Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b92cc3-ddf1-43cb-b4b1-4154da5ceb9b/1/DMOj8lvzLp02e-2qTY-MVxLCKvw.roa
File: DMOj8lvzLp02e-2qTY-MVxLCKvw.roa (raw, json)
Hash identifier: JBJKg1l8aDImwBCjiJV6sQ0Ex44OwwB8yooL20S7U5M=
Subject key identifier: 0C:C3:A3:F2:5B:F3:2E:9D:36:7B:ED:AA:4D:8F:8C:57:12:C2:2A:FC
Certificate issuer: /CN=b90f40bdb9e664769e917590f78db6e77193d751
Certificate serial: 0187B70AF5CE0B1E1246A99925CD950AF9B0
Authority key identifier: B9:0F:40:BD:B9:E6:64:76:9E:91:75:90:F7:8D:B6:E7:71:93:D7:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQ9AvbnmZHaekXWQ942253GT11E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b92cc3-ddf1-43cb-b4b1-4154da5ceb9b/1/DMOj8lvzLp02e-2qTY-MVxLCKvw.roa
Signing time: Tue 25 Apr 2023 06:12:41 +0000
ROA not before: Tue 25 Apr 2023 06:12:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204851
IP address blocks: 185.237.240.0/22 maxlen: 22
185.237.240.0/24 maxlen: 24
185.237.242.0/24 maxlen: 24
185.237.243.0/24 maxlen: 24
185.237.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:0a:f5:ce:0b:1e:12:46:a9:99:25:cd:95:0a:f9:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b90f40bdb9e664769e917590f78db6e77193d751
Validity
Not Before: Apr 25 06:12:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cc3a3f25bf32e9d367bedaa4d8f8c5712c22afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:00:6a:ea:82:5d:03:4a:9b:b6:ba:29:89:de:
26:72:40:5a:21:56:50:c4:0f:13:83:ae:57:f8:0f:
99:8b:82:60:4c:e0:24:50:76:b7:be:b4:7e:df:33:
3d:2f:74:46:40:91:f9:b5:89:4a:83:64:19:b3:c6:
b3:f4:60:ed:12:98:ec:93:3f:93:e6:2a:22:4f:b4:
24:21:11:e8:8c:66:79:c1:21:f6:4c:ad:d8:19:0b:
9b:16:1e:5b:4f:a9:82:8f:95:b9:50:d6:36:bc:93:
a1:4e:d3:e1:cd:12:5c:a8:78:e2:21:78:fa:77:df:
55:ab:88:4c:30:c9:de:17:a7:50:c5:b0:8c:99:c5:
eb:de:6b:41:1b:c7:b5:7b:dd:6b:14:6a:4d:48:0c:
ea:26:7d:b5:da:24:09:8a:a6:d2:4a:e3:41:f2:c1:
85:6c:bb:0c:90:27:ea:73:45:a3:c3:49:1d:1d:c4:
53:1e:e2:13:b0:32:00:10:90:98:c5:f4:76:6e:f8:
5b:9a:c3:37:8c:35:40:25:a1:ec:6f:7a:2f:d9:e9:
77:9a:41:8d:c3:76:a3:e9:2e:b4:a5:23:cb:aa:e4:
5e:24:04:2c:fa:c6:88:33:49:b7:9c:02:f6:8a:23:
a1:8d:ed:74:0d:cd:31:da:2d:9b:df:af:11:4e:09:
33:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C3:A3:F2:5B:F3:2E:9D:36:7B:ED:AA:4D:8F:8C:57:12:C2:2A:FC
X509v3 Authority Key Identifier:
keyid:B9:0F:40:BD:B9:E6:64:76:9E:91:75:90:F7:8D:B6:E7:71:93:D7:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQ9AvbnmZHaekXWQ942253GT11E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b92cc3-ddf1-43cb-b4b1-4154da5ceb9b/1/DMOj8lvzLp02e-2qTY-MVxLCKvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b92cc3-ddf1-43cb-b4b1-4154da5ceb9b/1/uQ9AvbnmZHaekXWQ942253GT11E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.240.0/22
