Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/adbb47-572a-49cc-a6d0-51ff20f9fef9/1/9jQYEVPtEil3Uxdtul9B5ppeIWg.roa
File: 9jQYEVPtEil3Uxdtul9B5ppeIWg.roa (raw, json)
Hash identifier: quP2s5jru3hWj0hyc7Y6o/2mXBEV6RHsCdIowk9sSI4=
Subject key identifier: F6:34:18:11:53:ED:12:29:77:53:17:6D:BA:5F:41:E6:9A:5E:21:68
Certificate issuer: /CN=3763e45b816493ccdbdd4b07708a21fb73a1e599
Certificate serial: 018B72AC4AAA37D691FAE5C503A2B4B3CF84
Authority key identifier: 37:63:E4:5B:81:64:93:CC:DB:DD:4B:07:70:8A:21:FB:73:A1:E5:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N2PkW4Fkk8zb3UsHcIoh-3Oh5Zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/adbb47-572a-49cc-a6d0-51ff20f9fef9/1/9jQYEVPtEil3Uxdtul9B5ppeIWg.roa
Signing time: Fri 27 Oct 2023 19:46:15 +0000
ROA not before: Fri 27 Oct 2023 19:46:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216142
IP address blocks: 185.235.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:72:ac:4a:aa:37:d6:91:fa:e5:c5:03:a2:b4:b3:cf:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3763e45b816493ccdbdd4b07708a21fb73a1e599
Validity
Not Before: Oct 27 19:46:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f634181153ed12297753176dba5f41e69a5e2168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:95:31:01:1e:93:02:09:3f:f7:76:d3:49:40:
d8:8f:c2:10:e5:04:27:e2:cc:70:26:88:e1:4d:15:
65:26:18:1b:e8:ad:a3:41:e5:c5:1a:28:66:5e:2b:
59:46:58:b6:94:48:41:b8:32:d9:c8:ea:c5:92:bd:
ea:2c:da:fa:ba:f0:15:d7:cb:12:1b:1b:c8:a1:09:
d1:cb:cd:cf:1c:bb:59:cc:2e:e7:b2:15:ae:6e:b0:
b1:99:23:84:ba:e1:fe:33:c2:cd:e6:0b:d6:0a:d8:
5d:2b:86:fb:d3:99:55:e9:94:66:b1:f4:22:cd:55:
62:c4:d1:6a:4c:5c:bd:bf:b0:7c:c6:c4:37:09:d7:
7a:dc:b3:31:c1:96:56:58:7c:c4:54:f1:d4:7e:43:
d1:eb:10:05:32:d0:57:0d:1b:f9:75:82:5f:0f:a3:
13:cd:46:26:70:b0:ce:8c:7e:5c:a6:f5:82:f3:ee:
96:87:f7:58:1d:a8:03:12:cf:14:b8:df:e7:09:6b:
35:c3:30:13:27:e8:ce:1c:82:49:52:97:ef:3f:d8:
6b:58:4a:7b:32:6d:bf:71:33:e0:90:e8:8b:60:e0:
62:d3:0c:f5:14:f8:5d:fc:72:53:09:77:e9:32:85:
64:19:4b:50:ea:f4:01:31:c5:38:6a:b8:44:ed:85:
4d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:34:18:11:53:ED:12:29:77:53:17:6D:BA:5F:41:E6:9A:5E:21:68
X509v3 Authority Key Identifier:
keyid:37:63:E4:5B:81:64:93:CC:DB:DD:4B:07:70:8A:21:FB:73:A1:E5:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2PkW4Fkk8zb3UsHcIoh-3Oh5Zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/adbb47-572a-49cc-a6d0-51ff20f9fef9/1/9jQYEVPtEil3Uxdtul9B5ppeIWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/adbb47-572a-49cc-a6d0-51ff20f9fef9/1/N2PkW4Fkk8zb3UsHcIoh-3Oh5Zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.33.0/24
