Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/cede0d-027f-45ad-8480-c117f27ba9c0/1/9ydcOs7G_FA7r2whoAfzgtZtbgM.roa
File: 9ydcOs7G_FA7r2whoAfzgtZtbgM.roa (raw, json)
Hash identifier: ngVHQWARpbGHcswVOb09ts4C7/hnWjsl4bL/Rm/I6/A=
Subject key identifier: F7:27:5C:3A:CE:C6:FC:50:3B:AF:6C:21:A0:07:F3:82:D6:6D:6E:03
Certificate issuer: /CN=3bbbb1f5d986668ab3bd47cd18c5fb1efd249b04
Certificate serial: 0185727A18042893C3618796235BFCEB3C74
Authority key identifier: 3B:BB:B1:F5:D9:86:66:8A:B3:BD:47:CD:18:C5:FB:1E:FD:24:9B:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O7ux9dmGZoqzvUfNGMX7Hv0kmwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/cede0d-027f-45ad-8480-c117f27ba9c0/1/9ydcOs7G_FA7r2whoAfzgtZtbgM.roa
Signing time: Mon 02 Jan 2023 12:34:42 +0000
ROA not before: Mon 02 Jan 2023 12:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34032
IP address blocks: 185.98.204.0/24 maxlen: 24
185.98.206.0/24 maxlen: 24
185.98.205.0/24 maxlen: 24
185.98.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:18:04:28:93:c3:61:87:96:23:5b:fc:eb:3c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bbbb1f5d986668ab3bd47cd18c5fb1efd249b04
Validity
Not Before: Jan 2 12:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7275c3acec6fc503baf6c21a007f382d66d6e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d3:99:a7:31:bf:3a:1b:26:35:ae:7d:b8:00:
1a:b2:fa:15:53:ac:0b:e9:54:b2:94:d2:7e:68:7d:
a4:c9:18:ba:23:d6:6f:f5:d1:55:49:71:44:83:8d:
61:88:9b:6b:e1:c7:b1:4e:89:cd:36:c3:c9:cc:d0:
1b:78:89:95:50:69:4d:59:3e:fe:8f:b4:4f:53:e4:
93:b2:0e:25:f4:03:83:fb:ef:98:94:bf:7a:dc:e6:
e6:32:8f:46:d0:1f:16:2c:af:34:d3:19:71:a8:ba:
d9:43:e2:a0:fc:29:15:2f:7c:86:8d:bc:d3:b1:06:
c5:d0:05:fb:af:39:0b:9b:e0:18:2e:42:6e:94:5b:
0d:61:6e:73:1f:39:d8:27:2f:85:8a:c9:2f:c5:7f:
f5:5a:0b:e4:c5:9e:8e:97:b5:25:b3:92:22:a3:97:
90:d1:99:87:8d:56:91:77:19:d5:5d:d8:a7:74:28:
66:26:1a:23:9a:c2:c6:fd:b9:bb:94:63:6a:84:e0:
00:ea:27:82:d8:f1:b9:26:de:89:51:48:93:ec:f9:
4c:8a:bc:9d:58:b7:9f:1c:f8:aa:96:a9:90:f2:f8:
e9:19:f3:20:9c:76:79:ea:73:d4:2a:5b:e3:4c:a8:
d7:a7:0e:8c:09:23:7c:fd:26:38:a0:ca:58:33:90:
f1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:27:5C:3A:CE:C6:FC:50:3B:AF:6C:21:A0:07:F3:82:D6:6D:6E:03
X509v3 Authority Key Identifier:
keyid:3B:BB:B1:F5:D9:86:66:8A:B3:BD:47:CD:18:C5:FB:1E:FD:24:9B:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O7ux9dmGZoqzvUfNGMX7Hv0kmwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/cede0d-027f-45ad-8480-c117f27ba9c0/1/9ydcOs7G_FA7r2whoAfzgtZtbgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/cede0d-027f-45ad-8480-c117f27ba9c0/1/O7ux9dmGZoqzvUfNGMX7Hv0kmwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.204.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:c9:4f:9c:5f:d4:df:73:61:bb:c1:c5:c0:fd:bc:4e:5e:80:
29:1e:09:19:53:cb:eb:cb:c1:5c:91:82:9e:9b:a1:af:cc:9b:
1b:d6:c2:86:ea:43:e9:11:9b:57:d4:c5:6b:8b:25:dd:12:75:
50:73:ad:76:fd:9b:5c:fc:a3:8a:5d:a5:67:3e:33:fe:25:a5:
80:61:d1:bb:1f:01:bb:36:6d:df:3c:bf:c6:81:f1:59:ec:40:
93:df:e9:89:0a:75:e7:38:c8:4e:4f:9f:c6:7d:0e:c3:e8:ad:
f1:e3:04:61:23:d2:8f:d9:35:63:d4:66:72:3b:51:42:90:c6:
4b:04:5d:35:98:95:7b:51:99:b5:ec:63:e7:38:44:b7:fe:b4:
46:1b:43:3e:96:6e:b1:25:cc:27:04:94:de:81:b2:2b:00:60:
12:1d:79:bf:2c:09:71:f7:67:6b:98:cb:65:a1:5b:d9:ac:df:
99:df:a7:de:f8:61:90:eb:a6:e5:38:06:ec:16:94:9c:29:74:
1e:0c:14:29:44:be:0c:07:e4:8e:18:99:cb:e5:1c:51:cf:de:
37:90:23:23:60:89:fc:d3:47:cf:7b:9c:8a:1a:26:9d:44:0a:
b2:de:aa:36:1d:66:79:0b:19:37:6c:09:75:d6:4b:ff:4a:45:
54:59:09:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyehgEKJPDYYeWI1v86zx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYmJiMWY1ZDk4NjY2OGFiM2JkNDdjZDE4YzVmYjFlZmQy
NDliMDQwHhcNMjMwMTAyMTIzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzI3NWMzYWNlYzZmYzUwM2JhZjZjMjFhMDA3ZjM4MmQ2NmQ2ZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNOZpzG/OhsmNa59uAAasvoVU6wL
6VSylNJ+aH2kyRi6I9Zv9dFVSXFEg41hiJtr4cexTonNNsPJzNAbeImVUGlNWT7+
j7RPU+STsg4l9AOD+++YlL963ObmMo9G0B8WLK800xlxqLrZQ+Kg/CkVL3yGjbzT
sQbF0AX7rzkLm+AYLkJulFsNYW5zHznYJy+FiskvxX/1WgvkxZ6Ol7Uls5Iio5eQ
0ZmHjVaRdxnVXdindChmJhojmsLG/bm7lGNqhOAA6ieC2PG5Jt6JUUiT7PlMiryd
WLefHPiqlqmQ8vjpGfMgnHZ56nPUKlvjTKjXpw6MCSN8/SY4oMpYM5DxUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcnXDrOxvxQO69sIaAH84LWbW4DMB8GA1UdIwQY
MBaAFDu7sfXZhmaKs71HzRjF+x79JJsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzd1eDlkbUdab3F6dlVmTkdNWDdIdjBrbXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jZWRlMGQtMDI3Zi00NWFkLTg0ODAt
YzExN2YyN2JhOWMwLzEvOXlkY09zN0dfRkE3cjJ3aG9BZnpndFp0YmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jZWRlMGQtMDI3Zi00NWFkLTg0ODAtYzExN2YyN2JhOWMw
LzEvTzd1eDlkbUdab3F6dlVmTkdNWDdIdjBrbXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWLMMA0G
CSqGSIb3DQEBCwUAA4IBAQCtyU+cX9Tfc2G7wcXA/bxOXoApHgkZU8vry8FckYKe
m6GvzJsb1sKG6kPpEZtX1MVriyXdEnVQc612/Ztc/KOKXaVnPjP+JaWAYdG7HwG7
Nm3fPL/GgfFZ7ECT3+mJCnXnOMhOT5/GfQ7D6K3x4wRhI9KP2TVj1GZyO1FCkMZL
BF01mJV7UZm17GPnOES3/rRGG0M+lm6xJcwnBJTegbIrAGASHXm/LAlx92drmMtl
oVvZrN+Z36fe+GGQ66blOAbsFpScKXQeDBQpRL4MB+SOGJnL5RxRz943kCMjYIn8
00fPe5yKGiadRAqy3qo2HWZ5Cxk3bAl11kv/SkVUWQke
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:15:56 2025 by rpki-client