Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/wDRm6tjvaEtmUTL3Ce9YGptJLoQ.roa
File: wDRm6tjvaEtmUTL3Ce9YGptJLoQ.roa (raw, json)
Hash identifier: LbkOyvs2MlftVappr0kwr8AtqmORkNTpXyBRNay2XSM=
Subject key identifier: C0:34:66:EA:D8:EF:68:4B:66:51:32:F7:09:EF:58:1A:9B:49:2E:84
Certificate issuer: /CN=90cbaa6b36e6cd6874c78ed45a4f8dd7173031d9
Certificate serial: 01856E0AE262E43C28A5CD949A63F7ABDCAC
Authority key identifier: 90:CB:AA:6B:36:E6:CD:68:74:C7:8E:D4:5A:4F:8D:D7:17:30:31:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMuqazbmzWh0x47UWk-N1xcwMdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/wDRm6tjvaEtmUTL3Ce9YGptJLoQ.roa
Signing time: Sun 01 Jan 2023 15:54:44 +0000
ROA not before: Sun 01 Jan 2023 15:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204922
IP address blocks: 185.235.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:e2:62:e4:3c:28:a5:cd:94:9a:63:f7:ab:dc:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90cbaa6b36e6cd6874c78ed45a4f8dd7173031d9
Validity
Not Before: Jan 1 15:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c03466ead8ef684b665132f709ef581a9b492e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c0:36:56:aa:3c:5a:c7:6c:31:99:ed:e5:d9:
d2:5e:70:7c:a8:9a:ee:ae:4a:e7:ff:5f:21:ce:f2:
d6:0a:a3:45:fe:67:99:07:ea:24:cc:fd:5c:d6:b5:
9b:1a:23:2e:fb:81:2d:ac:6d:2a:e2:22:02:05:75:
a5:df:a6:f5:27:34:9e:48:a0:4e:e1:f9:97:62:e7:
e3:aa:02:0d:27:30:d9:40:2d:3c:bc:40:b0:ed:d8:
5e:10:7b:65:fe:e0:29:b0:00:03:f6:11:b3:c0:d3:
a2:b5:93:6b:6f:a5:51:ec:7d:12:b8:2d:76:8d:4e:
09:27:60:17:46:b2:1f:65:c0:34:91:2f:32:7b:61:
f8:e1:b5:4c:d2:6c:c2:96:fd:fe:57:25:fd:63:8a:
60:87:60:f5:6a:44:d7:43:4b:02:be:d4:d9:ef:32:
14:73:90:2c:5d:3d:0f:9a:2e:3a:a2:d7:18:0f:09:
57:d9:57:fb:58:5f:8c:ef:dd:78:57:c4:31:18:42:
f9:df:92:78:49:d5:da:fe:16:5c:c0:e1:2b:e5:30:
5c:f2:3c:75:90:a4:c3:95:91:96:1f:3e:1b:83:2a:
2e:50:fb:e5:7d:2d:9b:45:df:c2:73:d2:76:98:dd:
0a:3a:07:44:da:76:2c:f7:93:a6:53:f4:e6:e5:53:
f4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:34:66:EA:D8:EF:68:4B:66:51:32:F7:09:EF:58:1A:9B:49:2E:84
X509v3 Authority Key Identifier:
keyid:90:CB:AA:6B:36:E6:CD:68:74:C7:8E:D4:5A:4F:8D:D7:17:30:31:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMuqazbmzWh0x47UWk-N1xcwMdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/wDRm6tjvaEtmUTL3Ce9YGptJLoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.208.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:fd:71:19:e8:70:78:5f:0d:36:bc:0d:e0:d6:4b:31:e5:70:
