Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a9bd93-92bd-4bf9-b655-adcefdaa1028/1/hrG0H5IoQGR1epuFwizEYYsIJ8s.roa
File: hrG0H5IoQGR1epuFwizEYYsIJ8s.roa (raw, json)
Hash identifier: u/slfpLXji6cZ0FVWGm90wMsOGDx4SKHeWWh47lfqvU=
Subject key identifier: 86:B1:B4:1F:92:28:40:64:75:7A:9B:85:C2:2C:C4:61:8B:08:27:CB
Certificate issuer: /CN=9be343c2fb3d6b8d23789ab4da6fcd465a690583
Certificate serial: 0185A09E2F37B8F3DA40C106C92DEA917BE5
Authority key identifier: 9B:E3:43:C2:FB:3D:6B:8D:23:78:9A:B4:DA:6F:CD:46:5A:69:05:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-NDwvs9a40jeJq02m_NRlppBYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a9bd93-92bd-4bf9-b655-adcefdaa1028/1/hrG0H5IoQGR1epuFwizEYYsIJ8s.roa
Signing time: Wed 11 Jan 2023 11:36:39 +0000
ROA not before: Wed 11 Jan 2023 11:36:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205600
IP address blocks: 185.236.47.0/24 maxlen: 24
2a10:88c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:9e:2f:37:b8:f3:da:40:c1:06:c9:2d:ea:91:7b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9be343c2fb3d6b8d23789ab4da6fcd465a690583
Validity
Not Before: Jan 11 11:36:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86b1b41f92284064757a9b85c22cc4618b0827cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1e:36:6c:b1:03:64:db:d2:84:c0:a8:72:cb:
13:2a:c4:7f:d5:4c:ed:87:52:59:4a:5c:c4:91:b8:
04:9c:91:48:e3:4f:c8:4a:74:41:e3:0e:10:a3:18:
a5:ad:35:8c:5a:47:d1:0e:c4:c4:b6:b2:13:0f:d1:
14:5f:b6:bd:3f:7a:14:97:4f:f4:e0:91:11:d8:56:
ae:6b:21:a8:72:0d:48:6e:50:6a:a9:7f:14:4a:7c:
87:af:a8:e7:92:59:83:c1:2c:b1:8f:9d:bd:e0:94:
4b:b8:cf:2e:b8:40:be:b3:8c:39:96:49:06:20:03:
39:ad:12:91:16:3f:76:2f:25:d7:69:98:91:45:d0:
68:81:2c:7f:7b:91:53:be:2a:57:c1:ad:a3:9d:fd:
f5:49:55:38:96:24:4d:85:b6:4d:8c:83:29:cb:38:
e7:c7:db:0f:7c:e4:77:7d:c2:61:86:48:9f:5b:1b:
66:bb:aa:5b:a3:52:b1:df:c4:65:bd:4e:e4:32:a4:
33:32:4a:55:82:54:82:18:9d:00:ff:d7:01:2b:19:
ba:cb:57:10:7b:cb:b7:e7:f7:31:75:22:65:5f:9d:
7e:cb:82:3d:82:ba:51:45:fd:49:76:ae:42:42:2a:
79:b9:8d:7e:53:4f:b5:90:ed:cf:6f:58:0a:95:f4:
41:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B1:B4:1F:92:28:40:64:75:7A:9B:85:C2:2C:C4:61:8B:08:27:CB
X509v3 Authority Key Identifier:
keyid:9B:E3:43:C2:FB:3D:6B:8D:23:78:9A:B4:DA:6F:CD:46:5A:69:05:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-NDwvs9a40jeJq02m_NRlppBYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9bd93-92bd-4bf9-b655-adcefdaa1028/1/hrG0H5IoQGR1epuFwizEYYsIJ8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9bd93-92bd-4bf9-b655-adcefdaa1028/1/m-NDwvs9a40jeJq02m_NRlppBYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.47.0/24
