Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/CW6oPZniqi6dBm853PI6ZdcTgzo.roa
File: CW6oPZniqi6dBm853PI6ZdcTgzo.roa (raw, json)
Hash identifier: Tbn4m/FfmviVwHsO1vdK8R9i+kXNuT9tY6FJOigUmjQ=
Subject key identifier: 09:6E:A8:3D:99:E2:AA:2E:9D:06:6F:39:DC:F2:3A:65:D7:13:83:3A
Certificate issuer: /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Certificate serial: 01830DB9F6EF78827F002D7197A5F068BF14
Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/CW6oPZniqi6dBm853PI6ZdcTgzo.roa
Signing time: Mon 05 Sep 2022 12:57:14 +0000
ROA not before: Mon 05 Sep 2022 12:57:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209275
IP address blocks: 185.174.31.0/24 maxlen: 24
2a05:9bc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:b9:f6:ef:78:82:7f:00:2d:71:97:a5:f0:68:bf:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Validity
Not Before: Sep 5 12:57:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=096ea83d99e2aa2e9d066f39dcf23a65d713833a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:48:fb:ba:7c:29:9b:e9:64:24:50:48:70:37:
61:4e:31:11:ff:65:ac:9d:ec:59:12:70:cd:ee:f7:
0c:4f:a1:33:b2:a0:5e:4f:0c:83:96:48:c7:0a:5a:
b7:c9:fc:f5:18:d4:9d:8d:a5:ad:06:2f:78:14:5b:
c3:e6:7a:e5:10:9f:51:1c:c4:4e:33:bb:61:3c:fd:
14:4a:67:cc:59:ad:17:dd:6e:c0:da:70:da:a4:d2:
84:7f:c8:42:f8:09:b4:03:e5:ed:d6:ac:34:54:bd:
28:ce:e8:0a:f6:0b:f6:78:cc:33:d5:b0:11:62:32:
b8:40:b6:9a:1b:f8:0a:63:42:44:11:f6:55:c1:07:
20:de:ed:c2:76:27:6d:b5:47:ed:db:ba:98:79:f1:
93:36:e3:89:70:cb:4b:81:d3:34:51:00:4e:11:57:
9a:91:1c:20:58:e1:58:ba:4d:9b:13:20:f6:f7:ae:
f4:a4:c5:6e:33:ba:48:6a:ec:07:30:cd:dc:09:37:
35:a6:f0:33:50:5b:b5:ff:a3:32:9a:c7:8e:a9:95:
ff:e0:c0:29:cf:a2:97:80:60:98:f2:48:8d:a5:ce:
b9:2c:25:b4:1a:2e:a7:77:62:14:8d:16:83:82:19:
5a:d5:c6:80:61:49:46:26:b1:21:f2:f4:00:cf:7e:
1a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6E:A8:3D:99:E2:AA:2E:9D:06:6F:39:DC:F2:3A:65:D7:13:83:3A
X509v3 Authority Key Identifier:
keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/CW6oPZniqi6dBm853PI6ZdcTgzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.31.0/24
IPv6:
2a05:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
44:c1:36:d6:bb:04:b4:30:7f:26:4c:0b:5d:58:fa:ab:88:f4:
05:c0:f6:61:be:f8:42:7b:89:65:32:ac:55:0a:d7:99:29:07:
c0:ed:69:af:a3:65:0b:70:83:e9:c8:fb:7f:5c:28:75:a7:1c:
09:a0:93:79:78:8b:b1:52:23:ea:c6:d9:4e:e8:44:9d:05:19:
ae:16:29:58:ee:23:e6:ca:a4:a4:f6:37:0b:b0:74:b9:a1:ed:
33:57:53:0d:44:9c:46:2b:bd:80:93:12:6b:93:52:86:13:46:
85:75:14:cc:92:59:f4:ff:81:6d:46:04:c0:7c:90:38:39:fa:
71:66:d9:7c:12:e4:c2:56:1c:7a:bd:26:23:c7:30:fa:d0:0f:
b3:e3:9b:4f:0f:1c:28:9c:33:50:a1:3f:db:4d:c6:f0:be:8d:
44:58:62:fb:a0:3c:cc:7d:6c:92:d1:7d:f4:a0:e2:97:81:6d:
92:14:f6:6d:b5:bc:0a:04:5f:06:14:4f:c2:3b:d1:4d:70:a2:
a1:6d:15:65:04:65:84:f9:a5:36:0a:3b:b8:8d:0f:50:7c:53:
46:f1:95:f4:43:63:fa:e0:ad:f0:2b:2f:9b:94:53:6d:93:0e:
47:47:6c:86:99:6e:bf:21:84:b5:46:81:0a:05:68:22:1b:21:
53:b0:75:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMNufbveIJ/AC1xl6XwaL8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4
YjM0ZGYwHhcNMjIwOTA1MTI1NzE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTZlYTgzZDk5ZTJhYTJlOWQwNjZmMzlkY2YyM2E2NWQ3MTM4MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEj7unwpm+lkJFBIcDdhTjER/2Ws
nexZEnDN7vcMT6EzsqBeTwyDlkjHClq3yfz1GNSdjaWtBi94FFvD5nrlEJ9RHMRO
M7thPP0USmfMWa0X3W7A2nDapNKEf8hC+Am0A+Xt1qw0VL0ozugK9gv2eMwz1bAR
YjK4QLaaG/gKY0JEEfZVwQcg3u3CdidttUft27qYefGTNuOJcMtLgdM0UQBOEVea
kRwgWOFYuk2bEyD29670pMVuM7pIauwHMM3cCTc1pvAzUFu1/6MymseOqZX/4MAp
z6KXgGCY8kiNpc65LCW0Gi6nd2IUjRaDghla1caAYUlGJrEh8vQAz34aSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAluqD2Z4qounQZvOdzyOmXXE4M6MB8GA1UdIwQY
MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt
YzJlZmViM2IzMmE1LzEvQ1c2b1BabmlxaTZkQm04NTNQSTZaZGNUZ3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1
LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAua4fMA0E
AgACMAcDBQMqBZvAMA0GCSqGSIb3DQEBCwUAA4IBAQBEwTbWuwS0MH8mTAtdWPqr
iPQFwPZhvvhCe4llMqxVCteZKQfA7Wmvo2ULcIPpyPt/XCh1pxwJoJN5eIuxUiPq
xtlO6ESdBRmuFilY7iPmyqSk9jcLsHS5oe0zV1MNRJxGK72AkxJrk1KGE0aFdRTM
kln0/4FtRgTAfJA4OfpxZtl8EuTCVhx6vSYjxzD60A+z45tPDxwonDNQoT/bTcbw
vo1EWGL7oDzMfWyS0X30oOKXgW2SFPZttbwKBF8GFE/CO9FNcKKhbRVlBGWE+aU2
Cju4jQ9QfFNG8ZX0Q2P64K3wKy+blFNtkw5HR2yGmW6/IYS1RoEKBWgiGyFTsHXu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:53 2025 by rpki-client