Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/IxSXKPpMkiAwvjOEzegptDDeT-E.roa
File: IxSXKPpMkiAwvjOEzegptDDeT-E.roa (raw, json)
Hash identifier: /d0F2l+HMY1EaBXMKlRL3PJweVOg+dgtdqcRiSm8GLA=
Subject key identifier: 23:14:97:28:FA:4C:92:20:30:BE:33:84:CD:E8:29:B4:30:DE:4F:E1
Certificate issuer: /CN=77328f3213ea26144eccba90cd5d8344821faf3b
Certificate serial: 01856E5D47DD81698840D0CBF9ADA31E0A93
Authority key identifier: 77:32:8F:32:13:EA:26:14:4E:CC:BA:90:CD:5D:83:44:82:1F:AF:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzKPMhPqJhROzLqQzV2DRIIfrzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/IxSXKPpMkiAwvjOEzegptDDeT-E.roa
Signing time: Sun 01 Jan 2023 17:24:44 +0000
ROA not before: Sun 01 Jan 2023 17:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204342
IP address blocks: 185.251.164.0/22 maxlen: 22
185.251.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:47:dd:81:69:88:40:d0:cb:f9:ad:a3:1e:0a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77328f3213ea26144eccba90cd5d8344821faf3b
Validity
Not Before: Jan 1 17:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23149728fa4c922030be3384cde829b430de4fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:52:ac:96:4c:d0:b8:0d:5b:ce:70:cf:91:31:
70:e1:69:23:c5:34:3f:99:4a:58:c8:93:04:b6:32:
21:90:d6:23:6d:a9:bf:7c:59:59:24:1c:f8:db:59:
97:42:29:db:4e:d5:ae:de:40:4a:3d:78:ed:11:73:
51:45:4a:30:7f:fa:12:be:9e:d1:7f:ea:ab:5e:0f:
80:8b:4e:9f:80:24:d7:a1:fc:40:2b:59:00:c4:68:
13:6b:c8:6b:fc:fb:e5:04:de:85:60:1d:6b:9a:48:
45:dc:74:1f:cf:8f:26:e4:9e:af:41:7f:d0:df:be:
69:43:11:aa:06:56:89:1f:80:09:09:31:24:c8:9f:
37:74:1b:a6:53:34:f0:e4:15:99:13:e4:84:7f:73:
bf:95:85:05:c5:3c:49:04:8a:3e:c9:45:24:42:9b:
6d:3d:01:d2:39:d7:88:b3:a3:1b:56:01:f5:2b:bb:
48:52:2d:74:2d:74:80:75:fb:07:7e:d1:6e:00:86:
ac:94:3d:6c:7c:b2:a4:e8:be:11:dc:38:c5:8c:51:
16:5a:91:15:55:5a:75:de:58:b2:c5:90:65:67:b0:
6a:63:e8:04:4e:8d:d6:4f:f9:69:87:eb:e3:37:cf:
1d:30:15:78:14:94:42:27:5c:0f:82:85:f0:0f:d8:
02:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:14:97:28:FA:4C:92:20:30:BE:33:84:CD:E8:29:B4:30:DE:4F:E1
X509v3 Authority Key Identifier:
keyid:77:32:8F:32:13:EA:26:14:4E:CC:BA:90:CD:5D:83:44:82:1F:AF:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzKPMhPqJhROzLqQzV2DRIIfrzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/IxSXKPpMkiAwvjOEzegptDDeT-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/dzKPMhPqJhROzLqQzV2DRIIfrzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.164.0/22
