Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/pb1OLes5xQjP6UgV9VqtzTCFq6c.roa
File: pb1OLes5xQjP6UgV9VqtzTCFq6c.roa (raw, json)
Hash identifier: e3VZaKVdykRqZeuyCy2bqWA5OIhah20lMfcrgIjavlk=
Subject key identifier: A5:BD:4E:2D:EB:39:C5:08:CF:E9:48:15:F5:5A:AD:CD:30:85:AB:A7
Certificate issuer: /CN=262341b433e1f8fcb796322d2fd926409396e7ad
Certificate serial: 0185708CBCF98782012F2AF5FF374EBC9EC3
Authority key identifier: 26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/pb1OLes5xQjP6UgV9VqtzTCFq6c.roa
Signing time: Mon 02 Jan 2023 03:35:49 +0000
ROA not before: Mon 02 Jan 2023 03:35:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57030
IP address blocks: 185.66.0.0/22 maxlen: 22
176.62.200.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:bc:f9:87:82:01:2f:2a:f5:ff:37:4e:bc:9e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=262341b433e1f8fcb796322d2fd926409396e7ad
Validity
Not Before: Jan 2 03:35:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5bd4e2deb39c508cfe94815f55aadcd3085aba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2f:e6:3a:79:70:75:b8:d4:72:96:9e:c0:92:
45:e7:c4:38:79:1e:35:15:77:78:cf:76:18:16:98:
51:26:1e:6d:f8:af:81:ec:67:c1:f7:bb:7f:3b:7e:
11:6b:26:09:7c:76:11:7a:70:07:16:2d:c7:11:00:
3f:a7:1e:14:e5:e6:09:e2:2a:ae:f0:e5:e8:2a:25:
b1:67:1a:02:9a:13:a0:f5:3d:47:27:ea:a8:b1:bc:
ea:41:0d:e1:53:7a:15:e1:bd:50:3d:3e:7c:2a:1e:
b1:3c:5b:a1:2b:9a:b7:67:b6:a6:d0:03:79:c1:3c:
89:c8:be:9f:a4:41:21:c4:0a:5e:7c:89:34:79:33:
ce:9d:21:38:20:42:0a:87:70:b4:32:c7:8c:4e:6b:
f6:43:e8:8a:f0:51:6b:39:cf:74:37:65:86:fc:cc:
b7:94:c1:8b:44:9f:9f:b9:cc:38:75:dd:ad:5f:2f:
1a:ce:53:cf:81:db:ed:00:51:f3:d6:b0:cb:60:0d:
8c:3d:ed:94:29:29:26:a0:0b:d9:1e:00:a9:ed:50:
ea:5c:57:c3:e9:72:19:5b:f9:9c:a2:9a:b3:43:b9:
73:8a:08:b6:c0:b3:f3:2e:11:51:c8:db:bd:a6:42:
a7:81:7a:c1:87:c0:c9:75:e1:bc:85:1c:2e:46:19:
a1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BD:4E:2D:EB:39:C5:08:CF:E9:48:15:F5:5A:AD:CD:30:85:AB:A7
X509v3 Authority Key Identifier:
keyid:26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/pb1OLes5xQjP6UgV9VqtzTCFq6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/JiNBtDPh-Py3ljItL9kmQJOW560.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.200.0/21
185.66.0.0/22
Signature Algorithm: sha256WithRSAEncryption
22:10:75:43:26:dc:dc:bb:9f:04:fa:02:43:b2:b7:8c:44:4e:
a9:17:ba:6a:22:10:f2:46:08:4c:4f:a3:e9:fa:d4:e5:a2:a8:
39:e8:cb:d6:15:4f:4f:97:18:68:e8:f5:dc:71:4d:40:98:12:
24:aa:1b:e9:67:5a:5e:55:8d:66:df:0e:49:c0:c6:5d:0e:98:
7f:1d:b5:f8:d6:c7:2d:21:ea:f1:72:92:e7:02:d6:f7:0e:40:
7d:6e:ff:a1:da:ec:c6:d5:ff:c0:55:45:ec:56:6b:60:84:4d:
bc:40:03:a7:74:ee:bb:d5:e4:52:5e:30:ff:6f:b3:2a:b3:f9:
2f:3b:f8:65:79:8b:d3:3f:43:86:f4:79:5a:9c:d3:15:80:6a:
70:69:da:ec:b7:71:5e:2c:e4:24:16:55:80:75:dc:c3:58:3c:
22:2b:d6:49:6f:c4:f3:32:3c:64:b3:e1:e8:18:86:6f:f6:e8:
d0:66:ce:cd:47:b0:51:85:d4:4b:95:d7:62:15:76:8b:e8:40:
41:6e:e6:e3:f1:0e:ac:6d:0c:ba:28:14:6d:1f:62:e3:a9:af:
34:e6:da:ff:7b:95:c5:b9:26:2b:2e:70:3c:c5:7d:5a:ac:20:
ed:0a:a9:90:fd:fa:22:27:ca:bf:39:1c:b3:66:f5:3b:c2:a3:
c2:5f:fc:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwjLz5h4IBLyr1/zdOvJ7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MjM0MWI0MzNlMWY4ZmNiNzk2MzIyZDJmZDkyNjQwOTM5
NmU3YWQwHhcNMjMwMTAyMDMzNTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJkNGUyZGViMzljNTA4Y2ZlOTQ4MTVmNTVhYWRjZDMwODVhYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi/mOnlwdbjUcpaewJJF58Q4eR41
FXd4z3YYFphRJh5t+K+B7GfB97t/O34RayYJfHYRenAHFi3HEQA/px4U5eYJ4iqu
8OXoKiWxZxoCmhOg9T1HJ+qosbzqQQ3hU3oV4b1QPT58Kh6xPFuhK5q3Z7am0AN5
wTyJyL6fpEEhxApefIk0eTPOnSE4IEIKh3C0MseMTmv2Q+iK8FFrOc90N2WG/My3
lMGLRJ+fucw4dd2tXy8azlPPgdvtAFHz1rDLYA2MPe2UKSkmoAvZHgCp7VDqXFfD
6XIZW/mcopqzQ7lzigi2wLPzLhFRyNu9pkKngXrBh8DJdeG8hRwuRhmhJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKW9Ti3rOcUIz+lIFfVarc0whaunMB8GA1UdIwQY
MBaAFCYjQbQz4fj8t5YyLS/ZJkCTluetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTct
OTgyODJjODlmNTE2LzEvcGIxT0xlczV4UWpQNlVnVjlWcXR6VENGcTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTctOTgyODJjODlmNTE2
LzEvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsD7IAwQC
uUIAMA0GCSqGSIb3DQEBCwUAA4IBAQAiEHVDJtzcu58E+gJDsreMRE6pF7pqIhDy
RghMT6Pp+tTloqg56MvWFU9Plxho6PXccU1AmBIkqhvpZ1peVY1m3w5JwMZdDph/
HbX41sctIerxcpLnAtb3DkB9bv+h2uzG1f/AVUXsVmtghE28QAOndO671eRSXjD/
b7Mqs/kvO/hleYvTP0OG9HlanNMVgGpwadrst3FeLOQkFlWAddzDWDwiK9ZJb8Tz
Mjxks+HoGIZv9ujQZs7NR7BRhdRLlddiFXaL6EBBbubj8Q6sbQy6KBRtH2Ljqa80
5tr/e5XFuSYrLnA8xX1arCDtCqmQ/foiJ8q/ORyzZvU7wqPCX/wp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:21 2025 by rpki-client