Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/r2nSHKZbpk06iUifcpb7wgjNQ7c.roa
File: r2nSHKZbpk06iUifcpb7wgjNQ7c.roa (raw, json)
Hash identifier: 5ZHmBvDQ3W+WEIyPEB272jkVVORhyTumxIhEB48y6Io=
Subject key identifier: AF:69:D2:1C:A6:5B:A6:4D:3A:89:48:9F:72:96:FB:C2:08:CD:43:B7
Certificate issuer: /CN=54f87b5a62c1ff0f522812e9add1756bc73384c5
Certificate serial: 0186C08B9E60A1FC240F6F604E87AC6E1DF0
Authority key identifier: 54:F8:7B:5A:62:C1:FF:0F:52:28:12:E9:AD:D1:75:6B:C7:33:84:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPh7WmLB_w9SKBLprdF1a8czhMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/r2nSHKZbpk06iUifcpb7wgjNQ7c.roa
Signing time: Wed 08 Mar 2023 09:27:00 +0000
ROA not before: Wed 08 Mar 2023 09:27:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208444
IP address blocks: 185.192.170.0/23 maxlen: 32
2a06:5d07::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:8b:9e:60:a1:fc:24:0f:6f:60:4e:87:ac:6e:1d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f87b5a62c1ff0f522812e9add1756bc73384c5
Validity
Not Before: Mar 8 09:27:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af69d21ca65ba64d3a89489f7296fbc208cd43b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:66:a2:be:72:12:59:4e:2a:ef:a1:3c:82:4f:
ea:e3:48:58:8c:51:59:78:d3:81:53:09:45:46:7f:
50:1d:d8:78:ad:12:2b:08:bd:8d:92:0e:e5:b4:30:
65:18:53:b7:c3:d8:bc:d1:2b:a9:16:da:7a:b6:06:
b9:6f:8e:88:b7:8a:d4:d4:54:58:dd:33:11:81:6d:
54:09:88:d9:40:64:df:93:15:14:77:15:1e:e2:8f:
7a:cf:99:d7:3a:30:73:1c:99:ec:7d:4c:4c:22:ec:
04:20:a4:a9:7a:96:9c:d8:a4:7a:5d:98:f7:f9:70:
d7:5e:c7:c1:62:75:c0:5e:6e:8b:2e:bc:6c:fd:b3:
a3:06:a6:07:aa:61:da:de:cf:76:8a:21:d6:94:c8:
eb:07:be:cb:67:5d:f4:b4:82:7d:9b:38:b1:7c:34:
6b:14:f3:a9:87:55:bb:72:3b:5c:37:ab:43:1d:65:
5a:22:93:4a:93:f7:b2:16:e2:f2:c1:9b:59:52:8a:
3f:19:19:93:80:f6:44:c4:5d:9e:d5:0a:99:c3:0a:
14:cf:28:87:4c:1a:dc:b5:63:f2:d0:d1:78:08:05:
99:de:93:ce:71:20:aa:0a:8f:f1:59:79:1c:13:8a:
74:20:5d:fb:01:dd:7c:a8:b6:33:56:81:08:dd:23:
4f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:69:D2:1C:A6:5B:A6:4D:3A:89:48:9F:72:96:FB:C2:08:CD:43:B7
X509v3 Authority Key Identifier:
keyid:54:F8:7B:5A:62:C1:FF:0F:52:28:12:E9:AD:D1:75:6B:C7:33:84:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPh7WmLB_w9SKBLprdF1a8czhMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/r2nSHKZbpk06iUifcpb7wgjNQ7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/VPh7WmLB_w9SKBLprdF1a8czhMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.170.0/23
IPv6:
2a06:5d07::/32