185.251.184.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:56:00:d0:01:21:28:c9:dd:7d:81:9f:6f:d5:fa:79:af:d2:
1a:22:70:e4:44:5d:ab:44:ed:11:02:a4:e6:ab:1b:ca:dc:f5:
68:a2:4e:f2:96:83:01:de:15:e4:24:81:c4:1b:5a:06:4d:3c:
cf:4d:32:9a:84:a6:eb:03:1d:19:e7:88:05:0f:bd:f5:4d:b2:
06:8f:e9:18:fe:7a:60:2e:9f:0b:cb:b4:82:59:7c:2d:01:59:
b2:14:2f:0b:d6:73:7d:b3:e4:34:35:d7:55:f9:4f:a6:71:66:
b4:a3:be:6c:be:4a:2e:88:82:3d:1d:11:a0:a1:a3:e2:d1:5a:
2b:cb:69:95:1e:c8:6c:4c:03:d9:78:02:b4:a6:ad:4d:a9:e9:
d9:36:bf:db:51:4c:51:26:d5:ab:ec:05:05:22:bb:e7:8a:30:
01:b1:e0:66:64:ab:84:62:65:9c:9b:b0:bb:94:0f:54:d4:d8:
95:bc:02:8c:c4:33:20:1d:2b:fb:32:cd:df:00:78:34:b2:f3:
95:46:d3:38:a9:b2:c4:f8:22:53:95:12:2e:e0:d0:c0:6e:dc:
7f:5b:67:00:23:31:7f:d6:42:6b:ed:70:ef:9c:fb:bd:92:e3:
a6:88:eb:b2:93:a5:54:35:82:b6:d1:99:71:78:76:c0:b1:57:
10:8e:45:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuXUfdgWmIQNDL+a2jHgqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzI4ZjMyMTNlYTI2MTQ0ZWNjYmE5MGNkNWQ4MzQ0ODIx
ZmFmM2IwHhcNMjMwMTAxMTcyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzE0OTcyOGZhNGM5MjIwMzBiZTMzODRjZGU4MjliNDMwZGU0ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1KslkzQuA1bznDPkTFw4WkjxTQ/
mUpYyJMEtjIhkNYjbam/fFlZJBz421mXQinbTtWu3kBKPXjtEXNRRUowf/oSvp7R
f+qrXg+Ai06fgCTXofxAK1kAxGgTa8hr/PvlBN6FYB1rmkhF3HQfz48m5J6vQX/Q
375pQxGqBlaJH4AJCTEkyJ83dBumUzTw5BWZE+SEf3O/lYUFxTxJBIo+yUUkQptt
PQHSOdeIs6MbVgH1K7tIUi10LXSAdfsHftFuAIaslD1sfLKk6L4R3DjFjFEWWpEV
VVp13liyxZBlZ7BqY+gETo3WT/lph+vjN88dMBV4FJRCJ1wPgoXwD9gCmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMUlyj6TJIgML4zhM3oKbQw3k/hMB8GA1UdIwQY
MBaAFHcyjzIT6iYUTsy6kM1dg0SCH687MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpLUE1oUHFKaFJPekxxUXpWMkRSSUlmcnpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MjYyNjktY2IxNy00Y2MyLTg2NTYt
ODc4MjdlNTcxMzIzLzEvSXhTWEtQcE1raUF3dmpPRXplZ3B0RERlVC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MjYyNjktY2IxNy00Y2MyLTg2NTYtODc4MjdlNTcxMzIz
LzEvZHpLUE1oUHFKaFJPekxxUXpWMkRSSUlmcnpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufukAwQC
ufu4MA0GCSqGSIb3DQEBCwUAA4IBAQCLVgDQASEoyd19gZ9v1fp5r9IaInDkRF2r
RO0RAqTmqxvK3PVook7yloMB3hXkJIHEG1oGTTzPTTKahKbrAx0Z54gFD731TbIG
j+kY/npgLp8Ly7SCWXwtAVmyFC8L1nN9s+Q0NddV+U+mcWa0o75svkouiII9HRGg
oaPi0Vory2mVHshsTAPZeAK0pq1NqenZNr/bUUxRJtWr7AUFIrvnijABseBmZKuE
YmWcm7C7lA9U1NiVvAKMxDMgHSv7Ms3fAHg0svOVRtM4qbLE+CJTlRIu4NDAbtx/
W2cAIzF/1kJr7XDvnPu9kuOmiOuyk6VUNYK20ZlxeHbAsVcQjkVI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:46 2025 by rpki-client