Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/ALcrV2H6Fbjsem5rAwY8zowCeBA.roa
File: ALcrV2H6Fbjsem5rAwY8zowCeBA.roa (raw, json)
Hash identifier: 4nmII+cpRcduANQ5xfLdIcyxbcVOwNxMY5L2677+giw=
Subject key identifier: 00:B7:2B:57:61:FA:15:B8:EC:7A:6E:6B:03:06:3C:CE:8C:02:78:10
Certificate issuer: /CN=bd972d44276ea4102ef6aed30f2ae58e99b3e751
Certificate serial: 018BA90DD522AB5D71504AE6464550CEE539
Authority key identifier: BD:97:2D:44:27:6E:A4:10:2E:F6:AE:D3:0F:2A:E5:8E:99:B3:E7:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/ALcrV2H6Fbjsem5rAwY8zowCeBA.roa
Signing time: Tue 07 Nov 2023 09:12:17 +0000
ROA not before: Tue 07 Nov 2023 09:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200852
IP address blocks: 185.93.196.0/22 maxlen: 22
185.93.196.0/23 maxlen: 23
185.93.196.0/24 maxlen: 24
185.93.197.0/24 maxlen: 24
185.93.198.0/23 maxlen: 23
2a02:ea00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:0d:d5:22:ab:5d:71:50:4a:e6:46:45:50:ce:e5:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd972d44276ea4102ef6aed30f2ae58e99b3e751
Validity
Not Before: Nov 7 09:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00b72b5761fa15b8ec7a6e6b03063cce8c027810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e0:79:2c:44:e0:b0:7c:13:c3:bb:2f:1c:fd:
15:7e:4b:33:13:5b:67:10:30:e9:9e:a1:11:b4:f2:
12:25:18:6b:71:f1:ee:d0:40:de:87:f3:bf:97:1e:
54:93:e4:5a:5f:36:c3:06:0f:d4:f9:95:2c:6f:31:
a0:ac:4e:6d:79:ee:9d:14:e8:0d:9b:26:83:0e:ff:
05:7d:96:3e:42:c2:0c:89:7a:01:53:26:b6:64:f1:
d7:98:1d:a4:77:e5:e7:67:74:df:b3:ba:d5:1a:f7:
9a:29:cd:35:fe:8b:08:0d:78:ea:43:b3:12:05:d2:
a6:6d:9c:ac:da:85:40:1c:c9:54:91:e4:3a:a0:0c:
6f:8a:f1:16:2c:d7:8c:1b:13:75:d0:1e:0a:6a:73:
03:cd:00:38:35:3a:e9:14:26:9c:51:22:26:42:a5:
68:03:6f:37:be:95:71:87:c8:72:f5:34:d9:d6:78:
16:95:52:08:82:7f:42:46:13:9f:30:31:a7:c7:a8:
67:51:1f:f7:ce:3d:9c:d5:6b:56:5c:8d:14:b9:29:
dd:79:23:8f:30:dc:36:87:26:5d:da:6a:35:6e:9d:
6a:19:f4:a8:64:79:c2:20:f3:22:80:de:77:06:c1:
07:36:11:c7:8d:c9:f5:c4:f8:c1:3c:d4:bf:0b:19:
28:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B7:2B:57:61:FA:15:B8:EC:7A:6E:6B:03:06:3C:CE:8C:02:78:10
X509v3 Authority Key Identifier:
keyid:BD:97:2D:44:27:6E:A4:10:2E:F6:AE:D3:0F:2A:E5:8E:99:B3:E7:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/ALcrV2H6Fbjsem5rAwY8zowCeBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/vZctRCdupBAu9q7TDyrljpmz51E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.196.0/22
IPv6:
2a02:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