Signature Algorithm: sha256WithRSAEncryption
7e:7f:86:0c:58:6e:50:94:25:28:d1:83:73:30:1f:4a:a1:7e:
cd:86:5b:07:b7:1e:73:fc:44:cc:dc:8c:66:16:01:6c:b8:f1:
3b:bc:67:be:43:04:bf:7e:f8:b8:6e:d2:58:74:94:82:15:c9:
2c:39:75:2b:42:41:3b:c4:34:1e:f6:0a:d1:61:5c:97:44:40:
5e:8a:7f:e4:0f:de:c7:06:67:67:8b:6e:75:8d:f8:6d:1e:ae:
ac:8f:12:e0:bf:3c:f4:f2:58:fc:0f:9e:55:c7:54:3e:ed:92:
97:3c:1a:d4:b0:fd:35:c0:59:07:27:bd:a0:cf:68:93:5c:a3:
f5:6a:5f:e7:a6:6d:36:b5:fc:57:ed:c0:e7:3d:dd:f1:65:c5:
ef:ea:f7:e7:84:80:27:c5:c8:cc:b5:51:2c:ef:21:5c:ba:dc:
a2:c4:c5:66:cb:a5:8d:31:e7:64:7d:b8:72:dd:b5:7a:e9:11:
71:6b:48:8a:2b:22:39:9d:cd:1c:d7:a6:81:02:14:f7:1f:e9:
d0:6d:65:10:57:6e:0c:56:a0:c5:c7:9d:a7:74:f1:61:79:98:
8a:b7:16:9c:2c:21:bf:fe:86:72:5e:75:2b:33:d9:b5:75:ac:
46:35:3e:21:08:e3:d2:05:00:4a:c3:ec:4b:85:66:56:63:86:
fa:01:8c:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbAi55gofwkD29gToesbh3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Zjg3YjVhNjJjMWZmMGY1MjI4MTJlOWFkZDE3NTZiYzcz
Mzg0YzUwHhcNMjMwMzA4MDkyNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY5ZDIxY2E2NWJhNjRkM2E4OTQ4OWY3Mjk2ZmJjMjA4Y2Q0M2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2aivnISWU4q76E8gk/q40hYjFFZ
eNOBUwlFRn9QHdh4rRIrCL2Nkg7ltDBlGFO3w9i80SupFtp6tga5b46It4rU1FRY
3TMRgW1UCYjZQGTfkxUUdxUe4o96z5nXOjBzHJnsfUxMIuwEIKSpepac2KR6XZj3
+XDXXsfBYnXAXm6LLrxs/bOjBqYHqmHa3s92iiHWlMjrB77LZ130tIJ9mzixfDRr
FPOph1W7cjtcN6tDHWVaIpNKk/eyFuLywZtZUoo/GRmTgPZExF2e1QqZwwoUzyiH
TBrctWPy0NF4CAWZ3pPOcSCqCo/xWXkcE4p0IF37Ad18qLYzVoEI3SNPLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK9p0hymW6ZNOolIn3KW+8IIzUO3MB8GA1UdIwQY
MBaAFFT4e1piwf8PUigS6a3RdWvHM4TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBoN1dtTEJfdzlTS0JMcHJkRjFhOGN6aE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8yY2M0MTktOGUzNC00MWE5LWIyNDMt
ODU1NDE4ZmZlZDQxLzEvcjJuU0hLWmJwazA2aVVpZmNwYjd3Z2pOUTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8yY2M0MTktOGUzNC00MWE5LWIyNDMtODU1NDE4ZmZlZDQx
LzEvVlBoN1dtTEJfdzlTS0JMcHJkRjFhOGN6aE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBucCqMA0E
AgACMAcDBQAqBl0HMA0GCSqGSIb3DQEBCwUAA4IBAQB+f4YMWG5QlCUo0YNzMB9K
oX7NhlsHtx5z/ETM3IxmFgFsuPE7vGe+QwS/fvi4btJYdJSCFcksOXUrQkE7xDQe
9grRYVyXREBein/kD97HBmdni251jfhtHq6sjxLgvzz08lj8D55Vx1Q+7ZKXPBrU
sP01wFkHJ72gz2iTXKP1al/npm02tfxX7cDnPd3xZcXv6vfnhIAnxcjMtVEs7yFc
utyixMVmy6WNMedkfbhy3bV66RFxa0iKKyI5nc0c16aBAhT3H+nQbWUQV24MVqDF
x52ndPFheZiKtxacLCG//oZyXnUrM9m1daxGNT4hCOPSBQBKw+xLhWZWY4b6AYwu
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:20:28 2025 by rpki-client