Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/sXwh53tYMbyJNu9jaky7lN31Roo.roa
File: sXwh53tYMbyJNu9jaky7lN31Roo.roa (raw, json)
Hash identifier: +BBObQbJYEuqKC8F81dLe5y8RWkEZIh/roK9ASsWW08=
Subject key identifier: B1:7C:21:E7:7B:58:31:BC:89:36:EF:63:6A:4C:BB:94:DD:F5:46:8A
Certificate issuer: /CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Certificate serial: 01856E78B451DB070C233DDAB76C0B86F083
Authority key identifier: A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/sXwh53tYMbyJNu9jaky7lN31Roo.roa
Signing time: Sun 01 Jan 2023 17:54:42 +0000
ROA not before: Sun 01 Jan 2023 17:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205192
IP address blocks: 185.241.139.0/24 maxlen: 24
185.241.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:b4:51:db:07:0c:23:3d:da:b7:6c:0b:86:f0:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Validity
Not Before: Jan 1 17:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b17c21e77b5831bc8936ef636a4cbb94ddf5468a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8d:c8:80:0e:74:c7:90:7b:e8:33:c6:3a:ee:
aa:6f:4d:3d:a5:47:a0:c1:5a:27:73:a4:03:d5:46:
c0:62:82:31:46:ea:5a:03:3a:5b:70:3f:a4:87:e2:
41:4c:67:f7:9f:bd:49:06:43:ea:17:69:2c:a4:1b:
52:83:e3:89:ac:43:00:2f:fb:6e:a6:13:8c:31:62:
62:3c:58:4f:ad:82:dc:75:20:52:90:56:c1:6c:de:
59:db:22:d5:de:4d:18:5c:b5:70:a4:7c:df:e9:7c:
a1:06:eb:98:12:ab:34:2f:4c:17:1e:2f:78:f5:e7:
b7:2d:30:1c:3a:72:73:fe:9d:75:ab:04:77:64:db:
96:00:01:18:87:ed:2e:25:73:4b:60:1d:50:a5:dd:
dc:29:75:01:0e:7e:03:c4:c6:ae:a0:12:dd:ba:29:
d6:e6:df:e6:6f:cc:a2:f6:c5:7f:0d:a1:a8:ce:65:
74:7d:3b:60:f8:c1:33:30:fd:14:57:62:99:26:97:
f2:08:cb:f9:e4:64:1a:bb:7d:99:0e:87:28:84:88:
3c:7f:76:bd:12:b6:74:2f:ca:8a:a6:54:ce:e2:eb:
cb:1d:c7:3b:f7:8e:2e:27:50:33:76:94:7c:bf:8b:
03:8b:f3:62:5d:d7:e5:12:32:67:f6:71:23:f0:9d:
2e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7C:21:E7:7B:58:31:BC:89:36:EF:63:6A:4C:BB:94:DD:F5:46:8A
X509v3 Authority Key Identifier:
keyid:A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/sXwh53tYMbyJNu9jaky7lN31Roo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.138.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:29:35:da:5f:37:74:a9:67:8c:40:69:2e:24:2b:f8:ba:e7:
ee:7c:6d:b6:d9:8b:14:08:eb:eb:3a:1a:47:c0:02:df:58:44:
46:90:4d:44:ed:bf:90:04:5e:a3:b5:b2:b2:68:a6:ff:47:40:
9f:ee:cf:63:09:f7:a5:85:25:dc:cd:4b:cb:96:32:42:35:f3:
a5:34:5b:c0:10:e0:25:79:1d:3c:6d:79:9d:1b:12:89:3a:7b:
0c:0e:97:5f:e3:ee:a8:2b:9d:69:62:cf:d7:48:2f:64:2d:98:
7a:17:08:4a:3d:99:eb:89:35:fc:06:e7:b8:6d:58:b4:91:46:
10:db:18:74:cf:6f:67:7a:21:7e:bd:b9:76:fa:c7:df:58:47:
73:dc:f4:3d:09:a9:01:c6:d8:98:5f:34:03:96:bd:29:89:d9:
fd:dc:18:d3:c5:e0:d9:5a:3f:1e:8d:23:a2:3c:ac:bc:6f:b3:
b0:6f:df:5d:40:6b:92:7c:32:de:07:db:5e:7e:f0:37:a6:99:
64:bc:d7:27:86:f7:aa:01:00:ea:ce:f3:77:e8:94:59:39:b6:
d4:fc:5c:ca:6d:8f:26:79:4f:35:c2:1b:57:ce:d5:a2:90:13:
8a:54:1a:88:bf:18:03:d2:76:ab:de:f5:57:33:2a:83:d4:8c:
06:a6:2c:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueLRR2wcMIz3at2wLhvCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTIxNjFkN2YwMWZhNmZkMDg0MmMyMTEwODA2MzNmM2Vk
MzZiYTUwHhcNMjMwMTAxMTc1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTdjMjFlNzdiNTgzMWJjODkzNmVmNjM2YTRjYmI5NGRkZjU0NjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo3IgA50x5B76DPGOu6qb009pUeg
wVonc6QD1UbAYoIxRupaAzpbcD+kh+JBTGf3n71JBkPqF2kspBtSg+OJrEMAL/tu
phOMMWJiPFhPrYLcdSBSkFbBbN5Z2yLV3k0YXLVwpHzf6XyhBuuYEqs0L0wXHi94
9ee3LTAcOnJz/p11qwR3ZNuWAAEYh+0uJXNLYB1Qpd3cKXUBDn4DxMauoBLduinW
5t/mb8yi9sV/DaGozmV0fTtg+MEzMP0UV2KZJpfyCMv55GQau32ZDocohIg8f3a9
ErZ0L8qKplTO4uvLHcc7944uJ1AzdpR8v4sDi/NiXdflEjJn9nEj8J0upQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLF8Ied7WDG8iTbvY2pMu5Td9UaKMB8GA1UdIwQY
MBaAFKPiFh1/Afpv0IQsIRCAYz8+02ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEt
N2UwMzQwZWM5NjY3LzEvc1h3aDUzdFlNYnlKTnU5amFreTdsTjMxUm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEtN2UwMzQwZWM5NjY3
LzEvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufGKMA0G
CSqGSIb3DQEBCwUAA4IBAQALKTXaXzd0qWeMQGkuJCv4uufufG222YsUCOvrOhpH
wALfWERGkE1E7b+QBF6jtbKyaKb/R0Cf7s9jCfelhSXczUvLljJCNfOlNFvAEOAl
eR08bXmdGxKJOnsMDpdf4+6oK51pYs/XSC9kLZh6FwhKPZnriTX8Bue4bVi0kUYQ
2xh0z29neiF+vbl2+sffWEdz3PQ9CakBxtiYXzQDlr0pidn93BjTxeDZWj8ejSOi
PKy8b7Owb99dQGuSfDLeB9tefvA3pplkvNcnhveqAQDqzvN36JRZObbU/FzKbY8m
eU81whtXztWikBOKVBqIvxgD0nar3vVXMyqD1IwGpizD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:37 2025 by rpki-client