Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/uHJvm6P1dar-JuNdntWxt0BNVKQ.roa
File: uHJvm6P1dar-JuNdntWxt0BNVKQ.roa (raw, json)
Hash identifier: G5qi5zqXT3SJOgyYVmwOP0yQG5JdiDfzbgGwyND4TrI=
Subject key identifier: B8:72:6F:9B:A3:F5:75:AA:FE:26:E3:5D:9E:D5:B1:B7:40:4D:54:A4
Certificate issuer: /CN=a64fa64bb3c2de4788306312c652de749ec93517
Certificate serial: 01856C65BEEC0D1A0C25BF0E344C5BA0E5C1
Authority key identifier: A6:4F:A6:4B:B3:C2:DE:47:88:30:63:12:C6:52:DE:74:9E:C9:35:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pk-mS7PC3keIMGMSxlLedJ7JNRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/uHJvm6P1dar-JuNdntWxt0BNVKQ.roa
Signing time: Sun 01 Jan 2023 08:14:45 +0000
ROA not before: Sun 01 Jan 2023 08:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204695
IP address blocks: 185.242.100.0/22 maxlen: 22
185.242.100.0/24 maxlen: 24
185.242.103.0/24 maxlen: 24
185.242.102.0/24 maxlen: 24
185.242.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:be:ec:0d:1a:0c:25:bf:0e:34:4c:5b:a0:e5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a64fa64bb3c2de4788306312c652de749ec93517
Validity
Not Before: Jan 1 08:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8726f9ba3f575aafe26e35d9ed5b1b7404d54a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ed:de:21:a6:43:28:32:d8:73:03:8c:c0:f3:
6f:8b:a4:69:fb:5b:23:ed:45:d0:a8:05:03:98:1e:
6c:c0:c4:21:fd:1f:61:a5:65:6d:92:dc:e7:3a:43:
a2:11:84:78:9c:2e:08:8b:16:b1:31:76:a7:8d:9b:
c7:12:ef:88:c8:25:79:d0:9c:03:74:4b:f7:f9:49:
1c:f1:ae:bb:7f:78:d6:be:e9:6b:ae:6a:80:9a:d5:
c3:f4:81:43:50:99:59:e8:c5:8a:e2:16:f7:f5:ab:
46:71:9c:55:01:5a:84:77:d5:c0:4c:30:19:82:da:
34:1f:01:93:f9:71:c3:dd:45:75:3a:d4:86:4a:7a:
42:8d:81:ff:b9:52:f8:13:cf:1e:cf:ec:03:20:e9:
03:e8:fd:d0:5d:ba:86:8d:f0:de:6b:92:10:05:c4:
2b:85:11:cf:d6:45:cb:dc:ae:a2:a2:2a:fb:a2:09:
40:b0:8b:d3:7a:1c:d7:e0:b1:83:81:91:03:1f:c9:
1d:4b:4a:f6:c8:4a:10:f1:85:70:c3:f8:96:8b:28:
b3:b5:c5:68:41:c3:08:7a:3c:5d:81:81:18:99:52:
d3:85:00:04:46:13:32:98:ee:bc:50:e7:d4:8f:60:
ce:58:7d:e0:a3:e0:01:46:e8:63:f1:b4:b5:74:cb:
d8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:72:6F:9B:A3:F5:75:AA:FE:26:E3:5D:9E:D5:B1:B7:40:4D:54:A4
X509v3 Authority Key Identifier:
keyid:A6:4F:A6:4B:B3:C2:DE:47:88:30:63:12:C6:52:DE:74:9E:C9:35:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pk-mS7PC3keIMGMSxlLedJ7JNRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/uHJvm6P1dar-JuNdntWxt0BNVKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/427db2-c613-4e84-b38c-90569bc6ca54/1/pk-mS7PC3keIMGMSxlLedJ7JNRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.100.0/22
