Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/us2khCu2mA5jLZg9L4pLxbJuhGA.roa
File: us2khCu2mA5jLZg9L4pLxbJuhGA.roa (raw, json)
Hash identifier: 9dl+o549lybbBN3Cv3sQMROkVpLTzoF4YliF3d+9gyU=
Subject key identifier: BA:CD:A4:84:2B:B6:98:0E:63:2D:98:3D:2F:8A:4B:C5:B2:6E:84:60
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C83060A938B0F8DE4570D46C4522352FE
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/us2khCu2mA5jLZg9L4pLxbJuhGA.roa
Signing time: Tue 19 Dec 2023 17:01:00 +0000
ROA not before: Tue 19 Dec 2023 17:01:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215906
IP address blocks: 185.100.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:06:0a:93:8b:0f:8d:e4:57:0d:46:c4:52:23:52:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 19 17:01:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bacda4842bb6980e632d983d2f8a4bc5b26e8460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1a:dd:c8:ea:32:b6:48:df:0e:3d:46:c8:68:
5e:a7:91:0f:aa:58:a9:96:5d:95:4a:fb:5e:19:24:
15:d7:ba:06:9b:66:1f:85:05:a5:79:a1:af:34:dc:
a9:e0:ac:a0:53:90:0d:14:c2:a7:4e:99:7c:c8:ab:
d8:a5:1a:53:2e:17:1e:64:0d:1e:ed:49:22:1e:5b:
61:c3:20:24:30:4a:8a:02:20:29:e3:2e:c2:c5:6c:
f5:2a:a4:8e:ed:b5:51:ea:d8:14:fd:b6:b6:7f:ef:
f2:6c:23:1d:7f:70:4e:ca:cb:1f:eb:fc:f7:00:40:
84:31:b5:be:70:fb:e5:47:cf:fb:7b:be:34:c9:b1:
08:ae:c2:95:27:cb:94:86:30:3c:1e:2f:77:d9:b5:
d2:ac:60:f1:98:d0:48:43:ae:60:eb:39:59:a8:39:
bf:91:30:05:1d:ff:0a:65:35:14:d9:d0:e4:d5:0c:
b9:49:4b:a7:b4:1e:4a:3e:e9:74:8e:e7:e6:31:e9:
57:a5:c7:f8:38:38:4c:ee:dc:fb:50:87:cc:77:e0:
40:8a:ea:dd:6b:f0:ed:b0:c3:1f:4a:04:de:4b:68:
bd:f6:14:ed:48:03:e4:ef:7b:8b:0f:aa:68:ee:7e:
5e:6a:76:32:29:0c:cd:8b:e9:e2:1c:d9:a7:2c:e4:
c5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CD:A4:84:2B:B6:98:0E:63:2D:98:3D:2F:8A:4B:C5:B2:6E:84:60
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/us2khCu2mA5jLZg9L4pLxbJuhGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.168.0/24
Signature Algorithm: sha256WithRSAEncryption
22:cb:29:26:06:4d:2d:89:62:d5:b8:ec:ca:b4:50:c4:e6:6d:
3c:a5:f9:ff:fa:b4:a0:c1:da:27:54:d1:7e:60:13:bc:e4:17:
a2:05:7a:64:1e:df:7e:aa:9f:a3:54:d4:65:34:05:94:c1:d6:
52:94:12:b2:8b:e4:f3:66:c6:b4:85:da:8e:fa:ed:a9:ff:44:
e5:09:91:da:1a:e5:4a:9e:c5:04:e6:8d:df:cc:b9:6c:83:60:
b9:d7:ca:d5:c5:2c:b4:26:23:b2:7b:4a:47:b6:b9:c5:c1:7c:
69:2d:60:3e:96:14:a1:1a:90:d4:ee:b5:37:d0:3c:72:c5:a9:
39:5d:ad:24:20:69:01:16:e4:ae:e4:40:1b:cf:98:36:74:28:
ab:59:d6:18:f4:be:18:1d:81:bd:9f:8b:87:c3:f8:de:2b:3f:
0e:0b:df:6d:57:a6:96:64:32:cd:bd:6e:99:31:a5:5e:77:99:
ac:ed:3b:33:40:04:7f:8d:ae:2b:70:64:38:78:7e:d2:a6:9b:
b6:34:5e:f3:f6:72:82:da:d4:39:7d:ef:fb:cf:1b:4c:14:85:
eb:43:50:ed:ff:60:1c:07:0c:c0:8c:37:4b:41:cf:13:de:85:
25:0c:cd:74:ff:55:b6:19:da:05:e1:0c:a8:60:cb:fd:61:ac:
e9:0b:9a:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyDBgqTiw+N5FcNRsRSI1L+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjE5MTcwMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNkYTQ4NDJiYjY5ODBlNjMyZDk4M2QyZjhhNGJjNWIyNmU4NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBrdyOoytkjfDj1GyGhep5EPqlip
ll2VSvteGSQV17oGm2YfhQWleaGvNNyp4KygU5ANFMKnTpl8yKvYpRpTLhceZA0e
7UkiHlthwyAkMEqKAiAp4y7CxWz1KqSO7bVR6tgU/ba2f+/ybCMdf3BOyssf6/z3
AECEMbW+cPvlR8/7e740ybEIrsKVJ8uUhjA8Hi932bXSrGDxmNBIQ65g6zlZqDm/
kTAFHf8KZTUU2dDk1Qy5SUuntB5KPul0jufmMelXpcf4ODhM7tz7UIfMd+BAiurd
a/DtsMMfSgTeS2i99hTtSAPk73uLD6po7n5eanYyKQzNi+niHNmnLOTF/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrNpIQrtpgOYy2YPS+KS8WyboRgMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvdXMya2hDdTJtQTVqTFpnOUw0cEx4Ykp1aEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWSoMA0G
CSqGSIb3DQEBCwUAA4IBAQAiyykmBk0tiWLVuOzKtFDE5m08pfn/+rSgwdonVNF+
YBO85BeiBXpkHt9+qp+jVNRlNAWUwdZSlBKyi+TzZsa0hdqO+u2p/0TlCZHaGuVK
nsUE5o3fzLlsg2C518rVxSy0JiOye0pHtrnFwXxpLWA+lhShGpDU7rU30Dxyxak5
Xa0kIGkBFuSu5EAbz5g2dCirWdYY9L4YHYG9n4uHw/jeKz8OC99tV6aWZDLNvW6Z
MaVed5ms7TszQAR/ja4rcGQ4eH7Sppu2NF7z9nKC2tQ5fe/7zxtMFIXrQ1Dt/2Ac
BwzAjDdLQc8T3oUlDM10/1W2GdoF4QyoYMv9YazpC5r+
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:26 2025 by rpki-client