Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/0dLBVq-_xr6K1k-OgV1zhV0YxfU.roa
File: 0dLBVq-_xr6K1k-OgV1zhV0YxfU.roa (raw, json)
Hash identifier: Mwrsu9ZazBjzn/rEbc/j91VFEzZ0i1JP1C7T4v6ib10=
Subject key identifier: D1:D2:C1:56:AF:BF:C6:BE:8A:D6:4F:8E:81:5D:73:85:5D:18:C5:F5
Certificate issuer: /CN=540c4f742fd329a36fcd29c4eb984e5f49515d99
Certificate serial: 0186B7067AE720E9847E81DD44864B8710EE
Authority key identifier: 54:0C:4F:74:2F:D3:29:A3:6F:CD:29:C4:EB:98:4E:5F:49:51:5D:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAxPdC_TKaNvzSnE65hOX0lRXZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/0dLBVq-_xr6K1k-OgV1zhV0YxfU.roa
Signing time: Mon 06 Mar 2023 13:05:00 +0000
ROA not before: Mon 06 Mar 2023 13:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62163
IP address blocks: 185.99.165.0/24 maxlen: 24
185.99.166.0/24 maxlen: 24
185.99.164.0/24 maxlen: 24
185.99.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:06:7a:e7:20:e9:84:7e:81:dd:44:86:4b:87:10:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=540c4f742fd329a36fcd29c4eb984e5f49515d99
Validity
Not Before: Mar 6 13:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1d2c156afbfc6be8ad64f8e815d73855d18c5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:92:01:dd:f9:a3:82:42:0f:d6:a7:26:7a:0e:
58:f0:79:c2:f6:6d:f2:d9:35:51:d2:d0:22:f9:b2:
ed:1a:b4:b6:6d:a0:43:37:bb:c2:76:8c:aa:ab:f5:
9f:2f:10:6e:d9:ff:f4:f8:97:f7:0a:d1:97:96:31:
c3:9b:93:f4:86:a2:2c:fa:53:66:0f:c3:a5:69:1e:
68:01:05:61:83:c0:b5:2d:b6:bc:d5:00:4f:2e:9f:
64:17:08:02:90:80:27:a2:e7:3d:be:0e:65:e2:04:
07:59:ff:b6:b2:fd:5c:bc:11:48:16:11:06:02:42:
89:2e:7c:e1:24:96:2f:05:37:bf:d9:08:47:51:44:
0e:5c:30:b4:8e:74:0f:4b:7a:3a:dc:f8:af:d4:0d:
38:4f:d8:ca:2e:a9:98:90:7d:5a:c2:55:f4:17:f2:
af:7f:50:2f:9f:f0:69:f0:9e:ca:c0:4d:74:f1:26:
06:2c:e0:46:1f:e7:e0:fe:4e:7e:5f:30:d1:fa:1d:
c9:6d:11:95:5f:fb:0e:9e:58:17:52:36:2d:9c:39:
5e:f4:a8:5b:77:bc:00:5e:9e:f5:8c:44:b4:fa:5a:
d8:76:40:86:4e:e6:bd:42:2c:74:bf:40:3f:91:85:
2a:25:63:3e:74:fd:dc:4c:42:e2:eb:87:46:0f:52:
89:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D2:C1:56:AF:BF:C6:BE:8A:D6:4F:8E:81:5D:73:85:5D:18:C5:F5
X509v3 Authority Key Identifier:
keyid:54:0C:4F:74:2F:D3:29:A3:6F:CD:29:C4:EB:98:4E:5F:49:51:5D:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAxPdC_TKaNvzSnE65hOX0lRXZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/0dLBVq-_xr6K1k-OgV1zhV0YxfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/VAxPdC_TKaNvzSnE65hOX0lRXZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.164.0/22
