Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/9fe49f-9ed0-4db3-9be5-5c690447ba89/1/1l4QWImgM7IJsecyMrdgw8sWYcw.roa
File: 1l4QWImgM7IJsecyMrdgw8sWYcw.roa (raw, json)
Hash identifier: wnMCksRVWQpP62jKoDSuTlAp8AF8BZDF/nz0BlbvVz4=
Subject key identifier: D6:5E:10:58:89:A0:33:B2:09:B1:E7:32:32:B7:60:C3:CB:16:61:CC
Certificate issuer: /CN=1f0565865a533402c2f4343fe1af541a006d9d6e
Certificate serial: 0185704BD3881CF39E8A0D14B84C6B381F8D
Authority key identifier: 1F:05:65:86:5A:53:34:02:C2:F4:34:3F:E1:AF:54:1A:00:6D:9D:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwVlhlpTNALC9DQ_4a9UGgBtnW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/9fe49f-9ed0-4db3-9be5-5c690447ba89/1/1l4QWImgM7IJsecyMrdgw8sWYcw.roa
Signing time: Mon 02 Jan 2023 02:24:55 +0000
ROA not before: Mon 02 Jan 2023 02:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51945
IP address blocks: 185.190.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:d3:88:1c:f3:9e:8a:0d:14:b8:4c:6b:38:1f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f0565865a533402c2f4343fe1af541a006d9d6e
Validity
Not Before: Jan 2 02:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d65e105889a033b209b1e73232b760c3cb1661cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d7:88:39:16:a5:17:fc:94:7c:41:ae:38:dd:
7d:64:93:ec:66:37:89:21:74:6b:3c:96:bf:86:f6:
4d:82:f3:3a:b4:ed:19:38:69:15:17:64:f2:b4:b9:
8e:ee:e5:fd:5c:d5:00:b6:5a:d0:ca:6e:3c:57:7b:
4f:10:a4:27:74:83:77:60:41:ea:9f:b0:94:27:e5:
24:87:bd:e1:68:f1:b0:1a:fe:18:a0:6b:35:be:c2:
c3:92:12:ad:6a:e8:4a:19:9c:80:21:22:f4:5d:a1:
25:a1:24:4a:2d:d9:79:74:7b:3b:97:f9:41:2d:c0:
85:9b:69:6e:c1:3c:19:e3:88:39:c5:68:ba:0b:6f:
b0:b9:26:ee:e4:33:ed:6a:a5:ac:32:15:b8:da:81:
14:59:99:1f:2d:e9:35:c8:84:d1:b9:4b:de:9a:fa:
c0:59:14:11:f1:46:38:ee:5d:01:d3:37:21:1e:4f:
c6:9c:7b:f7:ec:cb:74:ca:28:fd:e3:07:4b:7f:bc:
c0:5c:57:f7:94:05:80:08:54:41:4d:34:18:b9:bb:
98:a8:47:3e:36:d2:22:9a:b8:6e:eb:04:96:08:71:
98:73:bb:ff:7f:dc:5a:fa:e3:04:42:72:72:bb:a0:
15:13:58:cd:12:ea:41:ed:9b:cc:1b:5a:e0:62:2a:
33:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5E:10:58:89:A0:33:B2:09:B1:E7:32:32:B7:60:C3:CB:16:61:CC
X509v3 Authority Key Identifier:
keyid:1F:05:65:86:5A:53:34:02:C2:F4:34:3F:E1:AF:54:1A:00:6D:9D:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwVlhlpTNALC9DQ_4a9UGgBtnW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9fe49f-9ed0-4db3-9be5-5c690447ba89/1/1l4QWImgM7IJsecyMrdgw8sWYcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9fe49f-9ed0-4db3-9be5-5c690447ba89/1/HwVlhlpTNALC9DQ_4a9UGgBtnW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.37.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:4d:b3:1e:e9:85:64:d2:ff:97:6f:6a:03:c6:0d:fb:ba:11:
bf:e0:65:3c:da:32:86:c7:d1:21:80:bc:3e:a3:72:f2:fd:6a:
78:fe:ff:fe:08:ba:4a:4e:91:22:34:66:06:b6:27:38:42:c9:
93:0d:a9:5b:ec:67:54:52:54:af:a9:66:c7:98:6e:a2:ba:57:
e4:78:cd:95:a0:40:3b:df:c9:e7:a8:d1:ba:b4:bb:a1:15:61:
c9:0b:24:c0:c3:07:06:71:e3:f1:2b:34:4c:8c:8b:0a:56:73:
89:a0:20:13:55:17:70:a6:51:3d:a2:77:64:b7:d0:02:43:48:
ce:00:65:2f:4b:1a:39:19:99:ab:64:32:7a:41:dd:c1:7a:28:
e8:5c:ae:8d:49:7b:ac:93:74:4c:e5:14:74:26:a4:dc:d2:81:
e2:a8:73:31:1b:2a:21:39:b0:dd:e4:f3:1f:2c:c7:26:1c:85:
c8:f1:51:6b:33:ab:90:40:fc:d3:ce:4f:86:89:4f:a6:aa:4e:
26:e8:45:47:f9:76:0c:bc:10:69:bf:0b:cc:b3:7d:69:af:67:
44:9e:92:90:8e:12:66:40:1b:21:9b:c6:76:7f:f1:62:9d:d3:
ac:c9:19:16:f9:ca:36:a1:bb:04:8b:83:b5:4a:79:de:12:6c:
c0:d6:62:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS9OIHPOeig0UuExrOB+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDU2NTg2NWE1MzM0MDJjMmY0MzQzZmUxYWY1NDFhMDA2
ZDlkNmUwHhcNMjMwMTAyMDIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjVlMTA1ODg5YTAzM2IyMDliMWU3MzIzMmI3NjBjM2NiMTY2MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNeIORalF/yUfEGuON19ZJPsZjeJ
IXRrPJa/hvZNgvM6tO0ZOGkVF2TytLmO7uX9XNUAtlrQym48V3tPEKQndIN3YEHq
n7CUJ+Ukh73haPGwGv4YoGs1vsLDkhKtauhKGZyAISL0XaEloSRKLdl5dHs7l/lB
LcCFm2luwTwZ44g5xWi6C2+wuSbu5DPtaqWsMhW42oEUWZkfLek1yITRuUvemvrA
WRQR8UY47l0B0zchHk/GnHv37Mt0yij94wdLf7zAXFf3lAWACFRBTTQYubuYqEc+
NtIimrhu6wSWCHGYc7v/f9xa+uMEQnJyu6AVE1jNEupB7ZvMG1rgYiozWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZeEFiJoDOyCbHnMjK3YMPLFmHMMB8GA1UdIwQY
MBaAFB8FZYZaUzQCwvQ0P+GvVBoAbZ1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdWbGhscFROQUxDOURRXzRhOVVHZ0J0blc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85ZmU0OWYtOWVkMC00ZGIzLTliZTUt
NWM2OTA0NDdiYTg5LzEvMWw0UVdJbWdNN0lKc2VjeU1yZGd3OHNXWWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85ZmU0OWYtOWVkMC00ZGIzLTliZTUtNWM2OTA0NDdiYTg5
LzEvSHdWbGhscFROQUxDOURRXzRhOVVHZ0J0blc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub4lMA0G
CSqGSIb3DQEBCwUAA4IBAQBqTbMe6YVk0v+Xb2oDxg37uhG/4GU82jKGx9EhgLw+
o3Ly/Wp4/v/+CLpKTpEiNGYGtic4QsmTDalb7GdUUlSvqWbHmG6iulfkeM2VoEA7
38nnqNG6tLuhFWHJCyTAwwcGcePxKzRMjIsKVnOJoCATVRdwplE9ondkt9ACQ0jO
AGUvSxo5GZmrZDJ6Qd3BeijoXK6NSXusk3RM5RR0JqTc0oHiqHMxGyohObDd5PMf
LMcmHIXI8VFrM6uQQPzTzk+GiU+mqk4m6EVH+XYMvBBpvwvMs31pr2dEnpKQjhJm
QBshm8Z2f/FindOsyRkW+co2obsEi4O1SnneEmzA1mL4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:37 2025 by rpki-client