Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/32Nidt1owftE3Wa-MaSx5ttQqTk.roa
File: 32Nidt1owftE3Wa-MaSx5ttQqTk.roa (raw, json)
Hash identifier: g4Tv0ps97ayCEugFo1sx3BS+9ZAcx5IPdyl52jNGF8M=
Subject key identifier: DF:63:62:76:DD:68:C1:FB:44:DD:66:BE:31:A4:B1:E6:DB:50:A9:39
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 01856D6637A2255AAD190C70B3FB24E159A5
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/32Nidt1owftE3Wa-MaSx5ttQqTk.roa
Signing time: Sun 01 Jan 2023 12:54:53 +0000
ROA not before: Sun 01 Jan 2023 12:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199487
IP address blocks: 185.9.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:37:a2:25:5a:ad:19:0c:70:b3:fb:24:e1:59:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 12:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df636276dd68c1fb44dd66be31a4b1e6db50a939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a5:f8:40:85:36:b7:04:f3:db:bd:a3:7c:57:
fb:9c:28:0e:ae:92:36:15:e6:e3:4c:fc:f9:0d:a3:
9b:9b:3f:2a:59:32:eb:69:9a:6a:3e:a2:af:32:33:
38:2f:30:29:ee:ac:40:df:b7:1f:41:23:dc:7a:3b:
2f:55:77:3c:1d:8b:90:6c:ec:07:27:18:65:59:cf:
55:72:d4:54:76:6a:fa:77:15:36:d7:7c:54:e1:e4:
f2:19:b1:a2:e6:ac:9b:7d:55:29:a8:3d:1a:a0:5f:
19:ee:a8:75:a7:bc:e3:d9:1b:38:80:bf:97:a3:be:
26:6f:76:d5:72:0a:ff:2e:b9:cf:0e:e8:a2:b5:75:
0c:82:b5:2e:85:0e:e5:33:ec:12:81:7e:a1:86:b9:
fe:c3:be:a5:49:ad:78:ae:cd:34:a0:7d:70:25:71:
f2:42:51:2f:6f:71:95:b7:af:19:60:ba:8a:65:ed:
94:47:ed:3c:9d:f6:00:62:45:74:a7:a5:cf:ed:82:
a6:ee:50:a6:8c:df:ea:1c:8e:2c:63:64:5f:fb:94:
9d:4e:38:ac:fc:9c:b7:80:61:50:c5:1f:2e:d9:de:
0e:56:ed:3f:c0:91:b3:82:1c:0e:73:88:2d:4b:a5:
07:db:38:2d:1a:b9:1a:94:de:54:b0:80:8b:8d:3a:
a8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:63:62:76:DD:68:C1:FB:44:DD:66:BE:31:A4:B1:E6:DB:50:A9:39
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/32Nidt1owftE3Wa-MaSx5ttQqTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.21.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:dc:c6:b4:84:8d:da:bf:25:fb:e8:c7:41:be:c1:28:f2:de:
8e:85:24:d1:b5:b3:00:d4:b7:20:d4:e0:18:63:fa:d8:50:fd:
02:7d:80:85:70:49:96:3a:33:f8:5c:3b:ba:c6:de:2b:49:84:
47:1f:76:d7:bc:61:4a:ea:4e:ec:71:de:54:de:66:ac:7b:05:
a4:ed:78:a3:ee:5e:66:54:61:b2:f0:82:a4:bb:8c:8e:5a:e4:
d9:bc:73:df:65:8a:06:1f:ec:ba:55:2f:72:e2:00:dc:02:58:
3d:7f:73:56:80:71:b3:99:8d:a8:1f:cc:46:cd:75:1d:91:95:
7f:6d:49:9e:f0:b7:2e:82:2c:fd:23:0a:f8:d6:c2:50:2c:8d:
1b:b9:ac:a3:eb:2e:3a:23:db:2f:a6:e1:2b:bd:0c:d0:13:1c:
ce:f1:56:56:af:e8:87:de:40:8a:d3:fd:fa:c7:e3:b2:88:be:
69:05:b2:de:87:66:ef:13:42:a0:fe:d1:68:19:c8:5e:02:6e:
15:79:29:32:63:66:da:7a:cc:37:e7:bd:44:ea:8a:80:ea:ba:
a3:22:d2:92:7b:52:7c:12:3f:04:93:d5:a1:cb:a9:b9:73:b5:
0f:2f:83:ed:4e:3b:c3:7d:0b:52:22:d3:41:5e:47:40:3d:08:
7b:41:8f:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZjeiJVqtGQxws/sk4VmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjMwMTAxMTI1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjYzNjI3NmRkNjhjMWZiNDRkZDY2YmUzMWE0YjFlNmRiNTBhOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKX4QIU2twTz272jfFf7nCgOrpI2
FebjTPz5DaObmz8qWTLraZpqPqKvMjM4LzAp7qxA37cfQSPcejsvVXc8HYuQbOwH
JxhlWc9VctRUdmr6dxU213xU4eTyGbGi5qybfVUpqD0aoF8Z7qh1p7zj2Rs4gL+X
o74mb3bVcgr/LrnPDuiitXUMgrUuhQ7lM+wSgX6hhrn+w76lSa14rs00oH1wJXHy
QlEvb3GVt68ZYLqKZe2UR+08nfYAYkV0p6XP7YKm7lCmjN/qHI4sY2Rf+5SdTjis
/Jy3gGFQxR8u2d4OVu0/wJGzghwOc4gtS6UH2zgtGrkalN5UsICLjTqoOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9jYnbdaMH7RN1mvjGksebbUKk5MB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvMzJOaWR0MW93ZnRFM1dhLU1hU3g1dHRRcVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQkVMA0G
CSqGSIb3DQEBCwUAA4IBAQDA3Ma0hI3avyX76MdBvsEo8t6OhSTRtbMA1Lcg1OAY
Y/rYUP0CfYCFcEmWOjP4XDu6xt4rSYRHH3bXvGFK6k7scd5U3masewWk7Xij7l5m
VGGy8IKku4yOWuTZvHPfZYoGH+y6VS9y4gDcAlg9f3NWgHGzmY2oH8xGzXUdkZV/
bUme8Lcugiz9Iwr41sJQLI0buayj6y46I9svpuErvQzQExzO8VZWr+iH3kCK0/36
x+OyiL5pBbLeh2bvE0Kg/tFoGcheAm4VeSkyY2baesw3571E6oqA6rqjItKSe1J8
Ej8Ek9Why6m5c7UPL4PtTjvDfQtSItNBXkdAPQh7QY95
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:49:19 2025 by rpki-client