Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/pRMr_mWIZS5KOiy-Y8NHikWdIhU.roa
File: pRMr_mWIZS5KOiy-Y8NHikWdIhU.roa (raw, json)
Hash identifier: Rs1moe5AMzZrTPn1xMtqc4dBo/SgUks1U+vo/x2hz20=
Subject key identifier: A5:13:2B:FE:65:88:65:2E:4A:3A:2C:BE:63:C3:47:8A:45:9D:22:15
Certificate issuer: /CN=7d35c0b209135c22cc8005a7c2e222c63c136cb0
Certificate serial: 01856BC10C7FF1EA17BC078ADC33CB73D788
Authority key identifier: 7D:35:C0:B2:09:13:5C:22:CC:80:05:A7:C2:E2:22:C6:3C:13:6C:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/pRMr_mWIZS5KOiy-Y8NHikWdIhU.roa
Signing time: Sun 01 Jan 2023 05:14:51 +0000
ROA not before: Sun 01 Jan 2023 05:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10393
IP address blocks: 185.39.237.0/24 maxlen: 24
185.39.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:0c:7f:f1:ea:17:bc:07:8a:dc:33:cb:73:d7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d35c0b209135c22cc8005a7c2e222c63c136cb0
Validity
Not Before: Jan 1 05:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5132bfe6588652e4a3a2cbe63c3478a459d2215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:88:cb:bb:23:33:76:45:28:b8:a0:8d:5c:90:
fe:7e:96:5e:b9:9e:8d:83:14:7a:b7:cc:ea:95:45:
5f:ed:41:71:a5:04:16:41:d5:e0:8b:0c:35:c0:83:
18:68:c1:d5:c2:d4:47:c8:ea:fe:24:fc:cf:2d:dd:
05:97:ab:64:d3:70:8f:11:b7:ab:2c:33:e2:03:28:
2f:fc:71:e1:1c:47:e7:5f:e0:97:e3:10:33:1c:f4:
38:f8:4a:94:d3:ba:e0:86:00:dc:25:a4:cd:e2:9c:
32:53:a5:bf:91:4f:23:b3:e5:cb:10:b0:8f:3a:e2:
25:7a:b6:f3:f5:f8:3e:72:33:f6:b0:91:47:7d:d9:
9a:71:dd:58:17:2e:9e:68:c8:38:f9:cd:bb:82:22:
28:99:a3:a2:a5:93:8f:93:20:2f:29:99:44:57:2f:
2c:88:d6:32:45:21:c5:db:ad:e3:9b:66:77:c7:35:
cb:7e:ce:39:b4:ba:ff:99:99:67:47:37:16:80:4e:
42:40:37:61:a4:16:c4:48:77:c7:5d:20:68:ef:f4:
fc:39:58:d8:f0:9f:fe:b1:f3:17:8d:69:76:bd:fd:
96:13:e0:34:06:41:dd:31:a2:44:fe:01:59:cb:a8:
6e:ef:94:75:22:bf:f1:ef:7b:28:6b:3d:2c:c0:70:
72:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:13:2B:FE:65:88:65:2E:4A:3A:2C:BE:63:C3:47:8A:45:9D:22:15
X509v3 Authority Key Identifier:
keyid:7D:35:C0:B2:09:13:5C:22:CC:80:05:A7:C2:E2:22:C6:3C:13:6C:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/pRMr_mWIZS5KOiy-Y8NHikWdIhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/fTXAsgkTXCLMgAWnwuIixjwTbLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.236.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:ed:61:de:fc:aa:e7:37:56:71:fd:15:12:11:01:ba:6e:af:
d7:38:0a:62:37:b4:f0:d7:50:cb:6e:b9:3b:0b:8c:fb:5c:c1:
06:c9:cb:ce:57:3c:a8:18:70:db:7f:b4:2a:c6:32:80:98:d0:
24:40:3f:6b:48:59:0b:8c:65:20:63:17:d8:df:2a:3f:27:ae:
eb:25:dd:94:14:cc:99:95:d0:f4:e4:ca:dd:c3:c0:a0:a7:6c:
57:e7:de:ee:f8:10:e1:7c:49:80:8f:88:4e:44:ea:75:15:b4:
b4:2d:81:6a:04:b1:e1:1b:10:a7:c8:fe:67:e7:4a:01:60:61:
7d:b6:54:31:66:69:2b:66:36:3f:a2:c9:cf:e8:89:a2:9b:71:
b1:1b:4a:f8:78:e8:82:ac:d8:51:a5:50:02:13:d4:98:62:9d:
04:10:a5:ca:14:db:4d:d5:90:d0:88:76:05:44:40:46:e1:a7:
c4:a1:7b:58:0c:c7:ad:e8:9c:5a:10:75:87:4a:7d:27:69:76:
c6:6d:10:00:9a:36:a5:9f:a9:a5:bb:7a:27:a7:b4:93:a9:c5:
ed:95:55:38:18:5a:92:9c:b9:14:61:ea:db:ac:d3:88:9a:33:
06:7e:bd:c8:1b:fc:62:1a:4a:65:6e:fe:55:b4:1e:30:41:47:
57:1d:ea:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwQx/8eoXvAeK3DPLc9eIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMzVjMGIyMDkxMzVjMjJjYzgwMDVhN2MyZTIyMmM2M2Mx
MzZjYjAwHhcNMjMwMTAxMDUxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTEzMmJmZTY1ODg2NTJlNGEzYTJjYmU2M2MzNDc4YTQ1OWQyMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIjLuyMzdkUouKCNXJD+fpZeuZ6N
gxR6t8zqlUVf7UFxpQQWQdXgiww1wIMYaMHVwtRHyOr+JPzPLd0Fl6tk03CPEber
LDPiAygv/HHhHEfnX+CX4xAzHPQ4+EqU07rghgDcJaTN4pwyU6W/kU8js+XLELCP
OuIlerbz9fg+cjP2sJFHfdmacd1YFy6eaMg4+c27giIomaOipZOPkyAvKZlEVy8s
iNYyRSHF263jm2Z3xzXLfs45tLr/mZlnRzcWgE5CQDdhpBbESHfHXSBo7/T8OVjY
8J/+sfMXjWl2vf2WE+A0BkHdMaJE/gFZy6hu75R1Ir/x73soaz0swHByuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKUTK/5liGUuSjosvmPDR4pFnSIVMB8GA1UdIwQY
MBaAFH01wLIJE1wizIAFp8LiIsY8E2ywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlRYQXNna1RYQ0xNZ0FXbnd1SWl4andUYkxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9iOWM5MDYtMWU4NS00NTczLThmNjIt
ODI1N2Q1MTkyOGE5LzEvcFJNcl9tV0laUzVLT2l5LVk4Tkhpa1dkSWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9iOWM5MDYtMWU4NS00NTczLThmNjItODI1N2Q1MTkyOGE5
LzEvZlRYQXNna1RYQ0xNZ0FXbnd1SWl4andUYkxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSfsMA0G
CSqGSIb3DQEBCwUAA4IBAQBL7WHe/KrnN1Zx/RUSEQG6bq/XOApiN7Tw11DLbrk7
C4z7XMEGycvOVzyoGHDbf7QqxjKAmNAkQD9rSFkLjGUgYxfY3yo/J67rJd2UFMyZ
ldD05Mrdw8Cgp2xX597u+BDhfEmAj4hOROp1FbS0LYFqBLHhGxCnyP5n50oBYGF9
tlQxZmkrZjY/osnP6Imim3GxG0r4eOiCrNhRpVACE9SYYp0EEKXKFNtN1ZDQiHYF
REBG4afEoXtYDMet6JxaEHWHSn0naXbGbRAAmjaln6mlu3onp7STqcXtlVU4GFqS
nLkUYerbrNOImjMGfr3IG/xiGkplbv5VtB4wQUdXHeo7
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:10 2025 by rpki-client