Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ac37c3-cc4f-4456-b958-e35909018a33/1/5nT9fgEf79jpnDiPbVW9EF_MYiI.roa
File: 5nT9fgEf79jpnDiPbVW9EF_MYiI.roa (raw, json)
Hash identifier: HQns5CKcad4ummriAYX/clb9eE25dY1ozhbdh+4JWy4=
Subject key identifier: E6:74:FD:7E:01:1F:EF:D8:E9:9C:38:8F:6D:55:BD:10:5F:CC:62:22
Certificate issuer: /CN=b3749ea1b9979bff2cd3066948f835dd54cedec0
Certificate serial: 01856D01C644DC26BBF542AF228965F0DC1E
Authority key identifier: B3:74:9E:A1:B9:97:9B:FF:2C:D3:06:69:48:F8:35:DD:54:CE:DE:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s3SeobmXm_8s0wZpSPg13VTO3sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/ac37c3-cc4f-4456-b958-e35909018a33/1/5nT9fgEf79jpnDiPbVW9EF_MYiI.roa
Signing time: Sun 01 Jan 2023 11:05:10 +0000
ROA not before: Sun 01 Jan 2023 11:05:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39591
IP address blocks: 185.181.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c6:44:dc:26:bb:f5:42:af:22:89:65:f0:dc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3749ea1b9979bff2cd3066948f835dd54cedec0
Validity
Not Before: Jan 1 11:05:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e674fd7e011fefd8e99c388f6d55bd105fcc6222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:77:cb:a6:b4:0f:fa:bf:60:ea:15:7a:3b:4f:
b8:1f:be:2c:9e:19:6f:86:5d:79:50:61:fa:60:64:
6e:b8:ce:32:41:ef:c7:1c:2e:f6:67:c6:e1:ac:47:
0a:b5:62:47:3a:4e:69:23:48:6b:e9:52:bf:76:65:
98:26:cd:86:dc:ef:27:6d:8e:6f:26:a6:36:d1:0f:
b9:bf:4a:4e:7f:d8:21:41:05:24:f3:7d:20:52:71:
28:63:1a:18:00:1d:c9:e2:e7:64:6f:65:15:e8:7b:
3f:07:8c:cd:d2:df:97:b9:71:e6:56:b9:6e:e5:4a:
3e:98:af:f2:b4:4b:86:7f:b8:1d:c6:86:41:15:ed:
21:1c:13:22:42:37:5d:11:39:1a:22:cb:c9:47:18:
f8:3a:85:d0:21:68:e7:93:9d:f6:79:44:8b:54:61:
2e:16:91:ce:d4:e4:ad:f0:f9:98:d9:49:a0:70:67:
ba:37:8f:71:73:68:30:92:89:5e:98:4e:1e:81:57:
4a:72:fb:18:18:74:e6:16:e8:11:a0:d9:a7:b0:53:
16:53:08:4e:ab:65:4c:22:c8:c3:0d:62:bc:40:03:
2f:79:ff:70:d4:e7:da:84:79:72:13:93:e3:b2:34:
f9:56:7d:93:0c:f2:a5:f5:fa:72:59:5a:8b:98:5e:
1b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:74:FD:7E:01:1F:EF:D8:E9:9C:38:8F:6D:55:BD:10:5F:CC:62:22
X509v3 Authority Key Identifier:
keyid:B3:74:9E:A1:B9:97:9B:FF:2C:D3:06:69:48:F8:35:DD:54:CE:DE:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3SeobmXm_8s0wZpSPg13VTO3sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ac37c3-cc4f-4456-b958-e35909018a33/1/5nT9fgEf79jpnDiPbVW9EF_MYiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ac37c3-cc4f-4456-b958-e35909018a33/1/s3SeobmXm_8s0wZpSPg13VTO3sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.140.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:7f:4b:cd:58:5a:19:ae:98:4d:19:7c:8e:8c:c6:f5:82:5d:
9d:36:cc:43:77:ab:1e:60:8a:db:1f:45:9d:4a:12:0e:cc:94:
e7:28:dc:cb:2a:45:7b:53:7d:38:94:9f:b0:46:40:a0:86:4e:
2d:96:1e:ba:1a:e2:75:1a:a7:af:a9:92:23:d4:25:eb:b1:06:
1d:c0:c9:15:ef:7a:fb:3e:7c:d4:68:32:1b:33:00:8a:29:c7:
e2:39:6f:5d:60:26:1c:56:2f:42:9f:b5:79:68:46:5a:aa:86:
14:dd:3d:fe:cf:f5:40:e3:6a:7d:2e:19:d9:6f:df:df:8a:80:
94:10:41:7c:fa:5c:07:e7:df:f4:bc:f7:be:d3:72:78:d1:08:
f4:2f:5b:1d:2a:e4:d5:ad:5a:f9:08:18:3d:d3:ea:36:73:7d:
e6:f8:05:fe:e0:86:ba:f2:ee:1c:3d:08:c2:f4:f1:57:c0:e2:
0b:6b:8b:d2:ab:cb:06:c0:21:a8:8c:7f:6e:a9:bf:a9:59:c7:
95:ed:5e:92:32:02:23:f7:79:15:22:55:27:85:94:3c:bd:27:
3f:ba:28:f0:0b:a3:2b:ea:c9:df:72:de:1d:67:0e:03:eb:40:
df:1c:02:9e:65:32:3c:98:fe:8f:52:29:5f:c8:b0:c5:ef:9e:
35:e2:f4:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAcZE3Ca79UKvIoll8NweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzQ5ZWExYjk5NzliZmYyY2QzMDY2OTQ4ZjgzNWRkNTRj
ZWRlYzAwHhcNMjMwMTAxMTEwNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjc0ZmQ3ZTAxMWZlZmQ4ZTk5YzM4OGY2ZDU1YmQxMDVmY2M2MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HfLprQP+r9g6hV6O0+4H74snhlv
hl15UGH6YGRuuM4yQe/HHC72Z8bhrEcKtWJHOk5pI0hr6VK/dmWYJs2G3O8nbY5v
JqY20Q+5v0pOf9ghQQUk830gUnEoYxoYAB3J4udkb2UV6Hs/B4zN0t+XuXHmVrlu
5Uo+mK/ytEuGf7gdxoZBFe0hHBMiQjddETkaIsvJRxj4OoXQIWjnk532eUSLVGEu
FpHO1OSt8PmY2UmgcGe6N49xc2gwkolemE4egVdKcvsYGHTmFugRoNmnsFMWUwhO
q2VMIsjDDWK8QAMvef9w1OfahHlyE5PjsjT5Vn2TDPKl9fpyWVqLmF4bYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZ0/X4BH+/Y6Zw4j21VvRBfzGIiMB8GA1UdIwQY
MBaAFLN0nqG5l5v/LNMGaUj4Nd1Uzt7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNTZW9ibVhtXzhzMHdacFNQZzEzVlRPM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hYzM3YzMtY2M0Zi00NDU2LWI5NTgt
ZTM1OTA5MDE4YTMzLzEvNW5UOWZnRWY3OWpwbkRpUGJWVzlFRl9NWWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hYzM3YzMtY2M0Zi00NDU2LWI5NTgtZTM1OTA5MDE4YTMz
LzEvczNTZW9ibVhtXzhzMHdacFNQZzEzVlRPM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubWMMA0G
CSqGSIb3DQEBCwUAA4IBAQBff0vNWFoZrphNGXyOjMb1gl2dNsxDd6seYIrbH0Wd
ShIOzJTnKNzLKkV7U304lJ+wRkCghk4tlh66GuJ1GqevqZIj1CXrsQYdwMkV73r7
PnzUaDIbMwCKKcfiOW9dYCYcVi9Cn7V5aEZaqoYU3T3+z/VA42p9LhnZb9/fioCU
EEF8+lwH59/0vPe+03J40Qj0L1sdKuTVrVr5CBg90+o2c33m+AX+4Ia68u4cPQjC
9PFXwOILa4vSq8sGwCGojH9uqb+pWceV7V6SMgIj93kVIlUnhZQ8vSc/uijwC6Mr
6snfct4dZw4D60DfHAKeZTI8mP6PUilfyLDF75414vSK
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:41:06 2025 by rpki-client