Signature Algorithm: sha256WithRSAEncryption
08:83:36:2a:7b:d6:1a:8c:04:65:df:3a:25:51:f2:e6:3a:d8:
67:54:b3:66:9f:31:5e:35:f1:0c:b3:78:32:17:20:36:22:8e:
4d:79:5a:e4:be:25:77:f3:88:5f:c2:f1:d4:23:c0:dd:14:32:
83:b5:ed:43:6e:2e:74:66:76:70:5a:37:da:8f:17:3f:a1:fd:
d5:c7:53:c1:c2:ec:d5:9f:70:f9:f9:70:02:a5:41:dc:1f:d4:
ee:4b:e3:42:44:21:f1:82:ad:26:66:3f:df:b7:fd:52:40:b3:
dc:e7:cd:35:8e:6e:45:77:22:d6:ad:7d:46:42:f5:27:24:a2:
77:21:42:01:21:bb:25:ac:0c:5d:56:ed:dc:05:96:72:86:a3:
fd:23:cc:58:6a:d3:0d:98:53:c2:72:4a:a3:31:ef:40:6f:6c:
e9:6a:f8:7c:a0:68:62:04:41:25:2a:64:da:d6:6c:e9:63:ce:
c6:35:d4:b4:13:2b:db:ac:d1:fa:f8:c9:dc:cb:94:eb:83:ce:
21:05:dd:85:34:d0:4b:da:3b:df:b7:f5:e2:77:49:e1:63:4d:
c4:7b:99:eb:a9:f0:2e:23:c4:26:d7:5a:ff:a1:1c:8a:01:66:
d5:9c:a0:56:67:7a:2d:5d:60:a9:a6:04:09:bf:45:10:d4:85:
8b:be:52:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtyrEqqN9aR+uXFA6K0s8+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NjNlNDViODE2NDkzY2NkYmRkNGIwNzcwOGEyMWZiNzNh
MWU1OTkwHhcNMjMxMDI3MTk0NjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM0MTgxMTUzZWQxMjI5Nzc1MzE3NmRiYTVmNDFlNjlhNWUyMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpUxAR6TAgk/93bTSUDYj8IQ5QQn
4sxwJojhTRVlJhgb6K2jQeXFGihmXitZRli2lEhBuDLZyOrFkr3qLNr6uvAV18sS
GxvIoQnRy83PHLtZzC7nshWubrCxmSOEuuH+M8LN5gvWCthdK4b705lV6ZRmsfQi
zVVixNFqTFy9v7B8xsQ3Cdd63LMxwZZWWHzEVPHUfkPR6xAFMtBXDRv5dYJfD6MT
zUYmcLDOjH5cpvWC8+6Wh/dYHagDEs8UuN/nCWs1wzATJ+jOHIJJUpfvP9hrWEp7
Mm2/cTPgkOiLYOBi0wz1FPhd/HJTCXfpMoVkGUtQ6vQBMcU4arhE7YVNqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPY0GBFT7RIpd1MXbbpfQeaaXiFoMB8GA1UdIwQY
MBaAFDdj5FuBZJPM291LB3CKIftzoeWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJQa1c0RmtrOHpiM1VzSGNJb2gtM09oNVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZGJiNDctNTcyYS00OWNjLWE2ZDAt
NTFmZjIwZjlmZWY5LzEvOWpRWUVWUHRFaWwzVXhkdHVsOUI1cHBlSVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZGJiNDctNTcyYS00OWNjLWE2ZDAtNTFmZjIwZjlmZWY5
LzEvTjJQa1c0RmtrOHpiM1VzSGNJb2gtM09oNVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueshMA0G
CSqGSIb3DQEBCwUAA4IBAQAIgzYqe9YajARl3zolUfLmOthnVLNmnzFeNfEMs3gy
FyA2Io5NeVrkviV384hfwvHUI8DdFDKDte1Dbi50ZnZwWjfajxc/of3Vx1PBwuzV
n3D5+XACpUHcH9TuS+NCRCHxgq0mZj/ft/1SQLPc5801jm5FdyLWrX1GQvUnJKJ3
IUIBIbslrAxdVu3cBZZyhqP9I8xYatMNmFPCckqjMe9Ab2zpavh8oGhiBEElKmTa
1mzpY87GNdS0EyvbrNH6+Mncy5Trg84hBd2FNNBL2jvft/Xid0nhY03Ee5nrqfAu
I8Qm11r/oRyKAWbVnKBWZ3otXWCppgQJv0UQ1IWLvlKq
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:56:49 2025 by rpki-client