Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/e2d729-ba9e-4723-a368-644bfdceb9f6/1/dKBxYJdSIMIpl8yLSVGY_RK9OU8.roa
File: dKBxYJdSIMIpl8yLSVGY_RK9OU8.roa (raw, json)
Hash identifier: BAjIVo+cZJA+uo9XC1OpyKkIyJ8SJAUOGXCkLJ8/+Dk=
Subject key identifier: 74:A0:71:60:97:52:20:C2:29:97:CC:8B:49:51:98:FD:12:BD:39:4F
Certificate issuer: /CN=edff0ab25662757afb831675319296f63d989b69
Certificate serial: 01856F82498622B43FC0984C368715F08661
Authority key identifier: ED:FF:0A:B2:56:62:75:7A:FB:83:16:75:31:92:96:F6:3D:98:9B:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7f8KslZidXr7gxZ1MZKW9j2Ym2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/e2d729-ba9e-4723-a368-644bfdceb9f6/1/dKBxYJdSIMIpl8yLSVGY_RK9OU8.roa
Signing time: Sun 01 Jan 2023 22:44:47 +0000
ROA not before: Sun 01 Jan 2023 22:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206556
IP address blocks: 185.182.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:49:86:22:b4:3f:c0:98:4c:36:87:15:f0:86:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edff0ab25662757afb831675319296f63d989b69
Validity
Not Before: Jan 1 22:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74a07160975220c22997cc8b495198fd12bd394f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5c:7f:1c:ea:3d:96:35:e4:a2:96:20:e2:7b:
c2:65:08:b9:f0:d2:fd:8a:b2:53:92:e5:df:c2:c1:
db:d3:4b:de:dc:b2:83:97:86:c7:5b:f6:bf:50:bd:
50:f8:62:1e:fa:d0:1c:30:c7:0d:bc:c4:cf:fe:66:
74:f7:51:00:83:1a:d4:ef:26:e2:67:76:5f:84:1c:
04:46:ef:d8:30:d5:94:bd:47:64:e5:e5:0d:59:03:
ba:91:fb:d3:5b:d1:3c:3b:ae:44:66:7c:dd:e7:38:
25:76:f4:94:2c:37:94:c4:3a:6f:63:cd:e1:bc:59:
e0:37:07:b1:9b:23:ea:22:8a:79:8a:b8:29:78:1e:
72:e3:f9:91:b4:b1:94:c5:f5:b1:a0:1b:2b:1d:fe:
f5:b4:45:3a:4c:18:c7:ac:46:ad:bd:43:9b:8a:4c:
38:c3:36:60:05:4b:bf:f3:9b:56:a2:ae:1e:6c:54:
e9:1e:21:8a:9f:f9:d0:f0:68:4c:d2:fc:94:99:33:
fe:14:53:f2:c6:c1:48:9b:d1:73:30:b6:1a:1a:83:
f6:9a:07:e7:f2:eb:8a:36:0a:40:9c:e7:f0:05:7a:
76:8d:18:04:72:0f:26:a2:a4:74:0b:53:66:4c:52:
ef:27:05:08:d9:fb:61:3b:c3:e9:42:b4:e9:9c:19:
22:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A0:71:60:97:52:20:C2:29:97:CC:8B:49:51:98:FD:12:BD:39:4F
X509v3 Authority Key Identifier:
keyid:ED:FF:0A:B2:56:62:75:7A:FB:83:16:75:31:92:96:F6:3D:98:9B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f8KslZidXr7gxZ1MZKW9j2Ym2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/e2d729-ba9e-4723-a368-644bfdceb9f6/1/dKBxYJdSIMIpl8yLSVGY_RK9OU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/e2d729-ba9e-4723-a368-644bfdceb9f6/1/7f8KslZidXr7gxZ1MZKW9j2Ym2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.239.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:7b:0f:6e:b7:c9:7d:92:51:20:17:92:22:30:cf:f4:e3:e4:
80:3f:2c:b6:01:18:bd:1a:75:e4:6f:30:80:cc:d2:96:1e:5c:
ba:e8:bd:4f:0f:1d:33:81:84:69:20:75:79:3a:53:d7:cc:d0:
cb:3b:4b:9f:1b:2b:21:2c:d9:50:b4:f0:b9:2e:96:55:cb:67:
a5:a0:23:5c:b6:04:33:2a:27:20:7b:32:e8:56:83:3f:b5:c5:
df:b4:2c:97:26:80:6c:52:4e:a2:65:b9:48:41:11:7f:b4:41:
01:2e:c4:e6:eb:45:41:23:aa:b1:15:17:f0:01:b7:8c:f7:09:
aa:b5:5e:28:cc:5b:95:e5:04:38:64:42:49:e5:54:c6:27:cc:
48:64:d8:03:87:d6:af:19:5c:1e:24:27:04:26:01:e3:82:1f:
cd:d2:5d:76:2d:2e:d7:6b:39:93:48:c4:5e:4c:2e:2a:f7:34:
46:d5:ec:10:8c:dc:86:0c:23:87:9b:a5:7a:f9:29:9d:6f:71:
53:87:7f:cb:9e:f7:2c:a6:cc:e4:79:0e:25:15:50:e2:6d:f8:
d4:bc:b3:cf:00:0b:f3:8d:7c:3f:32:3b:a6:60:14:ea:da:a8:
c7:70:db:96:60:24:f1:04:c4:30:14:42:da:17:ae:04:e9:10:
b4:6c:c1:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgkmGIrQ/wJhMNocV8IZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZmYwYWIyNTY2Mjc1N2FmYjgzMTY3NTMxOTI5NmY2M2Q5
ODliNjkwHhcNMjMwMTAxMjI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGEwNzE2MDk3NTIyMGMyMjk5N2NjOGI0OTUxOThmZDEyYmQzOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFx/HOo9ljXkopYg4nvCZQi58NL9
irJTkuXfwsHb00ve3LKDl4bHW/a/UL1Q+GIe+tAcMMcNvMTP/mZ091EAgxrU7ybi
Z3ZfhBwERu/YMNWUvUdk5eUNWQO6kfvTW9E8O65EZnzd5zgldvSULDeUxDpvY83h
vFngNwexmyPqIop5irgpeB5y4/mRtLGUxfWxoBsrHf71tEU6TBjHrEatvUObikw4
wzZgBUu/85tWoq4ebFTpHiGKn/nQ8GhM0vyUmTP+FFPyxsFIm9FzMLYaGoP2mgfn
8uuKNgpAnOfwBXp2jRgEcg8moqR0C1NmTFLvJwUI2fthO8PpQrTpnBkixQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSgcWCXUiDCKZfMi0lRmP0SvTlPMB8GA1UdIwQY
MBaAFO3/CrJWYnV6+4MWdTGSlvY9mJtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2Y4S3NsWmlkWHI3Z3haMU1aS1c5ajJZbTJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9lMmQ3MjktYmE5ZS00NzIzLWEzNjgt
NjQ0YmZkY2ViOWY2LzEvZEtCeFlKZFNJTUlwbDh5TFNWR1lfUks5T1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9lMmQ3MjktYmE5ZS00NzIzLWEzNjgtNjQ0YmZkY2ViOWY2
LzEvN2Y4S3NsWmlkWHI3Z3haMU1aS1c5ajJZbTJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubbvMA0G
CSqGSIb3DQEBCwUAA4IBAQCcew9ut8l9klEgF5IiMM/04+SAPyy2ARi9GnXkbzCA
zNKWHly66L1PDx0zgYRpIHV5OlPXzNDLO0ufGyshLNlQtPC5LpZVy2eloCNctgQz
KicgezLoVoM/tcXftCyXJoBsUk6iZblIQRF/tEEBLsTm60VBI6qxFRfwAbeM9wmq
tV4ozFuV5QQ4ZEJJ5VTGJ8xIZNgDh9avGVweJCcEJgHjgh/N0l12LS7XazmTSMRe
TC4q9zRG1ewQjNyGDCOHm6V6+Smdb3FTh3/LnvcspszkeQ4lFVDibfjUvLPPAAvz
jXw/MjumYBTq2qjHcNuWYCTxBMQwFELaF64E6RC0bMFt
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:08:10 2025 by rpki-client