OWQ3OTA2MTY3ODQ4YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxyKFzlMInRr1qNjFnM9p9YhSBQK
wKiCyokFTu8w9gntBrmy+r/n0BmcZizxAqJLFoWuJ8ESYqMDB4FfkbgZfcFfTMtu
USzQuezfOOeE2xYgUaUct3M5HgLUEZqaFLCdS38qAmv8eEOD6VdKY6n3LtU86NrR
hSwjpgGOz87+u4sDMaRGTg/FSCU/+xHCsK8/QQQBMYt1c8aebXZKyuYDXY/PGgBi
cRZ623wn9KMiSqd8ia0ePxzrQZ+VxfMNfWGtOu1DSn1ty2Wy4pWNV1vNcabp/Fav
8dM84t0c1Tsk7vlhH8WJFiAI5V68V553AcTb2TGAVqvHEHK5Lv5ByQoQzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhBNYzF8NFYqEP9ymnXkGFnhIumMB8GA1UdIwQY
MBaAFOS+jv7B+wPYr5ea8cuhOghFp7C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUt
ZGZiZmEzZmNmMDIxLzEvaUVFMWpNWHcwVmlvUV8zS2FkZVFZV2VFaTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUtZGZiZmEzZmNmMDIx
LzEvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf3rMA0G
CSqGSIb3DQEBCwUAA4IBAQCwvZ6vqh/DhTWeA3RY9rVv2i00CSUgIacT1knF5y9s
X/n6c5MlnOuuBbPi6I6XdMC4FaBJHs7uqcZSN/eMchglKbdE2A81UHWh9DsyqSro
pOu+BUJGUL+jHLM9iwtpcZumlInSHbHx1WkIKz2ajCkjY5lg0iNiFwIhz5OScj0p
mtuBuf8DBlI0DLU5Rp64Yw7kqKeb2DC87sE2rdY1sn/LieJ+APBSjYPQEI7XWiSn
nCi+AUs0QlpwPeLLe+NwfSmlvzbe6L+3kpBpgshPMTb4IXjlUIiDpgHRiji+gQjP
DjV/9/L6R3WR1nhGKnxcFi9u7SZ5Nwss1f08rA3WGPm5
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:24 2025 by rpki-client