IPv6:
2a10:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
45:6b:32:cb:aa:1e:08:51:c2:b3:95:7f:b5:f8:7f:4c:21:81:
2f:4d:a1:ba:9e:62:a6:d4:a3:4c:a3:d9:3e:34:1a:f6:95:b2:
80:03:c7:45:4c:51:c6:c2:a7:e6:60:45:2d:98:10:54:32:25:
31:0f:3e:e5:79:42:04:29:b7:6f:f7:e8:32:29:79:63:67:55:
1f:4f:ea:cf:47:d1:38:5b:5d:6b:c0:6c:c5:f0:f8:51:02:8f:
ee:23:32:c9:c0:ed:ec:94:82:9c:b4:6e:b4:46:50:26:8a:ea:
09:1a:a8:13:a9:f8:63:b3:44:c6:94:d0:ec:b3:10:0e:19:d4:
37:8c:8b:3b:de:d0:63:07:c5:d5:b7:90:51:65:b9:0d:1d:a5:
bd:17:f0:15:f2:d0:93:23:ba:9a:18:0e:0c:e8:68:26:dd:bb:
7a:38:3e:c9:5e:9a:44:e0:a4:7a:2a:df:5b:df:65:1f:f8:f5:
9c:4e:da:0e:7e:8a:24:a9:77:ab:91:4b:77:93:78:36:98:a5:
7e:40:9d:ed:83:8e:b7:0d:e6:58:60:e0:e6:a4:b0:b0:b8:9e:
5c:52:aa:e9:26:f7:a8:1c:a7:0e:b4:29:0d:8d:a2:18:38:2b:
d9:5d:27:f8:ad:32:f3:fd:ad:16:d5:2a:01:50:ef:7d:66:30:
b4:d3:69:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWgni83uPPaQMEGyS3qkXvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZTM0M2MyZmIzZDZiOGQyMzc4OWFiNGRhNmZjZDQ2NWE2
OTA1ODMwHhcNMjMwMTExMTEzNjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmIxYjQxZjkyMjg0MDY0NzU3YTliODVjMjJjYzQ2MThiMDgyN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx42bLEDZNvShMCocssTKsR/1Uzt
h1JZSlzEkbgEnJFI40/ISnRB4w4QoxilrTWMWkfRDsTEtrITD9EUX7a9P3oUl0/0
4JER2FauayGocg1IblBqqX8USnyHr6jnklmDwSyxj5294JRLuM8uuEC+s4w5lkkG
IAM5rRKRFj92LyXXaZiRRdBogSx/e5FTvipXwa2jnf31SVU4liRNhbZNjIMpyzjn
x9sPfOR3fcJhhkifWxtmu6pbo1Kx38RlvU7kMqQzMkpVglSCGJ0A/9cBKxm6y1cQ
e8u35/cxdSJlX51+y4I9grpRRf1Jdq5CQip5uY1+U0+1kO3Pb1gKlfRB9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIaxtB+SKEBkdXqbhcIsxGGLCCfLMB8GA1UdIwQY
MBaAFJvjQ8L7PWuNI3iatNpvzUZaaQWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1ORHd2czlhNDBqZUpxMDJtX05SbHBwQllNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hOWJkOTMtOTJiZC00YmY5LWI2NTUt
YWRjZWZkYWExMDI4LzEvaHJHMEg1SW9RR1IxZXB1RndpekVZWXNJSjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hOWJkOTMtOTJiZC00YmY5LWI2NTUtYWRjZWZkYWExMDI4
LzEvbS1ORHd2czlhNDBqZUpxMDJtX05SbHBwQllNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuewvMA0E
AgACMAcDBQMqEIjAMA0GCSqGSIb3DQEBCwUAA4IBAQBFazLLqh4IUcKzlX+1+H9M
IYEvTaG6nmKm1KNMo9k+NBr2lbKAA8dFTFHGwqfmYEUtmBBUMiUxDz7leUIEKbdv
9+gyKXljZ1UfT+rPR9E4W11rwGzF8PhRAo/uIzLJwO3slIKctG60RlAmiuoJGqgT
qfhjs0TGlNDssxAOGdQ3jIs73tBjB8XVt5BRZbkNHaW9F/AV8tCTI7qaGA4M6Ggm
3bt6OD7JXppE4KR6Kt9b32Uf+PWcTtoOfookqXerkUt3k3g2mKV+QJ3tg463DeZY
YODmpLCwuJ5cUqrpJveoHKcOtCkNjaIYOCvZXSf4rTLz/a0W1SoBUO99ZjC002mL
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:52:05 2025 by rpki-client