Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/8U_suoo-uhFk8psWUffGoHuP03M.roa
File: 8U_suoo-uhFk8psWUffGoHuP03M.roa (raw, json)
Hash identifier: CULACen1ZgEafWDf5XJF5GWYjDxGGPNkLO1Hw44So7Y=
Subject key identifier: F1:4F:EC:BA:8A:3E:BA:11:64:F2:9B:16:51:F7:C6:A0:7B:8F:D3:73
Certificate issuer: /CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Certificate serial: 01856B8A358121D662CE1A9598A9B4487E5F
Authority key identifier: 30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/8U_suoo-uhFk8psWUffGoHuP03M.roa
Signing time: Sun 01 Jan 2023 04:14:57 +0000
ROA not before: Sun 01 Jan 2023 04:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47674
IP address blocks: 185.231.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:35:81:21:d6:62:ce:1a:95:98:a9:b4:48:7e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Validity
Not Before: Jan 1 04:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f14fecba8a3eba1164f29b1651f7c6a07b8fd373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:32:a9:17:2f:41:9a:09:d0:17:f4:b2:0a:76:
69:ed:e9:cf:bf:db:d5:ac:c1:4c:ab:78:9f:d8:38:
89:f9:6b:4c:f2:84:3f:9e:dd:49:51:4a:63:b5:a5:
ab:d6:34:34:5d:2e:c8:0e:bb:29:b3:ce:12:89:da:
e2:58:31:82:db:03:3b:7a:5c:63:f8:a8:c2:27:2c:
24:13:48:18:d5:91:04:a2:12:39:0d:6c:2a:29:8b:
d9:68:26:d1:2d:f2:5d:ff:b4:7f:ad:31:b0:0b:6c:
fa:bc:b8:a0:da:97:f6:e0:63:fa:ab:50:92:fa:58:
3e:c7:0f:17:d7:aa:03:d3:53:4c:f1:9f:f7:fc:e5:
f5:f2:da:ad:bd:67:67:e8:b1:91:44:95:f2:12:90:
c6:c7:8d:01:36:32:ad:01:40:d7:12:1d:03:4d:ea:
b0:f1:01:42:a9:1d:c3:49:14:40:39:f3:38:a6:ce:
e6:74:1f:4d:ba:66:df:2a:5c:7b:af:e5:c6:f5:5f:
63:13:23:3b:85:e9:69:22:57:fc:35:5b:d1:b0:fa:
e8:8c:b7:69:c1:43:02:46:0d:83:2e:7e:b9:0a:bb:
86:68:b0:93:f0:4e:ae:5a:06:35:c0:4c:5c:45:a6:
9a:a2:15:32:b5:14:52:8a:17:c4:0a:e3:45:1b:84:
38:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4F:EC:BA:8A:3E:BA:11:64:F2:9B:16:51:F7:C6:A0:7B:8F:D3:73
X509v3 Authority Key Identifier:
keyid:30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/8U_suoo-uhFk8psWUffGoHuP03M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.32.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4c:ed:7c:4e:e4:67:b4:f4:8f:f6:67:00:97:9f:f9:d3:f7:
7e:f7:7f:c6:23:dc:bc:f8:fb:68:75:84:09:a5:c7:7a:de:8e:
87:ab:13:34:42:c1:62:ce:6d:93:7b:57:a3:99:1f:47:7a:26:
17:63:c2:cf:d8:d6:e0:a7:8c:a9:d1:5a:f3:90:45:a6:30:2a:
3f:9b:31:24:27:15:4e:ba:02:af:a0:8f:8d:d8:e5:55:94:28:
05:98:b7:07:40:12:ae:9f:97:fa:17:4d:97:e3:08:37:60:9c:
41:20:56:55:dd:a5:50:66:50:bb:ee:e0:70:f4:3e:bf:a9:d6:
99:12:35:4a:3b:6f:28:ca:61:75:bb:c5:f2:1a:eb:22:43:9f:
c0:4a:0f:00:de:99:bf:c5:c2:9a:33:bd:87:e1:34:80:c7:e9:
f4:65:85:ea:1e:98:8f:c8:d9:d8:58:aa:9a:61:2d:8f:61:0e:
f7:16:45:f3:94:30:d5:b2:d3:8d:af:9d:22:4c:10:d7:e9:83:
46:75:cd:2e:3f:01:5b:3d:83:db:2e:17:6f:c2:9e:72:d5:7f:
cf:65:2e:ee:09:5f:a2:7a:a9:9b:a3:98:56:a7:74:73:14:91:
d6:b3:02:59:2e:b3:d1:43:31:57:bd:95:b2:b1:7f:bf:e1:f7:
d4:19:3e:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrijWBIdZizhqVmKm0SH5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmMwODY2ZGMyNTIwOGU2YzA3ZDRhMjFkN2Q4MDUwYjUw
OGQ2YTIwHhcNMjMwMTAxMDQxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTRmZWNiYThhM2ViYTExNjRmMjliMTY1MWY3YzZhMDdiOGZkMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTKpFy9BmgnQF/SyCnZp7enPv9vV
rMFMq3if2DiJ+WtM8oQ/nt1JUUpjtaWr1jQ0XS7IDrsps84SidriWDGC2wM7elxj
+KjCJywkE0gY1ZEEohI5DWwqKYvZaCbRLfJd/7R/rTGwC2z6vLig2pf24GP6q1CS
+lg+xw8X16oD01NM8Z/3/OX18tqtvWdn6LGRRJXyEpDGx40BNjKtAUDXEh0DTeqw
8QFCqR3DSRRAOfM4ps7mdB9NumbfKlx7r+XG9V9jEyM7helpIlf8NVvRsProjLdp
wUMCRg2DLn65CruGaLCT8E6uWgY1wExcRaaaohUytRRSihfECuNFG4Q4SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFP7LqKProRZPKbFlH3xqB7j9NzMB8GA1UdIwQY
MBaAFDBsCGbcJSCObAfUoh19gFC1CNaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUt
MTBlZGI1NDFlNmZmLzEvOFVfc3Vvby11aEZrOHBzV1VmZkdvSHVQMDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUtMTBlZGI1NDFlNmZm
LzEvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuecgMA0G
CSqGSIb3DQEBCwUAA4IBAQAKTO18TuRntPSP9mcAl5/50/d+93/GI9y8+PtodYQJ
pcd63o6HqxM0QsFizm2Te1ejmR9HeiYXY8LP2Nbgp4yp0VrzkEWmMCo/mzEkJxVO
ugKvoI+N2OVVlCgFmLcHQBKun5f6F02X4wg3YJxBIFZV3aVQZlC77uBw9D6/qdaZ
EjVKO28oymF1u8XyGusiQ5/ASg8A3pm/xcKaM72H4TSAx+n0ZYXqHpiPyNnYWKqa
YS2PYQ73FkXzlDDVstONr50iTBDX6YNGdc0uPwFbPYPbLhdvwp5y1X/PZS7uCV+i
eqmbo5hWp3RzFJHWswJZLrPRQzFXvZWysX+/4ffUGT4F
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:16:34 2025 by rpki-client