Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba3577-ccb3-4ea6-8368-7458608f8d99/1/3Fk9JdVBoEyz3QVubOJmxjbicIs.roa
File: 3Fk9JdVBoEyz3QVubOJmxjbicIs.roa (raw, json)
Hash identifier: hRbjscOXIdHPcJ+/tKEeL1v4b0jP/cpGJ5Lnxxla95s=
Subject key identifier: DC:59:3D:25:D5:41:A0:4C:B3:DD:05:6E:6C:E2:66:C6:36:E2:70:8B
Certificate issuer: /CN=9ea1e7e2f8f317759f3468fd815bf14eb36e21c8
Certificate serial: 01856D662B426D48D570D33EACD85135B71C
Authority key identifier: 9E:A1:E7:E2:F8:F3:17:75:9F:34:68:FD:81:5B:F1:4E:B3:6E:21:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nqHn4vjzF3WfNGj9gVvxTrNuIcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba3577-ccb3-4ea6-8368-7458608f8d99/1/3Fk9JdVBoEyz3QVubOJmxjbicIs.roa
Signing time: Sun 01 Jan 2023 12:54:50 +0000
ROA not before: Sun 01 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199356
IP address blocks: 185.18.68.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:2b:42:6d:48:d5:70:d3:3e:ac:d8:51:35:b7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ea1e7e2f8f317759f3468fd815bf14eb36e21c8
Validity
Not Before: Jan 1 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc593d25d541a04cb3dd056e6ce266c636e2708b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:95:c9:6f:e0:06:4e:58:b9:8e:29:f6:84:a3:
8d:f5:f1:f7:9f:7e:de:11:f3:73:22:7b:eb:8d:7c:
45:8b:b3:03:2f:c7:3e:bb:3b:c3:53:10:ae:2e:41:
01:dd:8f:00:5a:c0:82:cd:35:a6:57:5f:f2:3b:d5:
22:8c:b9:7c:c2:5b:31:af:18:b2:35:d1:75:8e:e7:
3e:f5:d5:47:be:07:ba:56:2e:15:92:f7:35:b8:0c:
49:70:0e:10:5c:6b:d6:34:ec:9e:66:3f:2c:db:58:
b5:17:f2:79:b6:a2:7c:ba:c8:7a:7d:2d:c9:e3:e0:
ef:bd:be:1d:19:ab:c3:d2:ec:62:ee:36:90:5e:26:
2b:8b:05:b7:61:77:6d:f6:7d:89:d8:a3:37:0e:8a:
95:54:63:ae:f8:54:bc:a9:04:b9:9f:09:18:e4:92:
65:f9:66:94:67:b2:fa:f6:c6:10:73:1a:09:ad:d1:
1b:d7:91:a3:85:ab:92:ce:45:20:e9:cf:66:f7:66:
e9:04:e8:c2:0f:e0:8a:bb:6f:e9:5b:72:37:a1:64:
67:46:dc:6b:2b:2d:de:ea:d2:5d:f5:86:ee:60:80:
9a:73:3c:02:7d:07:e9:98:20:60:14:06:42:0a:5d:
5f:84:94:54:41:8f:43:81:a2:0c:e5:1d:da:ac:78:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:59:3D:25:D5:41:A0:4C:B3:DD:05:6E:6C:E2:66:C6:36:E2:70:8B
X509v3 Authority Key Identifier:
keyid:9E:A1:E7:E2:F8:F3:17:75:9F:34:68:FD:81:5B:F1:4E:B3:6E:21:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nqHn4vjzF3WfNGj9gVvxTrNuIcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba3577-ccb3-4ea6-8368-7458608f8d99/1/3Fk9JdVBoEyz3QVubOJmxjbicIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba3577-ccb3-4ea6-8368-7458608f8d99/1/nqHn4vjzF3WfNGj9gVvxTrNuIcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.68.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:a8:ea:a6:49:fb:f0:2d:8b:46:03:af:ed:53:7e:75:03:77:
b3:6f:1b:b4:a6:fc:26:c3:b1:34:b1:04:55:62:d3:8c:94:ff:
fe:75:7f:be:01:4e:f7:d5:99:e7:df:0d:a4:35:4f:24:7d:75:
c4:46:e0:ba:98:c4:dd:d8:77:0e:bc:56:06:c4:8c:d9:5b:9c:
41:c0:6a:dd:be:09:05:5d:f6:81:42:c8:57:1c:30:2f:24:6f:
3f:8d:43:52:d4:95:3e:23:8d:4b:8f:f7:64:ef:42:f0:4e:e4:
9b:37:23:c9:2c:ac:f6:e4:68:16:0b:32:cb:d3:88:8c:2e:f8:
a9:03:a2:4d:56:ad:f6:a0:6d:ad:39:7c:c1:7c:74:d6:fb:39:
8c:4c:15:79:5b:0e:4a:e3:93:f2:90:37:00:d1:b9:b8:20:ec:
b4:03:98:0d:84:ca:17:b6:38:6e:91:f7:4a:16:6c:e8:cd:9e:
aa:32:dc:b7:05:9d:e2:87:6a:a6:34:86:d8:9e:59:ab:35:ea:
34:e9:0b:09:e3:ac:eb:2b:94:37:93:46:d3:5d:1e:33:c6:ce:
df:8f:d1:d2:48:2c:06:68:6c:4d:71:0f:3f:42:23:23:d2:ae:
f3:08:68:27:2b:11:f2:9a:7b:b3:65:30:90:e7:26:d2:b5:88:
aa:d9:74:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZitCbUjVcNM+rNhRNbccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYTFlN2UyZjhmMzE3NzU5ZjM0NjhmZDgxNWJmMTRlYjM2
ZTIxYzgwHhcNMjMwMTAxMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU5M2QyNWQ1NDFhMDRjYjNkZDA1NmU2Y2UyNjZjNjM2ZTI3MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJXJb+AGTli5jin2hKON9fH3n37e
EfNzInvrjXxFi7MDL8c+uzvDUxCuLkEB3Y8AWsCCzTWmV1/yO9UijLl8wlsxrxiy
NdF1juc+9dVHvge6Vi4Vkvc1uAxJcA4QXGvWNOyeZj8s21i1F/J5tqJ8ush6fS3J
4+Dvvb4dGavD0uxi7jaQXiYriwW3YXdt9n2J2KM3DoqVVGOu+FS8qQS5nwkY5JJl
+WaUZ7L69sYQcxoJrdEb15GjhauSzkUg6c9m92bpBOjCD+CKu2/pW3I3oWRnRtxr
Ky3e6tJd9YbuYICaczwCfQfpmCBgFAZCCl1fhJRUQY9DgaIM5R3arHho2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxZPSXVQaBMs90FbmziZsY24nCLMB8GA1UdIwQY
MBaAFJ6h5+L48xd1nzRo/YFb8U6zbiHIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnFIbjR2anpGM1dmTkdqOWdWdnhUck51SWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTM1NzctY2NiMy00ZWE2LTgzNjgt
NzQ1ODYwOGY4ZDk5LzEvM0ZrOUpkVkJvRXl6M1FWdWJPSm14amJpY0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTM1NzctY2NiMy00ZWE2LTgzNjgtNzQ1ODYwOGY4ZDk5
LzEvbnFIbjR2anpGM1dmTkdqOWdWdnhUck51SWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRJEMA0G
CSqGSIb3DQEBCwUAA4IBAQBvqOqmSfvwLYtGA6/tU351A3ezbxu0pvwmw7E0sQRV
YtOMlP/+dX++AU731Znn3w2kNU8kfXXERuC6mMTd2HcOvFYGxIzZW5xBwGrdvgkF
XfaBQshXHDAvJG8/jUNS1JU+I41Lj/dk70LwTuSbNyPJLKz25GgWCzLL04iMLvip
A6JNVq32oG2tOXzBfHTW+zmMTBV5Ww5K45PykDcA0bm4IOy0A5gNhMoXtjhukfdK
FmzozZ6qMty3BZ3ih2qmNIbYnlmrNeo06QsJ46zrK5Q3k0bTXR4zxs7fj9HSSCwG
aGxNcQ8/QiMj0q7zCGgnKxHymnuzZTCQ5ybStYiq2XTp
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:43:36 2025 by rpki-client