Signature Algorithm: sha256WithRSAEncryption
67:8c:7f:72:c1:94:db:cd:13:3f:25:be:94:30:8f:e6:a9:fd:
e4:af:d8:fe:d5:a8:36:7d:50:18:7a:0b:4e:48:6b:c3:2c:20:
e5:c0:04:ed:73:6e:46:cc:1a:5f:2a:fe:47:82:70:f7:9e:37:
5b:cb:a0:31:8b:3e:ba:11:f7:93:ed:d1:c0:7e:7e:e1:ee:4e:
7b:3d:39:66:14:c0:fe:d9:e0:bc:a2:f4:ba:f8:6c:87:9a:5e:
e6:15:55:25:17:40:e3:78:f3:f7:4a:36:cc:de:a3:71:db:ba:
b6:15:8e:f1:1e:0b:0b:70:8d:be:c5:a4:24:fe:44:63:ed:95:
83:70:e2:2c:2e:17:a4:d8:29:dd:f4:59:9c:8b:c3:20:2f:eb:
f8:9e:a8:56:93:d1:cb:86:16:c2:75:ee:bc:29:e3:e4:9f:9f:
6d:86:17:8f:df:dc:ca:3a:31:fa:a0:96:dd:32:d9:0f:6c:68:
c8:13:28:ee:de:d4:1f:e3:d5:e4:34:a3:f9:89:5b:d4:47:89:
97:82:3a:02:fe:af:86:ba:e9:5e:3f:dc:ec:02:fe:8b:35:6a:
22:86:ab:6e:78:a0:d0:c1:87:29:37:51:e6:9c:f5:70:b2:09:
f9:f3:a5:5e:6b:cd:ff:62:f7:36:da:39:24:5b:18:2d:81:cd:
bb:95:65:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZb7sDRoMJb8ONExboOXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NGZhNjRiYjNjMmRlNDc4ODMwNjMxMmM2NTJkZTc0OWVj
OTM1MTcwHhcNMjMwMTAxMDgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODcyNmY5YmEzZjU3NWFhZmUyNmUzNWQ5ZWQ1YjFiNzQwNGQ1NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve3eIaZDKDLYcwOMwPNvi6Rp+1sj
7UXQqAUDmB5swMQh/R9hpWVtktznOkOiEYR4nC4IixaxMXanjZvHEu+IyCV50JwD
dEv3+Ukc8a67f3jWvulrrmqAmtXD9IFDUJlZ6MWK4hb39atGcZxVAVqEd9XATDAZ
gto0HwGT+XHD3UV1OtSGSnpCjYH/uVL4E88ez+wDIOkD6P3QXbqGjfDea5IQBcQr
hRHP1kXL3K6ioir7oglAsIvTehzX4LGDgZEDH8kdS0r2yEoQ8YVww/iWiyiztcVo
QcMIejxdgYEYmVLThQAERhMymO68UOfUj2DOWH3go+ABRuhj8bS1dMvYzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhyb5uj9XWq/ibjXZ7VsbdATVSkMB8GA1UdIwQY
MBaAFKZPpkuzwt5HiDBjEsZS3nSeyTUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGstbVM3UEMza2VJTUdNU3hsTGVkSjdKTlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80MjdkYjItYzYxMy00ZTg0LWIzOGMt
OTA1NjliYzZjYTU0LzEvdUhKdm02UDFkYXItSnVOZG50V3h0MEJOVktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80MjdkYjItYzYxMy00ZTg0LWIzOGMtOTA1NjliYzZjYTU0
LzEvcGstbVM3UEMza2VJTUdNU3hsTGVkSjdKTlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufJkMA0G
CSqGSIb3DQEBCwUAA4IBAQBnjH9ywZTbzRM/Jb6UMI/mqf3kr9j+1ag2fVAYegtO
SGvDLCDlwATtc25GzBpfKv5HgnD3njdby6Axiz66EfeT7dHAfn7h7k57PTlmFMD+
2eC8ovS6+GyHml7mFVUlF0DjePP3SjbM3qNx27q2FY7xHgsLcI2+xaQk/kRj7ZWD
cOIsLhek2Cnd9Fmci8MgL+v4nqhWk9HLhhbCde68KePkn59thheP39zKOjH6oJbd
MtkPbGjIEyju3tQf49XkNKP5iVvUR4mXgjoC/q+GuuleP9zsAv6LNWoihqtueKDQ
wYcpN1HmnPVwsgn586Vea83/Yvc22jkkWxgtgc27lWXx
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:37:30 2025 by rpki-client