Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/cN4d73boUboneHqltJLupWD2vTE.roa
File: cN4d73boUboneHqltJLupWD2vTE.roa (raw, json)
Hash identifier: kbi+4X3adC6xrH0+BLn10duiRltoDUlLpZJPNgdKvY8=
Subject key identifier: 70:DE:1D:EF:76:E8:51:BA:27:78:7A:A5:B4:92:EE:A5:60:F6:BD:31
Certificate issuer: /CN=946733318c62c47920fe375ad99cb729ee90a1ad
Certificate serial: 01856D417F249CD291D71A517A7F09CFB7D5
Authority key identifier: 94:67:33:31:8C:62:C4:79:20:FE:37:5A:D9:9C:B7:29:EE:90:A1:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lGczMYxixHkg_jda2Zy3Ke6Qoa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/cN4d73boUboneHqltJLupWD2vTE.roa
Signing time: Sun 01 Jan 2023 12:14:46 +0000
ROA not before: Sun 01 Jan 2023 12:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203474
IP address blocks: 185.114.196.0/22 maxlen: 22
185.114.196.0/24 maxlen: 24
2a03:3780::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:7f:24:9c:d2:91:d7:1a:51:7a:7f:09:cf:b7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=946733318c62c47920fe375ad99cb729ee90a1ad
Validity
Not Before: Jan 1 12:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70de1def76e851ba27787aa5b492eea560f6bd31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:44:cd:92:c5:ae:84:37:6b:83:bc:8e:cd:88:
ab:3b:06:70:20:95:89:80:f1:7c:e0:58:86:47:58:
f4:7a:eb:06:ce:75:25:fb:ed:eb:78:d7:1d:d4:03:
12:87:ba:99:b1:1c:5d:60:85:84:4f:ae:28:fe:5e:
fb:00:dd:d8:c8:b9:f3:10:a6:b5:7e:97:50:20:7f:
56:85:09:4d:11:02:23:8d:83:b9:58:40:b3:83:76:
4f:e9:3a:76:a5:64:dc:45:8c:a9:42:cc:f6:30:51:
8e:b4:be:e3:ab:65:2f:1c:95:71:fc:d8:1a:c1:65:
5b:13:fd:c2:17:33:c8:2a:e8:39:40:ab:aa:0c:af:
1d:11:c1:21:bd:f2:f2:ae:4e:d9:32:b2:62:d8:44:
9a:e8:6e:e7:ef:ae:4c:2c:2b:7a:83:07:04:56:ce:
cf:40:17:b1:7c:9d:99:33:5e:fc:ef:59:16:e2:36:
bb:e4:ed:2f:b1:66:b0:4f:23:ef:54:2a:ad:a5:fc:
94:e6:8c:11:dc:5b:db:ec:55:a8:ad:de:93:64:ba:
35:fb:ff:cd:f9:65:16:4e:2c:61:a6:f7:d9:02:b9:
64:06:7a:e2:b4:81:d0:96:ca:b9:01:68:cb:c8:b2:
09:65:3a:97:b1:2d:de:25:56:ed:03:73:47:c9:b9:
27:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DE:1D:EF:76:E8:51:BA:27:78:7A:A5:B4:92:EE:A5:60:F6:BD:31
X509v3 Authority Key Identifier:
keyid:94:67:33:31:8C:62:C4:79:20:FE:37:5A:D9:9C:B7:29:EE:90:A1:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGczMYxixHkg_jda2Zy3Ke6Qoa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/cN4d73boUboneHqltJLupWD2vTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/lGczMYxixHkg_jda2Zy3Ke6Qoa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.196.0/22
IPv6:
2a03:3780::/48
Signature Algorithm: sha256WithRSAEncryption
1e:44:04:e5:de:db:74:6a:65:1f:15:52:6a:e7:c7:83:df:42:
b6:67:69:3b:8e:6d:39:2f:f0:89:24:83:ba:b8:b8:64:cc:55:
d5:83:ed:42:64:8c:f4:f0:cd:59:c6:5e:3c:5d:b7:f6:1e:2b:
ac:64:c9:83:82:2d:15:b1:27:f0:a2:0f:6f:04:5a:67:11:78:
85:a3:c9:a4:0a:b4:80:f3:a1:8b:99:d7:e1:bc:21:ea:0b:0b:
51:7a:84:13:b1:17:82:fc:5f:6c:21:fb:ae:5d:63:31:9c:a1:
e2:7d:46:b9:a0:2a:43:60:52:87:a2:cb:cd:ab:de:37:bd:d6:
6e:63:f8:88:c5:d5:c9:9c:6a:58:db:68:01:90:2b:38:66:b4:
57:d7:6a:42:d7:6f:13:a2:9c:bf:49:00:b6:27:ce:b5:02:06:
6d:e0:18:34:24:6e:b2:47:ff:b0:e7:1c:c0:a5:34:8e:dd:fe:
46:6c:93:20:e2:c1:5c:e6:82:64:15:a5:1a:04:64:9a:bb:60:
b7:36:c6:af:88:b7:b4:f2:d1:7b:25:2f:10:6d:44:5d:fd:f4:
57:a0:6a:6f:b2:81:10:a7:b5:2d:de:dc:c5:9c:d1:b4:e9:97:
09:97:6e:53:9f:e9:07:79:9d:43:db:46:82:e6:c6:fb:81:3e:
84:d1:97:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtQX8knNKR1xpRen8Jz7fVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjczMzMxOGM2MmM0NzkyMGZlMzc1YWQ5OWNiNzI5ZWU5
MGExYWQwHhcNMjMwMTAxMTIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRlMWRlZjc2ZTg1MWJhMjc3ODdhYTViNDkyZWVhNTYwZjZiZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0TNksWuhDdrg7yOzYirOwZwIJWJ
gPF84FiGR1j0eusGznUl++3reNcd1AMSh7qZsRxdYIWET64o/l77AN3YyLnzEKa1
fpdQIH9WhQlNEQIjjYO5WECzg3ZP6Tp2pWTcRYypQsz2MFGOtL7jq2UvHJVx/Nga
wWVbE/3CFzPIKug5QKuqDK8dEcEhvfLyrk7ZMrJi2ESa6G7n765MLCt6gwcEVs7P
QBexfJ2ZM17871kW4ja75O0vsWawTyPvVCqtpfyU5owR3Fvb7FWord6TZLo1+//N
+WUWTixhpvfZArlkBnritIHQlsq5AWjLyLIJZTqXsS3eJVbtA3NHybknXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHDeHe926FG6J3h6pbSS7qVg9r0xMB8GA1UdIwQY
MBaAFJRnMzGMYsR5IP43WtmctynukKGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdjek1ZeGl4SGtnX2pkYTJaeTNLZTZRb2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kNzYwOWUtNjM5Ni00MTU1LWFkMzUt
Yjc0MDg5ZDhlNTllLzEvY040ZDczYm9VYm9uZUhxbHRKTHVwV0QydlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kNzYwOWUtNjM5Ni00MTU1LWFkMzUtYjc0MDg5ZDhlNTll
LzEvbEdjek1ZeGl4SGtnX2pkYTJaeTNLZTZRb2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuXLEMA8E
AgACMAkDBwAqAzeAAAAwDQYJKoZIhvcNAQELBQADggEBAB5EBOXe23RqZR8VUmrn
x4PfQrZnaTuObTkv8Ikkg7q4uGTMVdWD7UJkjPTwzVnGXjxdt/YeK6xkyYOCLRWx
J/CiD28EWmcReIWjyaQKtIDzoYuZ1+G8IeoLC1F6hBOxF4L8X2wh+65dYzGcoeJ9
RrmgKkNgUoeiy82r3je91m5j+IjF1cmcaljbaAGQKzhmtFfXakLXbxOinL9JALYn
zrUCBm3gGDQkbrJH/7DnHMClNI7d/kZskyDiwVzmgmQVpRoEZJq7YLc2xq+It7Ty
0XslLxBtRF399Fegam+ygRCntS3e3MWc0bTplwmXblOf6Qd5nUPbRoLmxvuBPoTR
lws=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:18 2025 by rpki-client