Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/eFwFHOhtTFLfOvKI_Wwlxh-0Tt0.roa
File: eFwFHOhtTFLfOvKI_Wwlxh-0Tt0.roa (raw, json)
Hash identifier: EQrZomnZNzHzjb6FY+f4tXKlgOzqiHHbXYrS+2Vcdnw=
Subject key identifier: 78:5C:05:1C:E8:6D:4C:52:DF:3A:F2:88:FD:6C:25:C6:1F:B4:4E:DD
Certificate issuer: /CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Certificate serial: 0C9D3BFE
Authority key identifier: 06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/eFwFHOhtTFLfOvKI_Wwlxh-0Tt0.roa
Signing time: Sat 01 Jan 2022 16:05:51 +0000
ROA not before: Sat 01 Jan 2022 16:05:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60929
IP address blocks: 185.23.152.0/22 maxlen: 22
185.23.152.0/24 maxlen: 24
185.23.154.0/24 maxlen: 24
185.23.155.0/24 maxlen: 24
185.23.153.0/24 maxlen: 24
2a00:6e20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211631102 (0xc9d3bfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Validity
Not Before: Jan 1 16:05:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=785c051ce86d4c52df3af288fd6c25c61fb44edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f6:a0:54:ec:fb:01:6f:a9:03:8c:f9:05:8e:
df:0f:21:8d:22:f3:70:88:0b:a1:52:86:94:90:d7:
46:24:4e:57:67:f6:ae:8e:28:1b:5f:bb:9e:6f:7b:
65:d0:07:1e:4c:ba:f2:91:28:d3:2c:5c:f5:2e:d9:
48:d6:26:88:e6:c1:fb:de:08:f9:87:d8:64:5c:34:
a6:f3:b8:de:0a:20:cd:ce:65:df:46:d6:e1:54:65:
80:39:25:0e:be:73:0b:48:ac:80:42:dc:ab:54:a1:
a6:4f:ca:fb:06:9b:eb:43:1f:96:89:1a:c6:3d:e1:
27:c0:e5:d8:5a:25:d5:48:ba:5f:a0:7b:78:9b:98:
6d:b2:e3:1c:df:77:b5:c1:ac:c9:56:2f:5f:ac:13:
32:e9:1f:46:12:9d:4a:61:38:da:bc:79:75:76:a7:
19:f7:e4:d5:22:d9:7f:1e:05:d6:9f:73:6c:82:a3:
77:5b:92:e5:19:96:63:af:ce:c5:eb:04:2e:d4:0e:
85:90:45:d5:f8:4d:d4:85:fa:71:61:66:3a:78:fb:
23:be:74:1a:39:ab:3f:c0:ba:8e:ff:0f:f3:61:6a:
d4:69:a5:a3:dd:23:1d:b4:6c:17:2c:b8:46:a7:8e:
05:29:49:c8:7f:15:e0:68:56:60:d3:3c:38:79:fd:
81:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5C:05:1C:E8:6D:4C:52:DF:3A:F2:88:FD:6C:25:C6:1F:B4:4E:DD
X509v3 Authority Key Identifier:
keyid:06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/eFwFHOhtTFLfOvKI_Wwlxh-0Tt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.152.0/22
IPv6:
2a00:6e20::/32
Signature Algorithm: sha256WithRSAEncryption
55:67:bb:30:0a:c8:81:47:bf:5d:27:d3:71:87:ba:90:db:51:
72:15:f3:ee:93:a1:f8:6e:b0:ee:88:cf:8a:aa:67:5c:20:5d:
e3:90:8c:60:7f:56:6d:3d:34:fa:9b:92:28:cd:61:37:d6:70:
7c:8b:4b:70:45:98:2c:4b:33:93:8e:60:20:44:35:2e:ec:79:
3e:b2:e7:6f:7e:9c:f8:b6:a6:bc:6e:4f:85:31:78:35:7c:f7:
9f:45:a0:63:04:44:3d:b4:80:5a:41:ce:14:5a:1c:22:1a:aa:
f8:cd:ab:8e:b7:f7:cd:78:d6:b4:7b:ef:38:60:18:3f:c2:95:
14:f5:47:a4:cc:d5:1e:2a:d9:84:e7:c9:a5:be:dc:f9:32:bd:
6a:88:d0:83:ae:7d:a6:68:61:77:77:50:90:6f:c5:bc:c2:9a:
11:27:ce:a2:e8:2f:b7:a3:76:c1:4e:f5:bb:44:8f:97:58:53:
8a:9c:14:97:50:a2:9a:8f:99:74:67:b0:b4:f9:2d:1d:3d:86:
49:05:11:db:a2:ed:a8:71:67:cd:45:a1:99:49:34:dc:be:d3:
7c:6f:06:51:d1:47:c4:ee:ce:5d:4d:83:d9:8b:c2:06:20:14:
e2:82:c5:0f:52:71:71:a1:94:96:ea:55:c0:a9:70:6d:06:d2:
76:6b:14:e2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDJ07/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NmJkMzBhYzM1NjFhMWRmN2ZjNmIyOTZiZjlkMjlkZDU1ODFmMWVlMB4XDTIyMDEw
MTE2MDU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg1YzA1MWNlODZk
NGM1MmRmM2FmMjg4ZmQ2YzI1YzYxZmI0NGVkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKP2oFTs+wFvqQOM+QWO3w8hjSLzcIgLoVKGlJDXRiROV2f2
ro4oG1+7nm97ZdAHHky68pEo0yxc9S7ZSNYmiObB+94I+YfYZFw0pvO43gogzc5l
30bW4VRlgDklDr5zC0isgELcq1Shpk/K+wab60Mflokaxj3hJ8Dl2Fol1Ui6X6B7
eJuYbbLjHN93tcGsyVYvX6wTMukfRhKdSmE42rx5dXanGffk1SLZfx4F1p9zbIKj
d1uS5RmWY6/OxesELtQOhZBF1fhN1IX6cWFmOnj7I750GjmrP8C6jv8P82Fq1Gml
o90jHbRsFyy4RqeOBSlJyH8V4GhWYNM8OHn9gSECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR4XAUc6G1MUt868oj9bCXGH7RO3TAfBgNVHSMEGDAWgBQGvTCsNWGh33/G
spa/nSndVYHx7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JyMHdyRFZob2Q5X3hyS1d2NTBwM1ZXQjhlNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvYTAxYWI1LTgzYzAtNGUxOS05MDkzLTc5MTc1YjE1MWE1Mi8x
L2VGd0ZIT2h0VEZMZk92S0lfV3dseGgtMFR0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
YTAxYWI1LTgzYzAtNGUxOS05MDkzLTc5MTc1YjE1MWE1Mi8xL0JyMHdyRFZob2Q5
X3hyS1d2NTBwM1ZXQjhlNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkXmDANBAIAAjAHAwUAKgBuIDAN
BgkqhkiG9w0BAQsFAAOCAQEAVWe7MArIgUe/XSfTcYe6kNtRchXz7pOh+G6w7ojP
iqpnXCBd45CMYH9WbT00+puSKM1hN9ZwfItLcEWYLEszk45gIEQ1Lux5PrLnb36c
+LamvG5PhTF4NXz3n0WgYwREPbSAWkHOFFocIhqq+M2rjrf3zXjWtHvvOGAYP8KV
FPVHpMzVHirZhOfJpb7c+TK9aojQg659pmhhd3dQkG/FvMKaESfOougvt6N2wU71
u0SPl1hTipwUl1Cimo+ZdGewtPktHT2GSQUR26LtqHFnzUWhmUk03L7TfG8GUdFH
xO7OXU2D2YvCBiAU4oLFD1JxcaGUlupVwKlwbQbSdmsU4g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:23 2025 by rpki-client