26:c9:e2:ab:54:8e:6d:10:45:5c:30:1e:f4:96:b6:d3:54:46:
ca:df:d6:e4:33:bd:ab:ee:e9:8e:76:83:5a:77:36:ec:07:13:
d5:64:fb:32:cf:6a:9b:4f:7a:08:f0:90:74:65:42:eb:7c:64:
a8:4e:bf:67:fd:1a:86:fa:02:71:c2:cd:3a:6d:53:11:f9:e6:
e7:80:42:4e:d9:ec:c9:2f:08:75:17:00:21:84:16:62:bf:bb:
4a:2d:bf:2a:c9:c4:1b:ad:bb:f0:89:3d:e7:9e:ca:1d:a7:74:
3f:07:0f:ae:28:69:95:9a:39:f7:1b:30:81:4d:3b:ef:2e:7a:
5c:9d:cc:12:02:91:7e:c7:32:8c:cd:47:7d:ff:e6:ca:bf:48:
8a:d2:a3:f7:d3:b9:6e:67:9a:7e:07:8c:b3:00:57:2d:32:43:
c0:0f:94:d4:c0:d8:1f:7d:46:4b:62:32:cb:51:f7:e5:5d:33:
06:d0:b8:d3:d7:7a:4d:2a:3e:3d:1b:b3:fd:7f:3f:03:4b:29:
7f:1f:1d:21:85:b6:bd:59:5c:18:46:21:be:d3:3e:9d:b1:86:
d2:2b:44:8d:7d:61:0a:b1:93:76:f7:e8:72:15:99:f6:8e:a9:
4a:66:4a:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuCuJi5Dwopc2UmmP3q9ysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwY2JhYTZiMzZlNmNkNjg3NGM3OGVkNDVhNGY4ZGQ3MTcz
MDMxZDkwHhcNMjMwMTAxMTU1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDM0NjZlYWQ4ZWY2ODRiNjY1MTMyZjcwOWVmNTgxYTliNDkyZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcA2Vqo8WsdsMZnt5dnSXnB8qJru
rkrn/18hzvLWCqNF/meZB+okzP1c1rWbGiMu+4EtrG0q4iICBXWl36b1JzSeSKBO
4fmXYufjqgINJzDZQC08vECw7dheEHtl/uApsAAD9hGzwNOitZNrb6VR7H0SuC12
jU4JJ2AXRrIfZcA0kS8ye2H44bVM0mzClv3+VyX9Y4pgh2D1akTXQ0sCvtTZ7zIU
c5AsXT0Pmi46otcYDwlX2Vf7WF+M7914V8QxGEL535J4SdXa/hZcwOEr5TBc8jx1
kKTDlZGWHz4bgyouUPvlfS2bRd/Cc9J2mN0KOgdE2nYs95OmU/Tm5VP0NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMA0ZurY72hLZlEy9wnvWBqbSS6EMB8GA1UdIwQY
MBaAFJDLqms25s1odMeO1FpPjdcXMDHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva011cWF6Ym16V2gweDQ3VVdrLU4xeGN3TWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wNmNhNWQtZDBjNC00MjE1LTg5Njgt
YjZkNGM0ZmMwYzIxLzEvd0RSbTZ0anZhRXRtVVRMM0NlOVlHcHRKTG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wNmNhNWQtZDBjNC00MjE1LTg5NjgtYjZkNGM0ZmMwYzIx
LzEva011cWF6Ym16V2gweDQ3VVdrLU4xeGN3TWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuevQMA0G
CSqGSIb3DQEBCwUAA4IBAQCb/XEZ6HB4Xw02vA3g1ksx5XAmyeKrVI5tEEVcMB70
lrbTVEbK39bkM72r7umOdoNadzbsBxPVZPsyz2qbT3oI8JB0ZULrfGSoTr9n/RqG
+gJxws06bVMR+ebngEJO2ezJLwh1FwAhhBZiv7tKLb8qycQbrbvwiT3nnsodp3Q/
Bw+uKGmVmjn3GzCBTTvvLnpcncwSApF+xzKMzUd9/+bKv0iK0qP307luZ5p+B4yz
AFctMkPAD5TUwNgffUZLYjLLUfflXTMG0LjT13pNKj49G7P9fz8DSyl/Hx0hhba9
WVwYRiG+0z6dsYbSK0SNfWEKsZN29+hyFZn2jqlKZkqb
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:46:11 2025 by rpki-client