3e:5f:24:44:12:9b:2b:31:aa:70:77:73:aa:b1:17:0a:7b:dc:
ea:fd:85:23:b8:39:12:5f:09:8e:71:79:08:37:14:aa:c6:c5:
5e:57:66:f5:f5:84:42:18:27:25:e8:38:46:64:67:fc:f1:23:
d0:9c:06:13:17:e7:65:a1:36:18:79:1c:ea:36:c7:9e:b7:d4:
76:87:25:c2:80:a4:fa:e0:2b:73:96:ea:7a:85:e7:01:b2:27:
08:fd:17:f8:e0:a2:88:5a:36:88:01:96:76:4d:0b:07:31:f2:
1f:d9:a0:6e:e6:70:e9:2c:79:8f:c0:db:e8:77:43:b5:4a:b0:
68:ec:21:79:7b:27:86:17:47:22:01:08:49:24:27:e3:26:ea:
a8:01:9d:14:af:1b:3c:d0:89:35:41:6c:fc:51:85:4e:d0:f6:
78:1a:3d:30:4d:cd:01:19:79:08:4b:99:8c:68:32:bc:45:56:
36:95:cb:84:9b:e3:68:87:28:80:3c:f3:47:da:a9:65:64:10:
0e:fa:cb:13:d9:6f:11:7f:4c:88:7c:3e:1b:65:6b:f0:d8:a3:
e6:44:7e:ef:c5:44:82:97:80:7f:8f:a6:85:6f:ab:27:44:ef:
f2:13:34:69:d9:9b:69:09:e3:88:a8:e5:bb:30:8b:da:59:6f:
cf:e4:d1:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYupDdUiq11xUErmRkVQzuU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOTcyZDQ0Mjc2ZWE0MTAyZWY2YWVkMzBmMmFlNThlOTli
M2U3NTEwHhcNMjMxMTA3MDkxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI3MmI1NzYxZmExNWI4ZWM3YTZlNmIwMzA2M2NjZThjMDI3ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeB5LETgsHwTw7svHP0VfkszE1tn
EDDpnqERtPISJRhrcfHu0EDeh/O/lx5Uk+RaXzbDBg/U+ZUsbzGgrE5tee6dFOgN
myaDDv8FfZY+QsIMiXoBUya2ZPHXmB2kd+XnZ3Tfs7rVGveaKc01/osIDXjqQ7MS
BdKmbZys2oVAHMlUkeQ6oAxvivEWLNeMGxN10B4KanMDzQA4NTrpFCacUSImQqVo
A283vpVxh8hy9TTZ1ngWlVIIgn9CRhOfMDGnx6hnUR/3zj2c1WtWXI0UuSndeSOP
MNw2hyZd2mo1bp1qGfSoZHnCIPMigN53BsEHNhHHjcn1xPjBPNS/CxkoZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAC3K1dh+hW47HpuawMGPM6MAngQMB8GA1UdIwQY
MBaAFL2XLUQnbqQQLvau0w8q5Y6Zs+dRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlpjdFJDZHVwQkF1OXE3VER5cmxqcG16NTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80MTlkMWItNThiMC00NDgzLTkyZDIt
ODZjMWVlMmE5ZWJhLzEvQUxjclYySDZGYmpzZW01ckF3WTh6b3dDZUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80MTlkMWItNThiMC00NDgzLTkyZDItODZjMWVlMmE5ZWJh
LzEvdlpjdFJDZHVwQkF1OXE3VER5cmxqcG16NTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV3EMA0E
AgACMAcDBQMqAuoAMA0GCSqGSIb3DQEBCwUAA4IBAQA+XyREEpsrMapwd3OqsRcK
e9zq/YUjuDkSXwmOcXkINxSqxsVeV2b19YRCGCcl6DhGZGf88SPQnAYTF+dloTYY
eRzqNseet9R2hyXCgKT64Ctzlup6hecBsicI/Rf44KKIWjaIAZZ2TQsHMfIf2aBu
5nDpLHmPwNvod0O1SrBo7CF5eyeGF0ciAQhJJCfjJuqoAZ0Urxs80Ik1QWz8UYVO
0PZ4Gj0wTc0BGXkIS5mMaDK8RVY2lcuEm+NohyiAPPNH2qllZBAO+ssT2W8Rf0yI
fD4bZWvw2KPmRH7vxUSCl4B/j6aFb6snRO/yEzRp2ZtpCeOIqOW7MIvaWW/P5NE2
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:18 2025 by rpki-client