Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/M1QHRY5Sxy8bE28Bnadriq-pClI.roa
File: M1QHRY5Sxy8bE28Bnadriq-pClI.roa (raw, json)
Hash identifier: qr0BMOJz3ienzagdx/kQYTkIMCN9ynBR9XCfLigLeYI=
Subject key identifier: 33:54:07:45:8E:52:C7:2F:1B:13:6F:01:9D:A7:6B:8A:AF:A9:0A:52
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14AE7213A4088FCD2929F531336CA5
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/M1QHRY5Sxy8bE28Bnadriq-pClI.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200441
IP address blocks: 185.76.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ae:72:13:a4:08:8f:cd:29:29:f5:31:33:6c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=335407458e52c72f1b136f019da76b8aafa90a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2d:f0:d9:8a:45:b6:da:e8:7b:7a:a4:da:b9:
81:81:ab:3e:e8:8c:b3:c5:6b:ac:69:32:ae:32:f0:
cf:cb:52:8f:52:e5:26:9e:1d:82:01:0b:b0:d1:1a:
fe:ef:08:aa:61:e0:1c:41:df:bf:fc:c4:ab:2f:19:
43:9b:80:9e:70:39:a6:f6:fc:92:07:fe:2b:df:58:
bb:96:82:4e:a3:8c:41:a4:01:ed:f5:06:36:d4:66:
fd:32:f3:4f:fa:43:a8:d1:6a:ca:7f:e1:e0:7b:67:
04:c5:9f:f3:a5:62:b1:b9:9e:6a:a7:c8:31:c2:49:
c5:4f:58:82:9b:27:17:43:00:ae:b7:fa:0f:ae:ec:
8e:7a:02:5f:4f:da:81:9e:41:7c:87:3e:f7:29:2d:
5d:54:05:d1:e4:54:79:6a:43:ee:ac:6e:7e:d4:f2:
70:e5:e5:3c:86:47:b3:1e:ee:12:c6:09:54:56:1e:
9e:30:6a:ee:5a:fe:a7:3f:06:47:f1:d3:2c:6c:73:
00:3f:ae:3d:7c:14:7a:88:f9:b7:86:09:6d:04:b5:
fd:9d:00:4a:05:e0:fc:02:8d:95:7f:59:13:c9:ad:
4e:ca:6f:69:ab:26:79:a3:fe:a8:8c:3f:df:17:d9:
55:96:8b:40:13:55:9b:41:b5:a5:61:7e:dd:85:06:
87:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:54:07:45:8E:52:C7:2F:1B:13:6F:01:9D:A7:6B:8A:AF:A9:0A:52
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/M1QHRY5Sxy8bE28Bnadriq-pClI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.81.0/24
Signature Algorithm: sha256WithRSAEncryption
88:66:6c:b0:d4:47:ac:ef:63:92:79:2d:2c:6f:be:4e:00:97:
0e:c6:7e:67:43:35:08:45:7a:d9:c7:e2:cf:f1:b1:fd:03:71:
f5:75:4a:c1:ad:9c:bb:49:91:39:6f:b0:e8:ee:8e:88:5e:47:
fc:c1:d7:96:ed:16:a2:4f:9b:ac:3a:f1:c7:c2:a3:33:a6:c7:
01:80:3e:1d:0d:94:8a:f3:2f:5a:0d:c0:b3:17:8a:60:ed:26:
e9:89:b0:d1:d6:3e:3f:7f:2a:e7:2f:b0:08:8c:7d:9b:66:7c:
ab:46:62:fd:32:bf:10:f9:cc:87:39:41:15:0f:38:e2:2d:c8:
a2:7a:b7:1c:7c:23:e4:35:3f:b5:84:21:40:48:0d:d7:22:25:
2b:dc:9d:94:e2:f9:c9:4f:41:1b:c8:2e:37:61:d9:df:f6:66:
fe:5a:34:dc:8f:fe:7f:a6:99:77:e8:fb:7e:36:3f:31:4f:0e:
81:2b:79:9b:2f:65:d0:66:76:d8:21:19:3d:80:d2:68:7e:f2:
6f:b9:4c:4d:e7:8d:1c:ca:2b:c6:0d:84:d6:55:33:0a:34:06:
39:76:cf:7d:f7:6d:55:34:6c:03:ac:79:7a:6d:59:0f:7f:14:
35:f0:94:19:78:b6:a5:3e:af:08:b3:b1:92:42:69:ea:a5:f3:
e0:f7:90:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFK5yE6QIj80pKfUxM2ylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzU0MDc0NThlNTJjNzJmMWIxMzZmMDE5ZGE3NmI4YWFmYTkwYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjy3w2YpFttroe3qk2rmBgas+6Iyz
xWusaTKuMvDPy1KPUuUmnh2CAQuw0Rr+7wiqYeAcQd+//MSrLxlDm4CecDmm9vyS
B/4r31i7loJOo4xBpAHt9QY21Gb9MvNP+kOo0WrKf+Hge2cExZ/zpWKxuZ5qp8gx
wknFT1iCmycXQwCut/oPruyOegJfT9qBnkF8hz73KS1dVAXR5FR5akPurG5+1PJw
5eU8hkezHu4SxglUVh6eMGruWv6nPwZH8dMsbHMAP649fBR6iPm3hgltBLX9nQBK
BeD8Ao2Vf1kTya1Oym9pqyZ5o/6ojD/fF9lVlotAE1WbQbWlYX7dhQaH5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNUB0WOUscvGxNvAZ2na4qvqQpSMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvTTFRSFJZNVN4eThiRTI4Qm5hZHJpcS1wQ2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUxRMA0G
CSqGSIb3DQEBCwUAA4IBAQCIZmyw1Ees72OSeS0sb75OAJcOxn5nQzUIRXrZx+LP
8bH9A3H1dUrBrZy7SZE5b7Do7o6IXkf8wdeW7RaiT5usOvHHwqMzpscBgD4dDZSK
8y9aDcCzF4pg7SbpibDR1j4/fyrnL7AIjH2bZnyrRmL9Mr8Q+cyHOUEVDzjiLcii
erccfCPkNT+1hCFASA3XIiUr3J2U4vnJT0EbyC43Ydnf9mb+WjTcj/5/ppl36Pt+
Nj8xTw6BK3mbL2XQZnbYIRk9gNJofvJvuUxN540cyivGDYTWVTMKNAY5ds99921V
NGwDrHl6bVkPfxQ18JQZeLalPq8Is7GSQmnqpfPg95A1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:36 2025 by rpki-client