Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/puIqLdRfJeNVIC-FAw2aLiwDKGI.roa
File: puIqLdRfJeNVIC-FAw2aLiwDKGI.roa (raw, json)
Hash identifier: 11JfBcYKOoGpJI5i2fvyTM5PU63kRyJ2WExTNWBlx9o=
Subject key identifier: A6:E2:2A:2D:D4:5F:25:E3:55:20:2F:85:03:0D:9A:2E:2C:03:28:62
Certificate issuer: /CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Certificate serial: 0182E9783741814E73E075A6D7EA195CC92A
Authority key identifier: 23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/puIqLdRfJeNVIC-FAw2aLiwDKGI.roa
Signing time: Mon 29 Aug 2022 11:59:05 +0000
ROA not before: Mon 29 Aug 2022 11:59:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31027
IP address blocks: 185.203.233.0/24 maxlen: 24
185.203.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e9:78:37:41:81:4e:73:e0:75:a6:d7:ea:19:5c:c9:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Validity
Not Before: Aug 29 11:59:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6e22a2dd45f25e355202f85030d9a2e2c032862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:53:c5:6c:b6:ae:30:bb:4c:c1:bb:75:90:c5:
ab:f8:bd:72:a1:dd:84:91:c1:cf:68:a9:77:5a:cb:
07:4b:13:6c:ae:46:5c:dc:15:6c:e4:26:ff:9a:69:
01:b8:07:da:ae:8e:da:d9:20:24:b7:33:c1:5b:d5:
3d:6f:54:86:aa:82:20:45:91:0b:62:74:86:f6:59:
d2:72:43:30:25:45:b9:7c:95:39:d9:91:04:fd:a2:
31:1b:38:1d:cf:ae:0a:12:96:b6:6e:ef:e4:54:0a:
b6:07:86:8e:b6:44:3c:8e:3a:57:13:38:b1:6e:0e:
58:78:1a:2f:a0:e8:cc:c8:25:7d:53:3c:06:74:17:
cf:99:a5:da:a7:39:13:76:c9:28:5b:64:8b:11:cf:
30:bb:d9:51:07:6e:23:91:5b:3c:fa:f7:16:a7:b0:
9c:09:47:50:3b:6b:12:a1:58:42:1e:17:62:95:84:
c6:d9:cf:c0:0b:4f:b3:a9:97:83:6e:27:03:cf:73:
e5:72:1b:ca:05:af:45:2e:cc:d2:f1:aa:48:ed:a9:
cd:a8:66:c6:e5:90:21:c3:40:9d:66:1c:3d:9b:25:
9b:33:66:d0:9c:ef:f3:e8:93:06:16:c6:8d:31:a4:
03:d4:53:6a:2b:a3:c0:62:eb:d2:aa:b7:0a:f0:1d:
85:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E2:2A:2D:D4:5F:25:E3:55:20:2F:85:03:0D:9A:2E:2C:03:28:62
X509v3 Authority Key Identifier:
keyid:23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/puIqLdRfJeNVIC-FAw2aLiwDKGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.233.0-185.203.234.255
Signature Algorithm: sha256WithRSAEncryption
1d:2c:ab:a4:f2:09:da:9c:4e:16:32:36:8f:92:5c:94:5c:57:
20:51:28:c1:ea:44:d3:02:2d:b1:db:e2:ca:bd:7a:1d:89:51:
78:6d:f9:55:bc:13:05:c8:4c:1a:6f:89:f5:c2:5d:0c:34:e2:
2e:6a:79:df:77:93:36:a7:f2:15:b8:ed:f6:46:f0:67:33:97:
2d:d5:43:77:d0:42:06:91:3c:00:47:af:4d:65:63:f4:c7:76:
e7:f4:da:c2:6e:64:5a:49:93:65:f4:9c:69:c4:1b:0b:bc:eb:
da:aa:2f:f0:d8:68:61:ef:9d:36:af:94:5c:69:b7:68:d6:2d:
88:3e:0c:cf:5c:6e:a8:04:4a:f3:03:6d:d0:a1:ac:1b:f1:65:
c8:f4:d2:db:48:dc:ec:96:7d:66:81:23:32:ff:d5:f6:4d:3d:
c2:26:8f:6e:9c:b4:6e:d5:9e:63:15:18:d5:62:f1:55:f3:5e:
61:bd:cd:f7:82:a6:b0:0b:a3:c4:9f:30:0b:20:e1:e0:e0:9a:
cc:4a:c4:8d:0e:70:b5:32:ac:d6:4d:82:e9:e3:4a:c4:94:42:
96:97:49:6b:90:ea:e0:aa:e5:09:76:da:86:2b:eb:ef:4d:5a:
d8:6a:7a:2c:1d:e7:9f:52:ca:34:4e:65:92:ab:34:41:49:e4:
9f:59:37:89
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYLpeDdBgU5z4HWm1+oZXMkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzBlMjYwNjA5MTNjNzU4MTM3NDg4YmZkN2FiMWJmZTll
MTBhZTIwHhcNMjIwODI5MTE1OTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmUyMmEyZGQ0NWYyNWUzNTUyMDJmODUwMzBkOWEyZTJjMDMyODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolPFbLauMLtMwbt1kMWr+L1yod2E
kcHPaKl3WssHSxNsrkZc3BVs5Cb/mmkBuAfaro7a2SAktzPBW9U9b1SGqoIgRZEL
YnSG9lnSckMwJUW5fJU52ZEE/aIxGzgdz64KEpa2bu/kVAq2B4aOtkQ8jjpXEzix
bg5YeBovoOjMyCV9UzwGdBfPmaXapzkTdskoW2SLEc8wu9lRB24jkVs8+vcWp7Cc
CUdQO2sSoVhCHhdilYTG2c/AC0+zqZeDbicDz3PlchvKBa9FLszS8apI7anNqGbG
5ZAhw0CdZhw9myWbM2bQnO/z6JMGFsaNMaQD1FNqK6PAYuvSqrcK8B2FJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKbiKi3UXyXjVSAvhQMNmi4sAyhiMB8GA1UdIwQY
MBaAFCMw4mBgkTx1gTdIi/16sb/p4QriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0Yjkt
NzA2NzgyY2ZhMDNiLzEvcHVJcUxkUmZKZU5WSUMtRkF3MmFMaXdES0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0YjktNzA2NzgyY2ZhMDNi
LzEvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5y+kD
BAC5y+owDQYJKoZIhvcNAQELBQADggEBAB0sq6TyCdqcThYyNo+SXJRcVyBRKMHq
RNMCLbHb4sq9eh2JUXht+VW8EwXITBpvifXCXQw04i5qed93kzan8hW47fZG8Gcz
ly3VQ3fQQgaRPABHr01lY/THduf02sJuZFpJk2X0nGnEGwu869qqL/DYaGHvnTav
lFxpt2jWLYg+DM9cbqgESvMDbdChrBvxZcj00ttI3OyWfWaBIzL/1fZNPcImj26c
tG7VnmMVGNVi8VXzXmG9zfeCprALo8SfMAsg4eDgmsxKxI0OcLUyrNZNgunjSsSU
QpaXSWuQ6uCq5Ql22oYr6+9NWthqeiwd559SyjROZZKrNEFJ5J9ZN4k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:56 2025 by rpki-client