Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/4JbhbN3-2jMVMgMBFCzlNhbO_6I.roa
File: 4JbhbN3-2jMVMgMBFCzlNhbO_6I.roa (raw, json)
Hash identifier: LIFlb3TC2PfFPtJvrsqyxn7zmoUXLW2LxIbjBuXmB58=
Subject key identifier: E0:96:E1:6C:DD:FE:DA:33:15:32:03:01:14:2C:E5:36:16:CE:FF:A2
Certificate issuer: /CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Certificate serial: 01857230F93610DC3834A5940CF092C3B749
Authority key identifier: 43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/4JbhbN3-2jMVMgMBFCzlNhbO_6I.roa
Signing time: Mon 02 Jan 2023 11:14:50 +0000
ROA not before: Mon 02 Jan 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199244
IP address blocks: 185.3.192.0/22 maxlen: 22
2a02:5f40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:f9:36:10:dc:38:34:a5:94:0c:f0:92:c3:b7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Validity
Not Before: Jan 2 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e096e16cddfeda3315320301142ce53616ceffa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:f2:eb:93:f2:c2:22:ba:50:93:d3:08:5a:b7:
66:f0:56:cf:34:0d:8c:24:2d:bd:20:e6:8f:42:cd:
7c:b7:2d:bd:5c:eb:de:59:5a:a4:e7:b2:b5:e5:30:
9e:c8:22:43:42:be:f2:c3:58:d0:70:59:ce:d7:5d:
5a:ec:e1:e9:e2:67:d9:86:15:f8:8e:d3:dd:19:b6:
04:0a:bc:63:75:4a:b3:ed:02:16:4e:1a:a0:5b:16:
74:c6:be:9e:96:05:84:d5:4f:ef:d8:58:cd:29:b9:
e4:22:fa:f6:60:69:97:37:b6:c1:0e:ad:d1:57:0d:
06:78:5f:d1:40:5a:5f:8c:af:20:80:d9:ac:b4:13:
cc:ab:4e:c9:02:1c:45:45:98:61:7d:be:b1:ef:1f:
aa:5c:ae:45:07:2a:99:6a:f9:ae:06:ed:b5:b7:e1:
0e:1b:5b:11:d8:48:56:76:0f:62:af:fb:f9:49:d3:
7c:bb:11:d7:9f:1d:ef:f1:df:44:25:0a:e4:9e:db:
c2:7e:b4:b4:d8:a5:9e:f0:dd:71:ee:a3:db:ef:6a:
f8:25:be:af:73:ee:f8:00:24:43:90:09:ed:03:a1:
89:2a:b0:65:87:73:45:00:50:e4:7d:fb:08:f3:e8:
e2:8b:e6:37:9a:d0:74:9f:4e:f8:61:03:18:1b:f0:
b4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:96:E1:6C:DD:FE:DA:33:15:32:03:01:14:2C:E5:36:16:CE:FF:A2
X509v3 Authority Key Identifier:
keyid:43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/4JbhbN3-2jMVMgMBFCzlNhbO_6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.192.0/22
IPv6:
2a02:5f40::/32
Signature Algorithm: sha256WithRSAEncryption
68:f6:9a:18:5b:ee:f8:f6:bc:b4:29:90:d5:fc:5e:c4:04:0a:
c7:75:f9:94:cb:8e:1e:4e:39:ad:1c:5e:73:62:c0:b9:db:2b:
dd:97:df:06:ce:a5:a9:0d:b3:d5:22:81:d6:f7:53:0e:b6:f0:
c1:d8:33:44:c5:18:e2:6a:ad:eb:cb:85:75:d9:20:3f:12:10:
85:52:f9:9c:6a:e8:e9:b5:93:97:a7:43:a7:33:82:b8:37:0a:
83:45:7f:bb:31:93:c4:be:24:6c:c3:d4:2b:1f:cf:a2:88:e2:
07:6f:7f:9d:36:d9:c0:e3:dc:4a:86:ce:a3:11:99:72:12:3d:
b4:cc:e4:e3:14:d4:39:39:12:e7:5c:fa:d5:a1:b7:54:c3:42:
d6:70:48:4d:c5:4d:7c:41:83:3b:c5:1c:5d:9f:6e:89:74:9b:
6f:3e:70:db:a5:37:8f:66:51:f5:ed:80:c4:e2:13:5f:78:15:
c9:8d:89:a0:46:d1:04:22:2b:e9:5d:1b:cf:50:d0:c5:98:03:
10:21:d5:ae:13:68:44:5c:93:31:3e:b0:4a:12:20:12:5e:95:
f1:78:bf:b1:02:52:df:1f:eb:ff:a1:10:6c:ec:15:91:6b:33:
37:c0:b3:07:94:d9:ef:2f:ac:36:d8:17:ff:79:ac:08:45:34:
99:aa:f6:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyMPk2ENw4NKWUDPCSw7dJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDQyMWNmNmEwMmIzOGFmNWI2YmJjYTZkYmQzNzY0NDQ4
YjZjYjcwHhcNMjMwMTAyMTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDk2ZTE2Y2RkZmVkYTMzMTUzMjAzMDExNDJjZTUzNjE2Y2VmZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8PLrk/LCIrpQk9MIWrdm8FbPNA2M
JC29IOaPQs18ty29XOveWVqk57K15TCeyCJDQr7yw1jQcFnO111a7OHp4mfZhhX4
jtPdGbYECrxjdUqz7QIWThqgWxZ0xr6elgWE1U/v2FjNKbnkIvr2YGmXN7bBDq3R
Vw0GeF/RQFpfjK8ggNmstBPMq07JAhxFRZhhfb6x7x+qXK5FByqZavmuBu21t+EO
G1sR2EhWdg9ir/v5SdN8uxHXnx3v8d9EJQrkntvCfrS02KWe8N1x7qPb72r4Jb6v
c+74ACRDkAntA6GJKrBlh3NFAFDkffsI8+jii+Y3mtB0n074YQMYG/C0bQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOCW4Wzd/tozFTIDARQs5TYWzv+iMB8GA1UdIwQY
MBaAFENEIc9qArOK9ba7ym29N2REi2y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDkt
NTM5YjMyOWY5OTVjLzEvNEpiaGJOMy0yak1WTWdNQkZDemxOaGJPXzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDktNTM5YjMyOWY5OTVj
LzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQPAMA0E
AgACMAcDBQAqAl9AMA0GCSqGSIb3DQEBCwUAA4IBAQBo9poYW+749ry0KZDV/F7E
BArHdfmUy44eTjmtHF5zYsC52yvdl98GzqWpDbPVIoHW91MOtvDB2DNExRjiaq3r
y4V12SA/EhCFUvmcaujptZOXp0OnM4K4NwqDRX+7MZPEviRsw9QrH8+iiOIHb3+d
NtnA49xKhs6jEZlyEj20zOTjFNQ5ORLnXPrVobdUw0LWcEhNxU18QYM7xRxdn26J
dJtvPnDbpTePZlH17YDE4hNfeBXJjYmgRtEEIivpXRvPUNDFmAMQIdWuE2hEXJMx
PrBKEiASXpXxeL+xAlLfH+v/oRBs7BWRazM3wLMHlNnvL6w22Bf/eawIRTSZqvYw
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:44 2025 by rpki-client