Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/ChQESN1bUB5ApINqzN7AX2ZKfZM.roa
File: ChQESN1bUB5ApINqzN7AX2ZKfZM.roa (raw, json)
Hash identifier: 37uNxoDb72kJrpZjb2QifeMmXRG0cJ3eTy+Ev0mqZF4=
Subject key identifier: 0A:14:04:48:DD:5B:50:1E:40:A4:83:6A:CC:DE:C0:5F:66:4A:7D:93
Certificate issuer: /CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Certificate serial: 0185701EDBCA9F1502265BF2BE69A041D8A1
Authority key identifier: DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/ChQESN1bUB5ApINqzN7AX2ZKfZM.roa
Signing time: Mon 02 Jan 2023 01:35:48 +0000
ROA not before: Mon 02 Jan 2023 01:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204057
IP address blocks: 185.255.96.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:db:ca:9f:15:02:26:5b:f2:be:69:a0:41:d8:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Validity
Not Before: Jan 2 01:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a140448dd5b501e40a4836accdec05f664a7d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f8:62:bf:39:b6:90:c0:65:50:36:62:ac:60:
4f:87:43:c2:27:e9:22:ae:8f:eb:0c:99:12:d7:72:
8c:d0:02:75:a2:c5:7c:b0:a1:7a:94:fa:f7:aa:fe:
6c:d0:be:22:4d:f9:bf:3d:63:f6:13:6b:0f:17:dc:
38:88:32:b0:a6:90:81:23:5e:01:44:35:b8:12:99:
33:5f:d3:8b:cb:d3:59:c2:7f:b2:28:72:de:70:a0:
3f:5b:3d:10:cd:44:a6:21:27:7e:02:10:82:85:17:
27:d3:15:02:cf:55:5b:5d:ee:57:53:92:60:0a:d6:
e6:ac:fa:f8:5c:22:e2:1f:28:20:e5:8b:7e:23:27:
c2:ae:da:1c:5e:21:89:2c:64:06:76:7c:42:25:fa:
41:a3:97:97:d6:98:4d:52:3f:42:e5:13:7b:d0:30:
fd:bb:ff:e3:48:34:a5:1d:02:ab:35:16:7e:d3:cb:
d3:00:6d:3a:02:49:27:39:ca:7c:ad:fc:28:b4:41:
41:bf:39:bb:9c:7a:d2:da:a7:03:35:f7:89:12:20:
8b:60:db:d1:b9:36:77:e1:f3:25:a0:9c:eb:fd:82:
59:f7:ce:fc:ba:02:66:eb:b9:51:df:28:0a:a6:0c:
70:46:8a:8d:bd:bf:ed:9a:43:77:ea:19:a8:7c:3d:
c6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:14:04:48:DD:5B:50:1E:40:A4:83:6A:CC:DE:C0:5F:66:4A:7D:93
X509v3 Authority Key Identifier:
keyid:DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/ChQESN1bUB5ApINqzN7AX2ZKfZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.96.0/23
Signature Algorithm: sha256WithRSAEncryption
04:69:7b:e5:60:cb:0e:dc:e4:8f:ec:66:41:c7:cc:a1:e4:62:
f8:48:52:e4:40:53:26:8e:51:64:27:19:91:a4:0e:3d:97:d7:
ad:40:83:8d:d1:e4:72:1f:57:44:6b:95:58:a0:4f:4a:df:ef:
50:f8:05:3d:17:19:3b:91:a4:5a:a7:24:74:ac:19:63:51:c4:
fb:1e:0b:3d:63:d9:4e:2d:ac:40:d9:4d:2f:32:0e:3a:dd:7e:
46:72:72:63:e3:29:8d:47:26:63:b7:ae:69:e1:d8:87:25:0d:
b3:0d:39:2e:4f:0c:b0:1c:b9:ed:52:90:75:28:2a:71:39:e7:
45:df:a1:13:19:68:de:59:e4:04:b2:29:f0:83:0f:d4:4a:64:
21:7a:32:ca:e6:9c:25:97:be:8c:82:57:7a:f2:3b:7e:dc:3e:
ea:8a:b9:26:d8:a0:8f:81:fa:8d:31:d8:91:41:8e:5c:fa:85:
fc:ea:fe:c1:5d:5f:91:af:61:77:3f:ba:69:68:13:f5:af:44:
08:69:90:bc:e4:db:a1:30:a4:95:5d:92:57:49:a5:7d:a1:57:
04:01:4a:07:32:c5:1b:db:db:c6:1a:e2:0a:5a:f7:eb:b8:c4:
59:ae:13:12:d0:da:4a:f3:2d:dd:d6:04:60:78:5e:5e:5a:23:
82:cd:be:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHtvKnxUCJlvyvmmgQdihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjFmNmUwMDE1M2E0OTE4NjExYjE0YjZiMDNmNjgxMmVk
ODhhNDMwHhcNMjMwMTAyMDEzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE0MDQ0OGRkNWI1MDFlNDBhNDgzNmFjY2RlYzA1ZjY2NGE3ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/hivzm2kMBlUDZirGBPh0PCJ+ki
ro/rDJkS13KM0AJ1osV8sKF6lPr3qv5s0L4iTfm/PWP2E2sPF9w4iDKwppCBI14B
RDW4EpkzX9OLy9NZwn+yKHLecKA/Wz0QzUSmISd+AhCChRcn0xUCz1VbXe5XU5Jg
CtbmrPr4XCLiHygg5Yt+IyfCrtocXiGJLGQGdnxCJfpBo5eX1phNUj9C5RN70DD9
u//jSDSlHQKrNRZ+08vTAG06AkknOcp8rfwotEFBvzm7nHrS2qcDNfeJEiCLYNvR
uTZ34fMloJzr/YJZ9878ugJm67lR3ygKpgxwRoqNvb/tmkN36hmofD3GzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoUBEjdW1AeQKSDaszewF9mSn2TMB8GA1UdIwQY
MBaAFN+x9uABU6SRhhGxS2sD9oEu2IpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEt
ODEwNjI3ZmIyNjcxLzEvQ2hRRVNOMWJVQjVBcElOcXpON0FYMlpLZlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEtODEwNjI3ZmIyNjcx
LzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuf9gMA0G
CSqGSIb3DQEBCwUAA4IBAQAEaXvlYMsO3OSP7GZBx8yh5GL4SFLkQFMmjlFkJxmR
pA49l9etQION0eRyH1dEa5VYoE9K3+9Q+AU9Fxk7kaRapyR0rBljUcT7Hgs9Y9lO
LaxA2U0vMg463X5GcnJj4ymNRyZjt65p4diHJQ2zDTkuTwywHLntUpB1KCpxOedF
36ETGWjeWeQEsinwgw/USmQhejLK5pwll76Mgld68jt+3D7qirkm2KCPgfqNMdiR
QY5c+oX86v7BXV+Rr2F3P7ppaBP1r0QIaZC85NuhMKSVXZJXSaV9oVcEAUoHMsUb
29vGGuIKWvfruMRZrhMS0NpK8y3d1gRgeF5eWiOCzb7q
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:58:35 2025 by rpki-client