Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/tdD_SGI8ma8knFDow3rliZTRcu0.roa
File: tdD_SGI8ma8knFDow3rliZTRcu0.roa (raw, json)
Hash identifier: M32StIK9+olODKC8/gmjy5LqeHRxcmOaG8sok/ErBoU=
Subject key identifier: B5:D0:FF:48:62:3C:99:AF:24:9C:50:E8:C3:7A:E5:89:94:D1:72:ED
Certificate issuer: /CN=db9b939d7bca13b6d8ccf4d8e78676f3807a0ece
Certificate serial: 01856F70004D4F80955EC25C7129A1AA2380
Authority key identifier: DB:9B:93:9D:7B:CA:13:B6:D8:CC:F4:D8:E7:86:76:F3:80:7A:0E:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25uTnXvKE7bYzPTY54Z284B6Ds4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/tdD_SGI8ma8knFDow3rliZTRcu0.roa
Signing time: Sun 01 Jan 2023 22:24:49 +0000
ROA not before: Sun 01 Jan 2023 22:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59989
IP address blocks: 185.97.94.0/24 maxlen: 24
185.97.93.0/24 maxlen: 24
185.97.92.0/24 maxlen: 24
185.97.95.0/24 maxlen: 24
185.97.92.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:70:00:4d:4f:80:95:5e:c2:5c:71:29:a1:aa:23:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9b939d7bca13b6d8ccf4d8e78676f3807a0ece
Validity
Not Before: Jan 1 22:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5d0ff48623c99af249c50e8c37ae58994d172ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:53:f2:0c:b7:8b:1a:60:d9:94:6b:bb:5f:a9:
50:00:16:c1:c6:bb:bd:3b:2f:96:5b:fe:52:68:15:
9b:c1:f7:61:8f:0f:b6:e0:80:9e:38:e0:8b:3f:fd:
dd:ae:72:c3:71:65:45:84:97:af:15:1d:68:e6:1b:
8f:67:96:1a:f6:19:b2:0e:59:3e:ec:72:d9:bb:00:
43:55:67:6e:17:31:ed:cd:59:fe:6d:76:cd:f6:12:
85:e1:cd:2a:2e:ce:12:25:35:09:4f:2d:4b:ec:31:
20:23:70:22:0c:ae:4a:7e:d3:9c:e6:0f:eb:53:a5:
39:6d:04:30:3d:c7:48:0e:60:6f:cf:5c:48:6e:58:
7e:c9:1f:2a:6e:56:96:a3:35:6e:9a:e7:f8:65:7b:
a9:7f:05:73:c6:ec:50:7e:94:87:73:23:cf:3a:5d:
db:6e:72:04:79:bb:02:1b:e2:5a:6a:ed:3e:bb:d3:
f8:cf:da:28:66:d1:5d:f5:c4:36:76:83:61:02:c4:
07:5e:06:fb:2d:ee:c2:96:44:eb:f4:d8:5f:33:b7:
4a:89:00:25:33:a0:4e:96:6f:6c:76:16:6e:b9:8b:
df:87:a9:ff:ed:57:39:08:61:39:2e:94:39:e4:f8:
1c:72:71:91:06:3f:30:c4:c7:e2:67:44:43:74:ac:
f1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D0:FF:48:62:3C:99:AF:24:9C:50:E8:C3:7A:E5:89:94:D1:72:ED
X509v3 Authority Key Identifier:
keyid:DB:9B:93:9D:7B:CA:13:B6:D8:CC:F4:D8:E7:86:76:F3:80:7A:0E:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25uTnXvKE7bYzPTY54Z284B6Ds4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/tdD_SGI8ma8knFDow3rliZTRcu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/25uTnXvKE7bYzPTY54Z284B6Ds4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:68:38:bd:77:b1:76:fa:2f:96:ac:4a:3f:79:c6:fc:12:8a:
ba:db:2b:49:4f:38:e9:fd:ac:1e:11:ef:04:e3:6f:a8:26:d5:
4f:b8:4d:85:12:f5:a7:ee:93:42:c7:ea:86:26:59:9a:5b:29:
b4:31:0e:eb:d1:05:a4:37:12:bb:e9:15:78:01:cd:48:ce:53:
6b:bf:c5:ea:4e:63:b6:95:2a:bb:d5:11:02:16:6f:5b:b9:2c:
58:a5:f4:7d:70:dd:c4:58:1e:a8:02:29:0b:39:88:22:e5:ef:
5c:fe:80:f8:79:ba:7a:73:42:76:65:ad:f5:f2:9b:a9:e4:a5:
91:68:55:09:60:ee:d7:0b:e3:5f:5e:95:66:b5:64:ea:37:df:
bc:0d:aa:59:64:dc:92:84:c1:3a:59:38:87:bc:9d:a4:62:f4:
1b:90:9a:e9:bf:46:01:3e:63:de:42:55:ba:2d:f2:a4:c8:2b:
e3:61:b1:c5:ef:20:97:c1:79:fe:8e:2f:b1:5a:8d:cb:1a:5f:
f0:57:9c:f5:ce:24:a6:29:59:f7:20:cf:7d:35:61:a2:3f:90:
b1:94:5d:bb:85:15:19:ba:9e:cc:a4:7a:9c:08:9f:a6:f9:38:
a5:0b:7f:9a:20:81:23:e5:b6:30:b5:16:84:62:01:0d:eb:87:
45:6f:5b:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvcABNT4CVXsJccSmhqiOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWI5MzlkN2JjYTEzYjZkOGNjZjRkOGU3ODY3NmYzODA3
YTBlY2UwHhcNMjMwMTAxMjIyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQwZmY0ODYyM2M5OWFmMjQ5YzUwZThjMzdhZTU4OTk0ZDE3MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFPyDLeLGmDZlGu7X6lQABbBxru9
Oy+WW/5SaBWbwfdhjw+24ICeOOCLP/3drnLDcWVFhJevFR1o5huPZ5Ya9hmyDlk+
7HLZuwBDVWduFzHtzVn+bXbN9hKF4c0qLs4SJTUJTy1L7DEgI3AiDK5KftOc5g/r
U6U5bQQwPcdIDmBvz1xIblh+yR8qblaWozVumuf4ZXupfwVzxuxQfpSHcyPPOl3b
bnIEebsCG+Jaau0+u9P4z9ooZtFd9cQ2doNhAsQHXgb7Le7ClkTr9NhfM7dKiQAl
M6BOlm9sdhZuuYvfh6n/7Vc5CGE5LpQ55PgccnGRBj8wxMfiZ0RDdKzxDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXQ/0hiPJmvJJxQ6MN65YmU0XLtMB8GA1UdIwQY
MBaAFNubk517yhO22Mz02OeGdvOAeg7OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjV1VG5YdktFN2JZelBUWTU0WjI4NEI2RHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS85MzgzMzAtY2NkOC00ZTdhLTgyMWMt
YTY5YzViYzdlZDU3LzEvdGREX1NHSThtYThrbkZEb3czcmxpWlRSY3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS85MzgzMzAtY2NkOC00ZTdhLTgyMWMtYTY5YzViYzdlZDU3
LzEvMjV1VG5YdktFN2JZelBUWTU0WjI4NEI2RHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWFcMA0G
CSqGSIb3DQEBCwUAA4IBAQAKaDi9d7F2+i+WrEo/ecb8Eoq62ytJTzjp/aweEe8E
42+oJtVPuE2FEvWn7pNCx+qGJlmaWym0MQ7r0QWkNxK76RV4Ac1IzlNrv8XqTmO2
lSq71RECFm9buSxYpfR9cN3EWB6oAikLOYgi5e9c/oD4ebp6c0J2Za318pup5KWR
aFUJYO7XC+NfXpVmtWTqN9+8DapZZNyShME6WTiHvJ2kYvQbkJrpv0YBPmPeQlW6
LfKkyCvjYbHF7yCXwXn+ji+xWo3LGl/wV5z1ziSmKVn3IM99NWGiP5CxlF27hRUZ
up7MpHqcCJ+m+TilC3+aIIEj5bYwtRaEYgEN64dFb1tJ
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:25:04 2025 by rpki-client