Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/pHwc75jRON8PjKglDfUk61JgKJs.roa
File: pHwc75jRON8PjKglDfUk61JgKJs.roa (raw, json)
Hash identifier: pw001NaJ/oc/lpylr81/uckZ4ZX3Un3+YzTYOzvWN8E=
Subject key identifier: A4:7C:1C:EF:98:D1:38:DF:0F:8C:A8:25:0D:F5:24:EB:52:60:28:9B
Certificate issuer: /CN=d1bd64cc94a4a8518a71f96ef8b77625afa527d1
Certificate serial: 018571830B799564C28C4AFDBD7D0FB23704
Authority key identifier: D1:BD:64:CC:94:A4:A8:51:8A:71:F9:6E:F8:B7:76:25:AF:A5:27:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/pHwc75jRON8PjKglDfUk61JgKJs.roa
Signing time: Mon 02 Jan 2023 08:04:51 +0000
ROA not before: Mon 02 Jan 2023 08:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61386
IP address blocks: 185.167.124.0/22 maxlen: 22
185.167.124.0/24 maxlen: 24
185.167.125.0/24 maxlen: 24
185.167.126.0/24 maxlen: 24
185.167.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:0b:79:95:64:c2:8c:4a:fd:bd:7d:0f:b2:37:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1bd64cc94a4a8518a71f96ef8b77625afa527d1
Validity
Not Before: Jan 2 08:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a47c1cef98d138df0f8ca8250df524eb5260289b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:05:a2:3b:5a:d3:e8:a9:26:8d:dc:dc:19:ec:
75:c0:81:23:e7:cf:ad:4e:0b:33:b1:a0:57:6c:78:
da:13:26:5d:49:28:f1:c0:a7:2f:72:05:70:26:21:
46:de:04:3f:b2:cd:b0:90:a0:8f:34:ed:6c:7c:85:
cf:00:af:6e:90:ea:da:90:66:bc:56:e1:96:d9:34:
12:10:37:eb:5c:20:e8:1c:01:58:25:06:2c:3d:31:
87:5c:04:96:71:48:46:28:0b:3d:78:ae:aa:bf:5d:
b2:27:42:90:69:5f:e5:b6:63:46:27:2d:fb:32:5e:
5e:85:26:93:2f:8b:7e:6e:00:0a:e5:00:7a:69:10:
ed:48:0a:2c:92:60:98:94:ca:91:72:71:bc:af:65:
d0:67:1b:d3:9c:e0:af:2f:03:4a:4f:56:6e:10:b6:
56:7e:fa:52:62:52:45:97:c1:51:b0:5e:9d:4b:f9:
54:76:e4:78:b4:5b:d4:2b:4c:fb:41:45:a3:df:2e:
7a:09:fa:60:f5:d0:53:e8:ae:a8:77:31:cc:ef:30:
3d:2a:4b:74:49:32:8c:3e:0a:8e:42:b0:ff:92:81:
98:2a:13:7f:85:a9:bd:8c:ef:93:03:ce:d5:bf:e1:
67:81:c3:14:38:41:9a:fb:e6:69:25:5f:ab:19:c6:
ec:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:7C:1C:EF:98:D1:38:DF:0F:8C:A8:25:0D:F5:24:EB:52:60:28:9B
X509v3 Authority Key Identifier:
keyid:D1:BD:64:CC:94:A4:A8:51:8A:71:F9:6E:F8:B7:76:25:AF:A5:27:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/pHwc75jRON8PjKglDfUk61JgKJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.124.0/22
Signature Algorithm: sha256WithRSAEncryption
43:97:c5:59:87:19:d1:d3:5d:9d:c8:2f:12:6e:b2:e4:9f:4e:
f0:b8:e5:33:fe:87:33:a2:82:1f:bd:49:74:4e:25:03:7d:d3:
fc:e3:e7:77:38:e0:c6:5c:07:fc:41:ed:47:77:4a:d3:70:9d:
1b:eb:59:6a:5b:dc:9f:77:ad:03:fd:1a:b1:23:05:b3:c5:66:
25:b3:79:05:7d:27:e7:3c:7a:ed:8c:fd:ab:25:02:04:a5:73:
85:64:71:d9:87:dd:98:da:a3:47:61:10:77:f5:87:86:74:ad:
5f:97:a1:25:82:f5:75:4a:e7:91:b6:2f:6b:d3:be:84:06:f6:
ec:65:b6:b8:4c:30:81:63:a1:46:f6:2f:f4:d6:8c:d3:77:fa:
8b:3e:8d:66:95:24:4e:52:73:13:35:cf:1d:79:e6:78:87:58:
36:a6:2b:2e:42:85:a0:e7:af:89:a2:50:e2:c3:73:f8:4e:61:
80:17:ed:e7:18:96:da:cd:6f:c5:32:ea:f1:0f:f6:a1:5f:14:
3d:79:dc:90:ef:20:7b:7d:58:f0:b0:f3:4a:52:3f:7b:cd:f5:
de:81:e1:cd:6e:bc:27:4f:bf:7b:0a:65:56:b3:8d:ee:1a:27:
a1:5f:fa:d6:71:4f:1e:e2:b4:99:c7:f3:6c:d8:29:23:85:8f:
61:d7:78:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgwt5lWTCjEr9vX0PsjcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYmQ2NGNjOTRhNGE4NTE4YTcxZjk2ZWY4Yjc3NjI1YWZh
NTI3ZDEwHhcNMjMwMTAyMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDdjMWNlZjk4ZDEzOGRmMGY4Y2E4MjUwZGY1MjRlYjUyNjAyODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgWiO1rT6KkmjdzcGex1wIEj58+t
TgszsaBXbHjaEyZdSSjxwKcvcgVwJiFG3gQ/ss2wkKCPNO1sfIXPAK9ukOrakGa8
VuGW2TQSEDfrXCDoHAFYJQYsPTGHXASWcUhGKAs9eK6qv12yJ0KQaV/ltmNGJy37
Ml5ehSaTL4t+bgAK5QB6aRDtSAoskmCYlMqRcnG8r2XQZxvTnOCvLwNKT1ZuELZW
fvpSYlJFl8FRsF6dS/lUduR4tFvUK0z7QUWj3y56Cfpg9dBT6K6odzHM7zA9Kkt0
STKMPgqOQrD/koGYKhN/ham9jO+TA87Vv+FngcMUOEGa++ZpJV+rGcbs9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKR8HO+Y0TjfD4yoJQ31JOtSYCibMB8GA1UdIwQY
MBaAFNG9ZMyUpKhRinH5bvi3diWvpSfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGIxa3pKU2txRkdLY2ZsdS1MZDJKYS1sSjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8yZWZhNTAtZjQ4My00YjUzLWIxZTct
MDgyNmYzNmZmMjhmLzEvcEh3Yzc1alJPTjhQaktnbERmVWs2MUpnS0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8yZWZhNTAtZjQ4My00YjUzLWIxZTctMDgyNmYzNmZmMjhm
LzEvMGIxa3pKU2txRkdLY2ZsdS1MZDJKYS1sSjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuad8MA0G
CSqGSIb3DQEBCwUAA4IBAQBDl8VZhxnR012dyC8SbrLkn07wuOUz/oczooIfvUl0
TiUDfdP84+d3OODGXAf8Qe1Hd0rTcJ0b61lqW9yfd60D/RqxIwWzxWYls3kFfSfn
PHrtjP2rJQIEpXOFZHHZh92Y2qNHYRB39YeGdK1fl6ElgvV1SueRti9r076EBvbs
Zba4TDCBY6FG9i/01ozTd/qLPo1mlSROUnMTNc8deeZ4h1g2pisuQoWg56+JolDi
w3P4TmGAF+3nGJbazW/FMurxD/ahXxQ9edyQ7yB7fVjwsPNKUj97zfXegeHNbrwn
T797CmVWs43uGiehX/rWcU8e4rSZx/Ns2CkjhY9h13iu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:07 2025 by rpki-client