Signature Algorithm: sha256WithRSAEncryption
17:b7:a7:1b:3c:5b:fd:e0:17:e3:8e:dc:8c:05:31:dd:10:b5:
28:2d:88:dd:aa:d9:6e:a6:eb:c4:23:5f:b3:69:2a:17:6c:75:
ee:e0:c6:6b:7a:90:60:cf:ea:53:29:fd:66:4f:3b:58:8d:36:
b4:ba:6c:01:20:d2:d3:56:71:5d:7d:69:3b:c6:7e:37:1e:70:
c9:b9:3e:10:7c:9c:de:35:ff:86:15:51:9a:b1:e4:a4:42:86:
b9:06:9d:f7:d2:70:34:fd:2e:82:50:0f:0d:5b:6e:68:c6:54:
af:1d:11:84:59:0c:ea:b9:88:3e:7b:32:80:20:b0:ce:d0:41:
6a:11:3c:cf:e9:3b:f3:be:22:82:70:b4:ad:e7:7c:01:ff:24:
f5:5b:b0:ba:87:b0:fd:d2:09:20:34:8b:cf:94:9f:c7:3d:a8:
25:cb:bf:cf:10:76:66:1a:e4:e9:bc:8b:07:db:be:4c:2a:3f:
b2:4b:12:dd:7a:05:eb:c9:8b:ff:b7:a2:e2:dc:08:77:3a:45:
06:cd:1f:0b:00:aa:5a:ea:dd:78:41:99:17:fe:56:fa:fd:04:
f1:2a:db:8d:07:61:df:2c:d2:6b:51:1c:8d:96:6c:f2:00:cc:
72:cb:b4:7c:19:fc:07:a9:3e:dd:76:85:fb:86:9c:94:85:a3:
74:91:56:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe3CvXOCx4SRqmZJc2VCvmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MGY0MGJkYjllNjY0NzY5ZTkxNzU5MGY3OGRiNmU3NzE5
M2Q3NTEwHhcNMjMwNDI1MDYxMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2MzYTNmMjViZjMyZTlkMzY3YmVkYWE0ZDhmOGM1NzEyYzIyYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwBq6oJdA0qbtropid4mckBaIVZQ
xA8Tg65X+A+Zi4JgTOAkUHa3vrR+3zM9L3RGQJH5tYlKg2QZs8az9GDtEpjskz+T
5ioiT7QkIRHojGZ5wSH2TK3YGQubFh5bT6mCj5W5UNY2vJOhTtPhzRJcqHjiIXj6
d99Vq4hMMMneF6dQxbCMmcXr3mtBG8e1e91rFGpNSAzqJn212iQJiqbSSuNB8sGF
bLsMkCfqc0Wjw0kdHcRTHuITsDIAEJCYxfR2bvhbmsM3jDVAJaHsb3ov2el3mkGN
w3aj6S60pSPLquReJAQs+saIM0m3nAL2iiOhje10Dc0x2i2b368RTgkzSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzDo/Jb8y6dNnvtqk2PjFcSwir8MB8GA1UdIwQY
MBaAFLkPQL255mR2npF1kPeNtudxk9dRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVE5QXZibm1aSGFla1hXUTk0MjI1M0dUMTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iOTJjYzMtZGRmMS00M2NiLWI0YjEt
NDE1NGRhNWNlYjliLzEvRE1PajhsdnpMcDAyZS0ycVRZLU1WeExDS3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iOTJjYzMtZGRmMS00M2NiLWI0YjEtNDE1NGRhNWNlYjli
LzEvdVE5QXZibm1aSGFla1hXUTk0MjI1M0dUMTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue3wMA0G
CSqGSIb3DQEBCwUAA4IBAQAXt6cbPFv94BfjjtyMBTHdELUoLYjdqtlupuvEI1+z
aSoXbHXu4MZrepBgz+pTKf1mTztYjTa0umwBINLTVnFdfWk7xn43HnDJuT4QfJze
Nf+GFVGaseSkQoa5Bp330nA0/S6CUA8NW25oxlSvHRGEWQzquYg+ezKAILDO0EFq
ETzP6TvzviKCcLSt53wB/yT1W7C6h7D90gkgNIvPlJ/HPagly7/PEHZmGuTpvIsH
275MKj+ySxLdegXryYv/t6Li3Ah3OkUGzR8LAKpa6t14QZkX/lb6/QTxKtuNB2Hf
LNJrURyNlmzyAMxyy7R8GfwHqT7ddoX7hpyUhaN0kVbJ
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:55:58 2025 by rpki-client