Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/rO0NG74qs04tvGLi7pMwF4WbS7o.roa
File: rO0NG74qs04tvGLi7pMwF4WbS7o.roa (raw, json)
Hash identifier: 2VQaH2g544ioduQLKIqFizWY6lHaLxsgBD21GRc9s8s=
Subject key identifier: AC:ED:0D:1B:BE:2A:B3:4E:2D:BC:62:E2:EE:93:30:17:85:9B:4B:BA
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 018BAC9AF40B5A732C4DBE081931B5EEF3C6
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/rO0NG74qs04tvGLi7pMwF4WbS7o.roa
Signing time: Wed 08 Nov 2023 01:45:17 +0000
ROA not before: Wed 08 Nov 2023 01:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31486
IP address blocks: 185.96.170.0/24 maxlen: 24
2a06:9140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ac:9a:f4:0b:5a:73:2c:4d:be:08:19:31:b5:ee:f3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Nov 8 01:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aced0d1bbe2ab34e2dbc62e2ee933017859b4bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d4:23:19:78:1c:4f:a6:f5:2f:ba:02:a7:c9:
cf:23:e3:c8:29:2d:5c:33:34:53:28:ed:18:00:44:
0c:98:ab:1f:c4:43:56:0a:dc:a5:74:01:e2:61:6c:
11:a7:5f:9d:22:52:4c:24:94:7b:ad:2a:1a:8a:0d:
71:71:6f:11:9e:6f:13:c9:52:1f:ef:2f:3d:48:c9:
25:32:83:88:87:db:fc:e7:55:4a:d8:67:5f:94:81:
b4:96:a6:0e:05:5f:b1:0d:d2:e3:14:e6:f4:5b:39:
04:78:fd:9f:ae:68:ee:bf:19:74:2f:cf:fb:1e:c2:
fe:53:a0:70:0b:f9:f4:de:25:b1:fa:92:cf:39:2d:
91:fa:3f:38:8c:71:93:94:fe:a3:48:c3:51:03:7b:
32:79:b9:16:17:a0:4c:58:53:73:d8:7f:f0:1b:75:
89:7b:22:f0:25:88:f6:d6:6c:79:da:6d:e6:3a:d8:
07:b5:6b:59:68:8e:9b:d1:37:4f:ba:37:d0:39:a3:
15:c2:a3:90:b5:d5:66:63:4c:2f:9f:a5:4d:5b:f0:
19:61:ea:ab:9b:b6:af:51:f8:30:0d:87:9b:19:41:
61:9f:b2:0c:60:86:72:61:39:33:00:2c:0f:b6:0f:
15:77:c7:37:cd:3d:20:ef:ad:d9:f2:37:9e:1e:9b:
f3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:ED:0D:1B:BE:2A:B3:4E:2D:BC:62:E2:EE:93:30:17:85:9B:4B:BA
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/rO0NG74qs04tvGLi7pMwF4WbS7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.170.0/24
IPv6:
2a06:9140::/29
Signature Algorithm: sha256WithRSAEncryption
0b:19:d5:6e:52:de:7e:5e:83:62:d1:96:19:0c:6a:0b:26:d1:
a7:73:fe:2f:81:00:13:8a:bb:0c:26:96:d7:35:f1:18:b9:08:
55:1e:31:e0:4b:3c:ba:cf:0d:42:46:d7:50:2c:ba:8d:a0:76:
9c:0f:b7:eb:b7:b2:f2:3f:95:a2:65:fb:8d:7d:8b:b6:67:9e:
bc:0b:48:73:22:03:4b:95:e8:66:4b:89:1c:22:6b:9f:af:b7:
55:23:f7:0a:15:bf:eb:d7:56:19:3c:3c:56:c8:d0:f5:75:ff:
4e:0f:41:87:ee:df:8a:24:a7:bd:10:21:77:af:88:c0:13:59:
a4:de:e9:7f:61:db:10:e4:2c:16:03:f7:0f:1d:7a:35:2c:b7:
33:a6:c1:92:8c:d9:97:5f:2a:5e:72:0d:db:26:bb:34:35:d3:
ef:52:a7:a7:08:f4:9c:a4:5e:73:5b:c3:81:e7:0f:b7:72:08:
a6:3e:e1:3a:ab:1a:02:db:e5:8f:59:c4:52:3d:75:54:c4:dc:
11:1d:fd:3a:78:22:e0:27:c8:bd:0d:c4:0b:f2:f7:a1:97:79:
6f:1b:e1:6c:a6:4a:60:30:c6:5e:8a:dc:dd:7c:4c:eb:65:91:
11:75:de:04:23:ac:fd:c5:5a:40:8d:a4:84:d6:56:2d:30:35:
99:5a:39:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYusmvQLWnMsTb4IGTG17vPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjMxMTA4MDE0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2VkMGQxYmJlMmFiMzRlMmRiYzYyZTJlZTkzMzAxNzg1OWI0YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdQjGXgcT6b1L7oCp8nPI+PIKS1c
MzRTKO0YAEQMmKsfxENWCtyldAHiYWwRp1+dIlJMJJR7rSoaig1xcW8Rnm8TyVIf
7y89SMklMoOIh9v851VK2GdflIG0lqYOBV+xDdLjFOb0WzkEeP2frmjuvxl0L8/7
HsL+U6BwC/n03iWx+pLPOS2R+j84jHGTlP6jSMNRA3syebkWF6BMWFNz2H/wG3WJ
eyLwJYj21mx52m3mOtgHtWtZaI6b0TdPujfQOaMVwqOQtdVmY0wvn6VNW/AZYeqr
m7avUfgwDYebGUFhn7IMYIZyYTkzACwPtg8Vd8c3zT0g763Z8jeeHpvzvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKztDRu+KrNOLbxi4u6TMBeFm0u6MB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvck8wTkc3NHFzMDR0dkdMaTdwTXdGNFdiUzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWCqMA0E
AgACMAcDBQMqBpFAMA0GCSqGSIb3DQEBCwUAA4IBAQALGdVuUt5+XoNi0ZYZDGoL
JtGnc/4vgQATirsMJpbXNfEYuQhVHjHgSzy6zw1CRtdQLLqNoHacD7frt7LyP5Wi
ZfuNfYu2Z568C0hzIgNLlehmS4kcImufr7dVI/cKFb/r11YZPDxWyND1df9OD0GH
7t+KJKe9ECF3r4jAE1mk3ul/YdsQ5CwWA/cPHXo1LLczpsGSjNmXXypecg3bJrs0
NdPvUqenCPScpF5zW8OB5w+3cgimPuE6qxoC2+WPWcRSPXVUxNwRHf06eCLgJ8i9
DcQL8vehl3lvG+FspkpgMMZeitzdfEzrZZERdd4EI6z9xVpAjaSE1lYtMDWZWjly
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:40:29 2025 by rpki-client