Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/6cea37-d270-4d1c-a937-24c3d9e25401/1/mkgeUh21otCnkuHaSp89Lpntw9Y.roa
File: mkgeUh21otCnkuHaSp89Lpntw9Y.roa (raw, json)
Hash identifier: Rxa/65m4ts9jSg6cfSSQwozUTph3+mMjZVEAcG2p/BQ=
Subject key identifier: 9A:48:1E:52:1D:B5:A2:D0:A7:92:E1:DA:4A:9F:3D:2E:99:ED:C3:D6
Certificate issuer: /CN=7d7cb2978bb54eb557cae3ffb35e46ac4d5c22bf
Certificate serial: 01856D0ABDC7606B8864971BCC8A00BE8E28
Authority key identifier: 7D:7C:B2:97:8B:B5:4E:B5:57:CA:E3:FF:B3:5E:46:AC:4D:5C:22:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXyyl4u1TrVXyuP_s15GrE1cIr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/6cea37-d270-4d1c-a937-24c3d9e25401/1/mkgeUh21otCnkuHaSp89Lpntw9Y.roa
Signing time: Sun 01 Jan 2023 11:14:58 +0000
ROA not before: Sun 01 Jan 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51938
IP address blocks: 185.54.96.0/22 maxlen: 22
185.54.98.0/24 maxlen: 24
185.54.96.0/24 maxlen: 24
185.54.97.0/24 maxlen: 24
185.54.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:bd:c7:60:6b:88:64:97:1b:cc:8a:00:be:8e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7cb2978bb54eb557cae3ffb35e46ac4d5c22bf
Validity
Not Before: Jan 1 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a481e521db5a2d0a792e1da4a9f3d2e99edc3d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:65:a4:ea:6b:d0:8e:5c:e9:c6:53:52:2e:4e:
57:bd:aa:b6:97:09:8c:a2:14:40:45:c6:86:10:a6:
2e:ad:06:f4:70:5f:19:05:d6:c4:57:00:a0:62:cc:
11:60:ed:f1:94:b2:f2:f0:9c:81:e8:ff:1f:24:5d:
5f:09:bc:87:71:91:ca:04:bc:f3:0e:7d:86:fb:93:
07:c6:06:46:79:f5:47:52:a0:98:ee:40:3f:a1:d6:
33:be:b6:ad:b2:5f:dd:b6:30:8d:24:b1:ed:3c:18:
92:88:54:43:2b:84:2f:a0:05:70:4a:aa:6a:bc:a2:
3f:1b:46:8a:d1:ce:53:aa:0b:ea:14:2b:60:82:be:
92:1d:b5:92:dd:41:07:3e:97:e8:bc:bc:f5:7e:d7:
1a:bb:e4:f6:b3:e6:96:4b:4e:52:17:99:1b:5b:f2:
89:17:15:de:93:38:56:b3:51:38:c6:40:ed:78:ca:
b4:f2:d5:d3:dd:52:ff:27:74:ea:dd:6d:7f:85:75:
c8:da:46:ff:58:37:9a:a3:58:00:e8:0f:9b:0c:e1:
fc:f8:eb:10:9e:6f:50:e1:4c:13:eb:a6:42:80:4a:
4c:75:07:34:e5:5f:fb:5d:52:f5:46:1b:a1:61:e5:
dd:0f:3f:40:24:ab:3a:04:0b:35:3b:0e:0e:96:c6:
aa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:48:1E:52:1D:B5:A2:D0:A7:92:E1:DA:4A:9F:3D:2E:99:ED:C3:D6
X509v3 Authority Key Identifier:
keyid:7D:7C:B2:97:8B:B5:4E:B5:57:CA:E3:FF:B3:5E:46:AC:4D:5C:22:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXyyl4u1TrVXyuP_s15GrE1cIr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6cea37-d270-4d1c-a937-24c3d9e25401/1/mkgeUh21otCnkuHaSp89Lpntw9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6cea37-d270-4d1c-a937-24c3d9e25401/1/fXyyl4u1TrVXyuP_s15GrE1cIr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.96.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:44:db:ec:f7:fd:1e:4b:a7:51:1e:24:49:4c:1b:37:1c:10:
6b:2d:c0:97:99:ae:b2:b2:05:aa:a9:24:2d:7c:fa:a7:5b:65:
13:b3:8f:a8:9b:5c:ea:18:54:ac:96:4b:88:7b:80:9d:90:4e:
ad:81:d9:78:b8:9d:27:15:1d:60:4c:cd:28:ba:2d:79:f8:18:
b6:07:b0:31:09:a1:ec:d8:9f:a9:58:85:76:f0:9e:2c:83:18:
5a:6b:9c:9b:18:b5:f8:ed:58:39:09:05:4e:a0:2d:64:ee:a7:
ba:d2:9a:bb:f3:fa:ee:64:e3:4d:f2:47:81:a8:b1:ff:ee:a0:
d3:2f:90:6d:d0:b5:2a:e7:a3:a0:bd:27:a9:69:33:a2:a2:25:
f9:1c:62:ee:54:59:f7:2d:23:53:93:57:4d:30:a4:2e:30:41:
d6:c9:bf:d2:76:b6:f4:a6:2a:1d:e4:97:89:b9:c1:f5:99:ea:
99:a8:a9:e2:c0:ae:e4:eb:df:4a:b3:f8:56:67:ee:36:60:c9:
c9:ee:4b:50:73:50:45:46:10:9d:2a:86:37:dd:49:2d:be:bb:
c6:29:a4:27:b6:e6:3d:a6:5a:13:68:11:b0:23:40:cf:34:af:
f4:ab:13:48:6b:d2:72:bd:b1:17:3e:72:32:d2:ae:07:b4:82:
b3:71:82:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCr3HYGuIZJcbzIoAvo4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2NiMjk3OGJiNTRlYjU1N2NhZTNmZmIzNWU0NmFjNGQ1
YzIyYmYwHhcNMjMwMTAxMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQ4MWU1MjFkYjVhMmQwYTc5MmUxZGE0YTlmM2QyZTk5ZWRjM2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2Wk6mvQjlzpxlNSLk5Xvaq2lwmM
ohRARcaGEKYurQb0cF8ZBdbEVwCgYswRYO3xlLLy8JyB6P8fJF1fCbyHcZHKBLzz
Dn2G+5MHxgZGefVHUqCY7kA/odYzvratsl/dtjCNJLHtPBiSiFRDK4QvoAVwSqpq
vKI/G0aK0c5TqgvqFCtggr6SHbWS3UEHPpfovLz1ftcau+T2s+aWS05SF5kbW/KJ
FxXekzhWs1E4xkDteMq08tXT3VL/J3Tq3W1/hXXI2kb/WDeao1gA6A+bDOH8+OsQ
nm9Q4UwT66ZCgEpMdQc05V/7XVL1RhuhYeXdDz9AJKs6BAs1Ow4OlsaqUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpIHlIdtaLQp5Lh2kqfPS6Z7cPWMB8GA1UdIwQY
MBaAFH18speLtU61V8rj/7NeRqxNXCK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh5eWw0dTFUclZYeXVQX3MxNUdyRTFjSXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy82Y2VhMzctZDI3MC00ZDFjLWE5Mzct
MjRjM2Q5ZTI1NDAxLzEvbWtnZVVoMjFvdENua3VIYVNwODlMcG50dzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy82Y2VhMzctZDI3MC00ZDFjLWE5MzctMjRjM2Q5ZTI1NDAx
LzEvZlh5eWw0dTFUclZYeXVQX3MxNUdyRTFjSXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTZgMA0G
CSqGSIb3DQEBCwUAA4IBAQAfRNvs9/0eS6dRHiRJTBs3HBBrLcCXma6ysgWqqSQt
fPqnW2UTs4+om1zqGFSslkuIe4CdkE6tgdl4uJ0nFR1gTM0oui15+Bi2B7AxCaHs
2J+pWIV28J4sgxhaa5ybGLX47Vg5CQVOoC1k7qe60pq78/ruZONN8keBqLH/7qDT
L5Bt0LUq56OgvSepaTOioiX5HGLuVFn3LSNTk1dNMKQuMEHWyb/Sdrb0piod5JeJ
ucH1meqZqKniwK7k699Ks/hWZ+42YMnJ7ktQc1BFRhCdKoY33UktvrvGKaQntuY9
ploTaBGwI0DPNK/0qxNIa9JyvbEXPnIy0q4HtIKzcYJE
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:17 2025 by rpki-client