Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/IrWsULwWx4lwTbHJUPRe2yn-Lzk.roa
File: IrWsULwWx4lwTbHJUPRe2yn-Lzk.roa (raw, json)
Hash identifier: LpC19sU/ub7TigW+w6qveQOthYyZldqcWpY/xJ4s4l8=
Subject key identifier: 22:B5:AC:50:BC:16:C7:89:70:4D:B1:C9:50:F4:5E:DB:29:FE:2F:39
Certificate issuer: /CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Certificate serial: 0189E0CD4C0EC8B3E88E9FF5730446F8CB02
Authority key identifier: 9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/IrWsULwWx4lwTbHJUPRe2yn-Lzk.roa
Signing time: Thu 10 Aug 2023 18:54:57 +0000
ROA not before: Thu 10 Aug 2023 18:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196660
IP address blocks: 185.35.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e0:cd:4c:0e:c8:b3:e8:8e:9f:f5:73:04:46:f8:cb:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Validity
Not Before: Aug 10 18:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22b5ac50bc16c789704db1c950f45edb29fe2f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:02:66:99:83:65:a1:d9:af:48:7c:d1:9b:3d:
bb:15:b9:30:c3:42:fe:b7:99:49:83:80:8c:db:bb:
0a:44:ec:fb:e6:3a:b2:b2:16:4f:7a:8a:93:11:5e:
5b:9d:ee:95:76:15:f0:3b:36:6c:3e:05:b2:ab:aa:
85:13:08:ce:7b:5d:8f:81:ac:ca:78:b2:97:2b:ce:
1e:cc:74:f4:f0:05:d7:f4:7d:b0:09:b1:78:93:35:
75:35:4b:6b:c0:5f:1c:0b:64:a6:80:ce:b8:b3:a0:
f1:af:fe:2a:0b:ee:3c:a8:87:8d:6f:e0:f5:a2:02:
95:d2:df:10:ec:38:aa:eb:41:93:c8:9d:f1:1b:f9:
8a:99:b9:d3:42:c6:3e:71:4b:40:cf:3a:72:37:9b:
fe:12:d6:d4:5a:7c:84:0b:3f:82:32:ff:61:7b:69:
f5:2e:b8:b4:bc:94:a6:b5:da:06:63:94:c9:9b:41:
ab:01:09:65:f0:4c:98:f2:6d:27:1b:ee:cb:b3:5c:
24:68:d4:d7:f9:ab:b9:06:b8:fe:0d:98:4d:d8:6e:
95:ef:89:b8:97:00:14:7c:ce:07:18:39:f8:e2:b9:
3f:e5:65:00:5a:79:ae:ff:2e:50:00:33:ba:43:cc:
ad:19:b3:c1:97:35:f0:78:38:0f:8c:92:53:e3:b8:
78:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B5:AC:50:BC:16:C7:89:70:4D:B1:C9:50:F4:5E:DB:29:FE:2F:39
X509v3 Authority Key Identifier:
keyid:9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/IrWsULwWx4lwTbHJUPRe2yn-Lzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:33:9e:1a:fd:42:82:da:91:dc:e7:02:1b:45:a9:e2:74:a8:
aa:0b:ef:3e:fe:f1:a0:c6:ba:f8:5d:9a:db:6b:92:4b:46:15:
08:f9:6a:be:e2:f3:ca:8e:ec:ed:c4:fa:2d:ee:c9:0e:ed:fe:
a7:b8:2f:04:10:76:8c:10:a2:7b:0c:b0:bc:a0:6c:a9:81:e8:
16:ab:26:35:77:dc:8a:8a:c7:09:23:0d:7b:66:49:f4:08:e3:
cb:a4:4f:99:6e:84:d1:31:1b:d6:84:74:3b:5e:cf:76:2f:c9:
c3:c3:55:18:d1:10:49:8e:2a:a3:d0:02:71:94:4d:c2:96:99:
ab:ab:67:60:16:06:d0:55:a4:5a:d9:16:d1:d3:05:98:0c:51:
9e:03:2d:5e:b6:b2:92:3e:a0:f8:d8:15:92:1c:b8:56:ad:35:
5a:a9:39:df:bc:f8:1c:91:bb:0b:00:7d:8a:62:76:e7:e6:83:
cb:ac:1f:4c:86:aa:56:31:39:de:50:43:28:62:ee:b2:9d:1b:
9a:e6:b0:1d:aa:d4:dd:f7:a9:b1:f2:87:0e:0a:8b:5c:4f:bc:
84:a0:6c:9c:53:d3:04:de:1e:2e:51:28:e5:05:93:36:05:b1:
5b:d2:72:c7:fb:09:35:ab:b4:46:e7:a9:94:45:1a:b5:44:24:
d5:39:a3:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYngzUwOyLPojp/1cwRG+MsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYmI3N2JhYjQzOGE5M2QzNGQ5ZDVjMGE4ZTBiOWVmMzJh
ZTVkYTAwHhcNMjMwODEwMTg1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI1YWM1MGJjMTZjNzg5NzA0ZGIxYzk1MGY0NWVkYjI5ZmUyZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwJmmYNlodmvSHzRmz27Fbkww0L+
t5lJg4CM27sKROz75jqyshZPeoqTEV5bne6VdhXwOzZsPgWyq6qFEwjOe12PgazK
eLKXK84ezHT08AXX9H2wCbF4kzV1NUtrwF8cC2SmgM64s6Dxr/4qC+48qIeNb+D1
ogKV0t8Q7Diq60GTyJ3xG/mKmbnTQsY+cUtAzzpyN5v+EtbUWnyECz+CMv9he2n1
Lri0vJSmtdoGY5TJm0GrAQll8EyY8m0nG+7Ls1wkaNTX+au5Brj+DZhN2G6V74m4
lwAUfM4HGDn44rk/5WUAWnmu/y5QADO6Q8ytGbPBlzXweDgPjJJT47h4+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCK1rFC8FseJcE2xyVD0Xtsp/i85MB8GA1UdIwQY
MBaAFJy7d7q0OKk9NNnVwKjgue8yrl2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODkt
OTBkNThjNjAzMjU2LzEvSXJXc1VMd1d4NGx3VGJISlVQUmUyeW4tTHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODktOTBkNThjNjAzMjU2
LzEvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBuM54a/UKC2pHc5wIbRanidKiqC+8+/vGgxrr4XZrb
a5JLRhUI+Wq+4vPKjuztxPot7skO7f6nuC8EEHaMEKJ7DLC8oGypgegWqyY1d9yK
iscJIw17Zkn0COPLpE+ZboTRMRvWhHQ7Xs92L8nDw1UY0RBJjiqj0AJxlE3Clpmr
q2dgFgbQVaRa2RbR0wWYDFGeAy1etrKSPqD42BWSHLhWrTVaqTnfvPgckbsLAH2K
Ynbn5oPLrB9MhqpWMTneUEMoYu6ynRua5rAdqtTd96mx8ocOCotcT7yEoGycU9ME
3h4uUSjlBZM2BbFb0nLH+wk1q7RG56mURRq1RCTVOaOG
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:10:44 2025 by rpki-client