Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/u5bE2nPZeeFDhA3Su4H5oEpeQ6k.roa
File: u5bE2nPZeeFDhA3Su4H5oEpeQ6k.roa (raw, json)
Hash identifier: M76XWBVmhFZve51Dwxrj9nqCkG7nQfmKX04Inxq/Ix4=
Subject key identifier: BB:96:C4:DA:73:D9:79:E1:43:84:0D:D2:BB:81:F9:A0:4A:5E:43:A9
Certificate issuer: /CN=ac0cd1a338ebf5c7952eb9a1f0060549f9340ad6
Certificate serial: 1B83E31B
Authority key identifier: AC:0C:D1:A3:38:EB:F5:C7:95:2E:B9:A1:F0:06:05:49:F9:34:0A:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rAzRozjr9ceVLrmh8AYFSfk0CtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/u5bE2nPZeeFDhA3Su4H5oEpeQ6k.roa
Signing time: Sat 01 Jan 2022 10:57:38 +0000
ROA not before: Sat 01 Jan 2022 10:57:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60688
IP address blocks: 185.27.196.0/23 maxlen: 23
185.27.198.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 461628187 (0x1b83e31b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac0cd1a338ebf5c7952eb9a1f0060549f9340ad6
Validity
Not Before: Jan 1 10:57:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb96c4da73d979e143840dd2bb81f9a04a5e43a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:71:8f:e6:15:f5:59:09:68:ee:e5:44:66:
54:44:15:dc:e5:81:3b:92:35:0d:6c:31:f2:08:5a:
ce:dc:96:4c:d8:12:e9:e3:70:74:df:4c:99:23:42:
be:c7:4f:ff:8e:69:4d:b2:a9:8a:7d:9f:6f:60:cb:
19:d7:50:7e:9e:48:67:7a:68:4b:58:f4:95:6a:8b:
7c:73:ab:8c:d6:19:7e:a8:43:a9:21:7e:ed:78:b7:
44:40:9d:29:af:5b:ab:3f:74:97:a7:7d:3b:55:e0:
08:fb:51:cc:49:13:15:25:b9:06:19:3f:9b:06:10:
a6:58:15:ce:27:5c:f8:8a:6d:39:01:85:83:cc:b0:
28:89:4b:dd:45:6c:73:18:d3:8c:d1:14:22:42:3d:
65:e2:8f:e4:b4:b7:56:d5:a9:25:80:2c:75:e6:f0:
43:1a:d7:30:19:c0:4d:e1:46:63:41:fe:da:b2:71:
f1:af:82:61:da:56:3c:08:b7:54:ab:46:af:46:16:
1c:77:14:93:ed:d8:2f:e3:23:13:45:0f:0d:59:23:
59:f6:02:07:ce:a6:f2:34:8f:0c:35:75:cc:41:2b:
d8:b4:03:8c:76:99:d2:a6:a6:e0:bb:e9:9f:e5:ab:
49:6d:d5:d6:1d:27:ea:6b:15:e6:b6:67:bf:39:dd:
3b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:96:C4:DA:73:D9:79:E1:43:84:0D:D2:BB:81:F9:A0:4A:5E:43:A9
X509v3 Authority Key Identifier:
keyid:AC:0C:D1:A3:38:EB:F5:C7:95:2E:B9:A1:F0:06:05:49:F9:34:0A:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAzRozjr9ceVLrmh8AYFSfk0CtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/u5bE2nPZeeFDhA3Su4H5oEpeQ6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/rAzRozjr9ceVLrmh8AYFSfk0CtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.196.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:a3:46:87:e2:9b:16:67:c7:e1:fa:cf:d7:41:75:c7:1f:4f:
76:ed:c9:eb:7a:c8:8b:87:70:59:62:15:d3:c6:1b:1e:fe:bc:
95:a6:6f:d1:ea:fe:a2:01:10:7b:87:61:e0:64:7a:eb:50:cf:
a4:4f:f1:45:16:1d:21:bd:18:13:77:ac:ab:6b:c0:c0:8b:85:
e3:0b:41:40:75:21:f1:e3:a9:a1:df:3a:34:20:28:11:c6:c9:
dd:ac:a1:41:b2:58:b0:31:7d:3a:08:54:74:40:3a:b4:d0:d6:
6f:ea:c9:18:f2:30:a3:9f:0c:16:ca:67:6d:43:cc:86:42:9d:
e0:6d:a9:4f:11:83:bb:36:6a:d5:80:4b:03:79:dc:01:bf:ef:
2c:9f:66:06:a0:57:b0:32:e7:d6:b0:bc:91:fa:34:0b:ce:11:
a6:82:9e:95:c5:b0:55:88:17:f9:01:5d:fe:0b:e4:8f:64:17:
49:d5:70:a6:39:c2:ce:1e:40:b5:31:6c:5f:2e:e6:81:4e:f0:
7f:b3:2b:05:bf:f2:92:86:7d:00:5f:a3:5d:a9:21:4c:50:12:
31:2a:43:77:01:b9:0a:b8:ee:a8:d6:a5:c3:9d:d7:4c:88:dc:
50:ca:2b:eb:f4:3c:1d:e7:7d:f5:19:e6:b8:50:8e:e5:8d:b9:
bb:da:15:be
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG4PjGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzBjZDFhMzM4ZWJmNWM3OTUyZWI5YTFmMDA2MDU0OWY5MzQwYWQ2MB4XDTIyMDEw
MTEwNTczOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI5NmM0ZGE3M2Q5
NzllMTQzODQwZGQyYmI4MWY5YTA0YTVlNDNhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL70cY/mFfVZCWju5URmVEQV3OWBO5I1DWwx8ghaztyWTNgS
6eNwdN9MmSNCvsdP/45pTbKpin2fb2DLGddQfp5IZ3poS1j0lWqLfHOrjNYZfqhD
qSF+7Xi3RECdKa9bqz90l6d9O1XgCPtRzEkTFSW5Bhk/mwYQplgVzidc+IptOQGF
g8ywKIlL3UVscxjTjNEUIkI9ZeKP5LS3VtWpJYAsdebwQxrXMBnATeFGY0H+2rJx
8a+CYdpWPAi3VKtGr0YWHHcUk+3YL+MjE0UPDVkjWfYCB86m8jSPDDV1zEEr2LQD
jHaZ0qam4Lvpn+WrSW3V1h0n6msV5rZnvzndO20CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7lsTac9l54UOEDdK7gfmgSl5DqTAfBgNVHSMEGDAWgBSsDNGjOOv1x5Uu
uaHwBgVJ+TQK1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JBelJvempyOWNlVkxybWg4QVlGU2ZrMEN0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvMGM1ZWMxLTljM2QtNDE2Mi05ODA0LWEzMzUxOGJkZDhmZS8x
L3U1YkUyblBaZWVGRGhBM1N1NEg1b0VwZVE2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
MGM1ZWMxLTljM2QtNDE2Mi05ODA0LWEzMzUxOGJkZDhmZS8xL3JBelJvempyOWNl
VkxybWg4QVlGU2ZrMEN0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkbxDANBgkqhkiG9w0BAQsFAAOC
AQEAH6NGh+KbFmfH4frP10F1xx9Pdu3J63rIi4dwWWIV08YbHv68laZv0er+ogEQ
e4dh4GR661DPpE/xRRYdIb0YE3esq2vAwIuF4wtBQHUh8eOpod86NCAoEcbJ3ayh
QbJYsDF9OghUdEA6tNDWb+rJGPIwo58MFspnbUPMhkKd4G2pTxGDuzZq1YBLA3nc
Ab/vLJ9mBqBXsDLn1rC8kfo0C84RpoKelcWwVYgX+QFd/gvkj2QXSdVwpjnCzh5A
tTFsXy7mgU7wf7MrBb/ykoZ9AF+jXakhTFASMSpDdwG5CrjuqNalw53XTIjcUMor
6/Q8Hed99RnmuFCO5Y25u9oVvg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:53:41 2025 by rpki-client