Signature Algorithm: sha256WithRSAEncryption
66:b3:ac:c9:8b:13:df:b3:dc:d2:84:47:a9:e0:9d:02:0a:25:
3c:90:b0:11:a8:b7:45:69:37:dc:bc:42:a4:2c:57:ca:6e:e7:
17:40:12:fd:82:54:2c:b4:3d:73:8a:ce:cf:cf:1a:34:b0:a3:
cb:e7:84:f1:1c:0e:64:be:7b:34:a3:c4:a9:d7:90:9b:a4:18:
00:00:52:a3:c8:86:c2:03:d0:e4:90:2d:ca:d3:93:da:56:f0:
9d:21:c7:c0:ef:78:9c:f8:3d:7d:b0:14:89:6b:14:51:59:75:
ad:66:cd:03:01:dd:bd:b3:7c:2c:6e:1b:3a:9f:2d:41:9b:d1:
7c:7b:6e:03:d7:b1:6a:0e:45:d0:70:fc:01:04:b9:f2:8e:48:
72:12:21:85:6c:4f:15:eb:e2:73:cf:0c:9a:ce:51:fd:5a:59:
c9:df:22:84:9a:4e:6d:83:6b:eb:54:a9:3b:26:e8:f2:9e:b1:
b7:b4:9e:0a:da:cc:2b:1d:8e:5d:f2:d8:27:e9:34:44:49:6a:
0f:72:93:17:37:9c:fd:c7:65:84:f1:e5:75:35:83:3b:e9:af:
2e:87:6a:8b:fc:f8:03:38:d6:98:16:97:9c:dd:1d:68:b4:0d:
63:e4:48:43:2f:03:8f:55:14:62:83:f5:87:5d:45:dd:b2:ce:
f3:41:45:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa3BnrnIOmEfoHdRIZLhxDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MGM0Zjc0MmZkMzI5YTM2ZmNkMjljNGViOTg0ZTVmNDk1
MTVkOTkwHhcNMjMwMzA2MTMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQyYzE1NmFmYmZjNmJlOGFkNjRmOGU4MTVkNzM4NTVkMThjNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpIB3fmjgkIP1qcmeg5Y8HnC9m3y
2TVR0tAi+bLtGrS2baBDN7vCdoyqq/WfLxBu2f/0+Jf3CtGXljHDm5P0hqIs+lNm
D8OlaR5oAQVhg8C1Lba81QBPLp9kFwgCkIAnouc9vg5l4gQHWf+2sv1cvBFIFhEG
AkKJLnzhJJYvBTe/2QhHUUQOXDC0jnQPS3o63Piv1A04T9jKLqmYkH1awlX0F/Kv
f1Avn/Bp8J7KwE108SYGLOBGH+fg/k5+XzDR+h3JbRGVX/sOnlgXUjYtnDle9Khb
d7wAXp71jES0+lrYdkCGTua9Qix0v0A/kYUqJWM+dP3cTELi64dGD1KJqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHSwVavv8a+itZPjoFdc4VdGMX1MB8GA1UdIwQY
MBaAFFQMT3Qv0ymjb80pxOuYTl9JUV2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkF4UGRDX1RLYU52elNuRTY1aE9YMGxSWFprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iZTY4MTktODNiYi00MGUwLTlkNzQt
Y2ZiMGQwNDkzYzNhLzEvMGRMQlZxLV94cjZLMWstT2dWMXpoVjBZeGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iZTY4MTktODNiYi00MGUwLTlkNzQtY2ZiMGQwNDkzYzNh
LzEvVkF4UGRDX1RLYU52elNuRTY1aE9YMGxSWFprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWOkMA0G
CSqGSIb3DQEBCwUAA4IBAQBms6zJixPfs9zShEep4J0CCiU8kLARqLdFaTfcvEKk
LFfKbucXQBL9glQstD1zis7Pzxo0sKPL54TxHA5kvns0o8Sp15CbpBgAAFKjyIbC
A9DkkC3K05PaVvCdIcfA73ic+D19sBSJaxRRWXWtZs0DAd29s3wsbhs6ny1Bm9F8
e24D17FqDkXQcPwBBLnyjkhyEiGFbE8V6+JzzwyazlH9WlnJ3yKEmk5tg2vrVKk7
JujynrG3tJ4K2swrHY5d8tgn6TRESWoPcpMXN5z9x2WE8eV1NYM76a8uh2qL/PgD
ONaYFpec3R1otA1j5EhDLwOPVRRig/WHXUXdss7zQUVO
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:34 2025 by rpki-client