Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IPooZS3lColGHXaJ9k14vUtc8s4.roa
File: IPooZS3lColGHXaJ9k14vUtc8s4.roa (raw, json)
Hash identifier: 78qesFiWgcQ3RCD3SW92Kim9P8QUldGWIlHcqigLmJQ=
Subject key identifier: 20:FA:28:65:2D:E5:0A:89:46:1D:76:89:F6:4D:78:BD:4B:5C:F2:CE
Certificate issuer: /CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Certificate serial: 01856F42CD1591829174D9E8A32844394B04
Authority key identifier: 23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IPooZS3lColGHXaJ9k14vUtc8s4.roa
Signing time: Sun 01 Jan 2023 21:35:26 +0000
ROA not before: Sun 01 Jan 2023 21:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31027
IP address blocks: 185.203.233.0/24 maxlen: 24
185.203.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:cd:15:91:82:91:74:d9:e8:a3:28:44:39:4b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Validity
Not Before: Jan 1 21:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20fa28652de50a89461d7689f64d78bd4b5cf2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cd:22:84:1b:ad:13:4c:02:65:73:40:75:4d:
25:1d:e6:cc:ad:ef:37:8f:df:61:22:75:83:2a:c0:
2b:c5:cc:e4:b3:d9:47:d7:9f:ba:a0:7d:c1:94:f8:
03:41:0b:ec:49:f8:40:8b:49:b3:af:c5:d0:c5:0e:
6c:95:23:d2:e5:f2:33:95:07:f0:e9:02:e1:87:a6:
88:98:08:aa:6e:b6:4d:ef:67:45:63:29:44:28:ad:
cd:aa:f9:96:e0:bb:11:1f:60:8d:5d:0a:f6:17:06:
9b:e1:3d:a3:49:f8:7c:d6:55:e5:e3:23:8c:58:fb:
bb:3f:98:7b:a2:14:70:0e:3c:03:cf:3f:7a:3b:ff:
9d:6f:89:2a:07:85:54:56:27:01:43:5e:e5:9d:e9:
79:4f:3d:32:11:b5:bc:5a:d7:15:f6:e5:ca:89:c3:
40:57:7e:b0:77:08:77:12:f8:d4:52:50:6b:15:f7:
fb:4d:ea:30:4c:15:8e:ac:42:89:66:d6:50:8c:7a:
39:20:b3:24:1e:df:15:7a:08:0b:bb:89:df:a4:a1:
fb:7c:b2:7b:e6:3b:73:c5:2e:59:27:52:01:25:16:
67:63:27:bc:5c:d8:e5:a2:a8:9a:2e:9e:28:55:e2:
56:71:07:13:a9:40:d2:84:f4:d9:eb:5e:14:57:64:
7c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FA:28:65:2D:E5:0A:89:46:1D:76:89:F6:4D:78:BD:4B:5C:F2:CE
X509v3 Authority Key Identifier:
keyid:23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IPooZS3lColGHXaJ9k14vUtc8s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.233.0-185.203.234.255
Signature Algorithm: sha256WithRSAEncryption
4c:97:39:51:77:cb:1f:f6:04:b8:71:87:8a:e9:be:15:b6:47:
e6:0a:a5:99:be:52:24:a1:54:02:c3:fd:29:41:a1:38:a2:a7:
a3:54:c5:cf:65:13:34:4d:7f:ca:41:8e:7b:86:7e:2b:fa:c2:
ab:a0:4f:d4:20:fb:ba:d8:4f:89:67:5c:4b:f2:dd:79:94:a1:
a1:8e:86:45:e1:4d:88:7f:6f:b4:62:24:32:1f:fb:92:cc:0d:
e4:96:ac:4f:1d:f2:d5:dd:11:6f:9f:02:08:4f:2d:e7:25:38:
0d:62:d3:f6:7d:27:78:0f:f0:e7:01:e5:c3:db:8f:94:89:5a:
96:e9:98:33:c7:2d:c8:da:ec:dc:b0:7c:58:f9:fd:ba:23:ac:
50:93:32:95:2c:19:0e:d9:29:51:3e:24:6a:75:ca:13:22:18:
0b:74:98:17:e6:d3:16:7f:b6:a5:dc:a6:c4:ae:81:d4:d4:c3:
21:6d:f6:02:6a:fc:46:29:24:66:9a:9c:ec:28:3d:ce:c9:76:
95:0d:a0:d0:3d:59:af:b1:b2:ad:e5:19:b9:00:61:2b:51:cc:
47:d2:ea:1a:7c:23:10:62:b5:aa:33:23:fb:cb:71:34:18:a6:
5b:b0:e4:3b:09:97:a3:27:f8:e9:93:22:45:33:37:13:d9:c0:
df:ef:97:7a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvQs0VkYKRdNnooyhEOUsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzBlMjYwNjA5MTNjNzU4MTM3NDg4YmZkN2FiMWJmZTll
MTBhZTIwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGZhMjg2NTJkZTUwYTg5NDYxZDc2ODlmNjRkNzhiZDRiNWNmMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi80ihButE0wCZXNAdU0lHebMre83
j99hInWDKsArxczks9lH15+6oH3BlPgDQQvsSfhAi0mzr8XQxQ5slSPS5fIzlQfw
6QLhh6aImAiqbrZN72dFYylEKK3NqvmW4LsRH2CNXQr2Fwab4T2jSfh81lXl4yOM
WPu7P5h7ohRwDjwDzz96O/+db4kqB4VUVicBQ17lnel5Tz0yEbW8WtcV9uXKicNA
V36wdwh3EvjUUlBrFff7TeowTBWOrEKJZtZQjHo5ILMkHt8VeggLu4nfpKH7fLJ7
5jtzxS5ZJ1IBJRZnYye8XNjloqiaLp4oVeJWcQcTqUDShPTZ614UV2R8+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCD6KGUt5QqJRh12ifZNeL1LXPLOMB8GA1UdIwQY
MBaAFCMw4mBgkTx1gTdIi/16sb/p4QriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0Yjkt
NzA2NzgyY2ZhMDNiLzEvSVBvb1pTM2xDb2xHSFhhSjlrMTR2VXRjOHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0YjktNzA2NzgyY2ZhMDNi
LzEvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5y+kD
BAC5y+owDQYJKoZIhvcNAQELBQADggEBAEyXOVF3yx/2BLhxh4rpvhW2R+YKpZm+
UiShVALD/SlBoTiip6NUxc9lEzRNf8pBjnuGfiv6wqugT9Qg+7rYT4lnXEvy3XmU
oaGOhkXhTYh/b7RiJDIf+5LMDeSWrE8d8tXdEW+fAghPLeclOA1i0/Z9J3gP8OcB
5cPbj5SJWpbpmDPHLcja7NywfFj5/bojrFCTMpUsGQ7ZKVE+JGp1yhMiGAt0mBfm
0xZ/tqXcpsSugdTUwyFt9gJq/EYpJGaanOwoPc7JdpUNoNA9Wa+xsq3lGbkAYStR
zEfS6hp8IxBitaozI/vLcTQYpluw5DsJl6Mn+OmTIkUzNxPZwN/vl3o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:10 2025 by rpki-client