Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ede4c7-6150-4ed0-9d30-10de67121197/1/_36hJbwo7LeC9mpxpNxPl2BrZYM.roa
File: _36hJbwo7LeC9mpxpNxPl2BrZYM.roa (raw, json)
Hash identifier: TOvGKgaJIFjYTUZF6XzQuQedHUckLA03dERb1hGEWHE=
Subject key identifier: FF:7E:A1:25:BC:28:EC:B7:82:F6:6A:71:A4:DC:4F:97:60:6B:65:83
Certificate issuer: /CN=c272d4761240359acba8a337d3ac3a9397925a72
Certificate serial: 018572CCD8F0BA943F8AEB76EFDE3092D5F4
Authority key identifier: C2:72:D4:76:12:40:35:9A:CB:A8:A3:37:D3:AC:3A:93:97:92:5A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnLUdhJANZrLqKM306w6k5eSWnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/ede4c7-6150-4ed0-9d30-10de67121197/1/_36hJbwo7LeC9mpxpNxPl2BrZYM.roa
Signing time: Mon 02 Jan 2023 14:05:05 +0000
ROA not before: Mon 02 Jan 2023 14:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205982
IP address blocks: 185.200.108.0/24 maxlen: 32
185.200.108.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:d8:f0:ba:94:3f:8a:eb:76:ef:de:30:92:d5:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c272d4761240359acba8a337d3ac3a9397925a72
Validity
Not Before: Jan 2 14:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff7ea125bc28ecb782f66a71a4dc4f97606b6583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:69:ea:2c:ec:ca:73:fc:12:b5:d1:a9:fc:
a2:1e:15:5b:fe:6c:ac:ca:c9:4c:6d:5b:a7:e8:ba:
9e:be:9f:fa:84:0a:37:62:e9:2a:a2:23:ec:33:56:
10:b4:6c:00:0e:10:28:e0:e6:f1:bc:85:1a:ce:ab:
90:30:81:91:97:0e:1b:26:99:31:f5:d0:e5:41:54:
aa:9d:4f:47:4a:5d:83:71:06:c8:e8:5c:15:59:fa:
28:75:6e:2e:03:b4:41:37:e9:8e:b9:11:19:78:d4:
40:b5:3e:60:f4:79:29:73:ee:60:e2:91:68:d9:c2:
ba:17:23:7d:5d:7b:90:a1:3a:2d:4b:51:fe:ee:6b:
4d:1f:e3:57:d7:09:d7:62:0f:7c:4b:ac:fc:76:9a:
af:9c:d9:94:49:a1:e4:b6:55:c9:04:83:0e:1f:99:
aa:40:cd:04:e7:e7:40:15:4e:22:35:1e:bb:97:30:
64:c8:7b:10:63:11:bd:7e:1e:c2:5d:bf:32:05:68:
58:56:f5:51:31:f2:f5:53:c7:3e:31:c5:3b:70:b2:
02:52:2d:4d:ec:6e:f1:66:21:b1:29:8f:72:6b:2a:
92:ce:18:f6:2f:0a:7a:46:58:53:2a:85:df:6a:67:
57:79:bc:a3:d0:7b:5b:e8:d9:8e:37:35:e6:c0:87:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7E:A1:25:BC:28:EC:B7:82:F6:6A:71:A4:DC:4F:97:60:6B:65:83
X509v3 Authority Key Identifier:
keyid:C2:72:D4:76:12:40:35:9A:CB:A8:A3:37:D3:AC:3A:93:97:92:5A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnLUdhJANZrLqKM306w6k5eSWnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ede4c7-6150-4ed0-9d30-10de67121197/1/_36hJbwo7LeC9mpxpNxPl2BrZYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ede4c7-6150-4ed0-9d30-10de67121197/1/wnLUdhJANZrLqKM306w6k5eSWnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.108.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:4b:ab:ea:be:6d:94:b9:82:22:ee:59:0b:5b:ac:9e:a0:16:
cc:27:54:83:20:62:6a:72:06:db:32:c4:2d:2a:a7:6c:24:9a:
8e:12:28:35:90:e4:bb:66:24:6a:8a:7a:bd:4a:92:65:25:e4:
e7:18:28:a8:2c:eb:d9:4b:54:f1:56:42:10:6e:de:2a:eb:b8:
61:0d:2d:f2:0c:90:0c:57:00:d9:2a:8a:18:bc:33:26:a0:01:
de:a9:bd:54:0b:42:06:2d:f7:14:37:61:5a:58:e1:f4:de:58:
34:c9:04:a9:a3:b4:0a:50:ac:35:0a:b3:79:ee:30:f8:6b:db:
80:da:12:2b:9b:4d:67:ef:da:e0:fb:6b:71:8f:8c:69:8e:e2:
ee:52:c5:8f:cd:7c:f6:97:d8:8c:ff:65:d2:45:42:0d:a6:8b:
54:3b:eb:02:05:53:02:18:46:57:d6:83:b6:c6:ea:59:62:8e:
f4:c7:a9:de:82:be:6e:5e:77:94:3d:61:ef:bd:12:2b:b3:d8:
cc:39:58:26:82:fe:b1:83:cd:e3:49:37:92:e3:49:5a:e3:e3:
be:0c:29:bc:65:db:03:d8:df:d2:ab:33:a6:b2:8c:bc:a7:4a:
ff:9e:45:3a:30:02:22:fb:88:90:a4:f0:1c:69:f3:15:85:c3:
e3:e1:e1:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzNjwupQ/iut2794wktX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzJkNDc2MTI0MDM1OWFjYmE4YTMzN2QzYWMzYTkzOTc5
MjVhNzIwHhcNMjMwMTAyMTQwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjdlYTEyNWJjMjhlY2I3ODJmNjZhNzFhNGRjNGY5NzYwNmI2NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKVp6izsynP8ErXRqfyiHhVb/mys
yslMbVun6Lqevp/6hAo3YukqoiPsM1YQtGwADhAo4ObxvIUazquQMIGRlw4bJpkx
9dDlQVSqnU9HSl2DcQbI6FwVWfoodW4uA7RBN+mOuREZeNRAtT5g9Hkpc+5g4pFo
2cK6FyN9XXuQoTotS1H+7mtNH+NX1wnXYg98S6z8dpqvnNmUSaHktlXJBIMOH5mq
QM0E5+dAFU4iNR67lzBkyHsQYxG9fh7CXb8yBWhYVvVRMfL1U8c+McU7cLICUi1N
7G7xZiGxKY9yayqSzhj2Lwp6RlhTKoXfamdXebyj0Htb6NmONzXmwIdAJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9+oSW8KOy3gvZqcaTcT5dga2WDMB8GA1UdIwQY
MBaAFMJy1HYSQDWay6ijN9OsOpOXklpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25MVWRoSkFOWnJMcUtNMzA2dzZrNWVTV25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lZGU0YzctNjE1MC00ZWQwLTlkMzAt
MTBkZTY3MTIxMTk3LzEvXzM2aEpid283TGVDOW1weHBOeFBsMkJyWllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lZGU0YzctNjE1MC00ZWQwLTlkMzAtMTBkZTY3MTIxMTk3
LzEvd25MVWRoSkFOWnJMcUtNMzA2dzZrNWVTV25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuchsMA0G
CSqGSIb3DQEBCwUAA4IBAQAuS6vqvm2UuYIi7lkLW6yeoBbMJ1SDIGJqcgbbMsQt
KqdsJJqOEig1kOS7ZiRqinq9SpJlJeTnGCioLOvZS1TxVkIQbt4q67hhDS3yDJAM
VwDZKooYvDMmoAHeqb1UC0IGLfcUN2FaWOH03lg0yQSpo7QKUKw1CrN57jD4a9uA
2hIrm01n79rg+2txj4xpjuLuUsWPzXz2l9iM/2XSRUINpotUO+sCBVMCGEZX1oO2
xupZYo70x6negr5uXneUPWHvvRIrs9jMOVgmgv6xg83jSTeS40la4+O+DCm8ZdsD
2N/SqzOmsoy8p0r/nkU6MAIi+4iQpPAcafMVhcPj4eGa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:56 2025 by rpki-client