Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/0Ks-AXTHjZmxrgLSa8-nLqMqgz4.roa
File: 0Ks-AXTHjZmxrgLSa8-nLqMqgz4.roa (raw, json)
Hash identifier: XX+zlawlwKeMZlTgXa97KWjEmMLkpLj9HHs8eryc/4M=
Subject key identifier: D0:AB:3E:01:74:C7:8D:99:B1:AE:02:D2:6B:CF:A7:2E:A3:2A:83:3E
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C7C09A5BA7CCBE62685F2E64E12EF61A8
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/0Ks-AXTHjZmxrgLSa8-nLqMqgz4.roa
Signing time: Mon 18 Dec 2023 08:27:36 +0000
ROA not before: Mon 18 Dec 2023 08:27:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216050
IP address blocks: 185.100.169.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:09:a5:ba:7c:cb:e6:26:85:f2:e6:4e:12:ef:61:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 18 08:27:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0ab3e0174c78d99b1ae02d26bcfa72ea32a833e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dd:93:49:d0:e4:a3:6d:02:0f:7e:4b:be:bb:
f6:b2:0e:64:31:ef:2d:7e:2e:59:69:18:7c:ee:8b:
b5:cd:ff:3d:58:0e:f7:0e:9f:9b:a6:c1:fc:7c:b4:
58:86:a9:bd:7c:dc:f9:ba:fc:5c:93:1b:be:b2:b7:
10:b0:b5:c2:1c:6d:f4:15:7a:fd:a3:38:eb:77:38:
97:9b:ca:19:b6:a7:b6:34:29:a1:00:9f:f7:26:0b:
11:2e:72:40:27:e9:58:14:a8:09:da:b0:26:8a:a8:
ed:c4:0e:74:67:71:20:58:9f:7e:b0:77:73:4d:48:
e4:6b:b3:c7:23:99:8c:b8:70:79:de:bb:8c:ae:fb:
19:c2:43:d6:e3:78:de:93:24:8d:57:55:7f:56:98:
53:e6:1b:88:fb:d6:7f:7f:ca:1b:a0:6b:81:17:3d:
5a:db:3e:05:35:72:d4:4a:65:5b:27:36:ee:54:de:
52:6a:fb:b6:c5:64:a7:ae:56:e0:bb:28:b2:78:e0:
09:52:6c:2c:1f:d7:04:00:05:f9:e0:36:7f:5f:96:
b0:39:22:62:5a:c1:8f:ab:ab:19:60:15:22:59:2f:
09:fa:89:92:70:c8:60:44:23:79:d6:a7:23:9e:54:
25:ab:eb:20:0d:0f:16:cc:ac:60:9a:f8:c0:b9:8d:
bc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AB:3E:01:74:C7:8D:99:B1:AE:02:D2:6B:CF:A7:2E:A3:2A:83:3E
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/0Ks-AXTHjZmxrgLSa8-nLqMqgz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.169.0-185.100.170.255
Signature Algorithm: sha256WithRSAEncryption
3a:4c:a2:45:48:09:ae:1a:fb:1c:79:c4:1f:2d:f0:b7:3c:db:
8d:8b:f3:3b:ab:a6:64:d9:96:8b:90:b7:b7:3d:de:37:06:5a:
af:08:b8:0e:bf:a8:a4:76:d9:7f:25:1b:5a:5c:d8:0b:9b:27:
26:97:1d:62:b7:7f:6d:55:c0:c6:ac:8b:5f:42:1e:ae:b0:92:
60:f3:d0:b9:5d:f7:00:91:57:a7:5a:d1:f1:81:64:bb:79:c3:
e1:2e:b1:3a:51:96:20:d8:ed:f8:88:67:a8:1e:5a:96:e5:7c:
2f:30:47:80:8c:ef:c0:02:1e:76:ea:78:84:bc:50:c6:61:ef:
9e:bd:ed:ed:6b:2f:88:01:9d:5c:a3:f9:90:51:2c:8b:22:72:
42:7d:3e:d9:40:8b:19:af:af:ca:07:2d:16:a1:14:a2:74:b5:
6a:f7:8c:5a:6d:62:8a:03:99:e8:37:2e:65:04:75:15:e3:ea:
63:f2:e6:01:80:e1:5a:37:8b:1e:a5:0b:d8:b7:48:49:5b:2b:
50:83:d0:99:20:ab:0f:f0:38:29:d9:a4:47:2b:47:1f:25:7a:
80:b4:38:b9:31:fd:29:8c:e4:35:f2:3c:98:aa:bb:6b:8e:79:
2e:e7:71:6b:1c:b3:36:17:d9:d6:d0:e4:72:1a:5e:ea:84:4b:
69:3d:28:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYx8CaW6fMvmJoXy5k4S72GoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjE4MDgyNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGFiM2UwMTc0Yzc4ZDk5YjFhZTAyZDI2YmNmYTcyZWEzMmE4MzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt2TSdDko20CD35Lvrv2sg5kMe8t
fi5ZaRh87ou1zf89WA73Dp+bpsH8fLRYhqm9fNz5uvxckxu+srcQsLXCHG30FXr9
ozjrdziXm8oZtqe2NCmhAJ/3JgsRLnJAJ+lYFKgJ2rAmiqjtxA50Z3EgWJ9+sHdz
TUjka7PHI5mMuHB53ruMrvsZwkPW43jekySNV1V/VphT5huI+9Z/f8oboGuBFz1a
2z4FNXLUSmVbJzbuVN5Savu2xWSnrlbguyiyeOAJUmwsH9cEAAX54DZ/X5awOSJi
WsGPq6sZYBUiWS8J+omScMhgRCN51qcjnlQlq+sgDQ8WzKxgmvjAuY28RwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNCrPgF0x42Zsa4C0mvPpy6jKoM+MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvMEtzLUFYVEhqWm14cmdMU2E4LW5McU1xZ3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5ZKkD
BAC5ZKowDQYJKoZIhvcNAQELBQADggEBADpMokVICa4a+xx5xB8t8Lc8242L8zur
pmTZlouQt7c93jcGWq8IuA6/qKR22X8lG1pc2AubJyaXHWK3f21VwMasi19CHq6w
kmDz0Lld9wCRV6da0fGBZLt5w+EusTpRliDY7fiIZ6geWpblfC8wR4CM78ACHnbq
eIS8UMZh75697e1rL4gBnVyj+ZBRLIsickJ9PtlAixmvr8oHLRahFKJ0tWr3jFpt
YooDmeg3LmUEdRXj6mPy5gGA4Vo3ix6lC9i3SElbK1CD0Jkgqw/wOCnZpEcrRx8l
eoC0OLkx/SmM5DXyPJiqu2uOeS7ncWscszYX2dbQ5HIaXuqES2k9KFI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:10 2025 by rpki-client