Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/DyFbBdPjRz7X9ocZJ5c_-sH0klI.roa
File: DyFbBdPjRz7X9ocZJ5c_-sH0klI.roa (raw, json)
Hash identifier: DzyiDHJSxTo22fZuorym9dbKCe74wn1xqHgQkHkBmA8=
Subject key identifier: 0F:21:5B:05:D3:E3:47:3E:D7:F6:87:19:27:97:3F:FA:C1:F4:92:52
Certificate issuer: /CN=9c1cd1b3c8772956fa85535a8464b4ca19663ade
Certificate serial: 018C53C9762F056CD0D59C07CD12037D94BD
Authority key identifier: 9C:1C:D1:B3:C8:77:29:56:FA:85:53:5A:84:64:B4:CA:19:66:3A:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBzRs8h3KVb6hVNahGS0yhlmOt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/DyFbBdPjRz7X9ocZJ5c_-sH0klI.roa
Signing time: Sun 10 Dec 2023 12:52:41 +0000
ROA not before: Sun 10 Dec 2023 12:52:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203374
IP address blocks: 185.136.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:53:c9:76:2f:05:6c:d0:d5:9c:07:cd:12:03:7d:94:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1cd1b3c8772956fa85535a8464b4ca19663ade
Validity
Not Before: Dec 10 12:52:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f215b05d3e3473ed7f6871927973ffac1f49252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:15:14:19:8a:4a:19:4e:5c:15:44:8f:17:ba:
5d:97:c8:a4:49:21:0d:15:ff:16:47:2f:4f:d8:2c:
6e:6d:54:dc:aa:ee:ec:7d:60:26:60:44:fa:c8:8a:
1d:61:89:5a:a3:b1:47:e6:5e:a3:47:93:a8:71:8d:
bc:e5:58:6f:3b:c1:d5:9c:db:2c:21:9e:f9:bd:85:
a0:30:44:8f:92:e7:ec:83:34:c6:fa:6d:4d:62:5b:
e8:43:2d:04:a5:38:62:4d:35:04:c1:3f:97:94:df:
e5:91:52:46:a8:4f:1f:0c:66:bd:ec:a0:a6:a8:1e:
eb:a6:79:e0:cd:85:06:02:12:92:f5:8d:1b:5f:68:
ba:ae:e6:fd:db:ac:d9:08:e5:df:a8:ca:c8:f5:76:
17:06:d5:52:80:db:6d:4d:73:20:91:6d:df:f2:85:
bf:fe:ed:19:ad:84:64:77:d4:06:7c:32:3a:12:06:
8f:e8:08:72:60:43:29:e7:be:d1:b9:2e:da:98:7e:
45:55:fa:03:fa:4e:c2:51:a1:2e:73:98:c0:1d:18:
42:aa:f0:93:47:b9:f9:52:11:5e:22:0e:a9:ce:6e:
9f:29:42:cc:f8:45:90:6b:18:83:ae:cb:99:5e:38:
c0:7e:ec:1a:80:c6:91:00:79:a7:c6:9e:e4:29:c0:
43:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:21:5B:05:D3:E3:47:3E:D7:F6:87:19:27:97:3F:FA:C1:F4:92:52
X509v3 Authority Key Identifier:
keyid:9C:1C:D1:B3:C8:77:29:56:FA:85:53:5A:84:64:B4:CA:19:66:3A:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBzRs8h3KVb6hVNahGS0yhlmOt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/DyFbBdPjRz7X9ocZJ5c_-sH0klI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/nBzRs8h3KVb6hVNahGS0yhlmOt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.243.0/24
Signature Algorithm: sha256WithRSAEncryption
73:12:86:9c:10:99:8e:42:61:7b:84:67:c7:cf:6b:ec:c2:40:
0d:11:4b:e5:f7:7e:78:bf:94:38:f2:2e:38:de:bb:05:ac:d6:
ac:50:2e:44:71:db:e4:32:b1:b1:0f:84:88:15:ff:57:76:68:
f4:da:5e:4d:ba:b1:a6:3d:67:6e:20:0e:55:80:3c:a0:4d:32:
23:f5:90:eb:b8:97:2e:8a:68:17:46:53:71:bf:45:c5:68:4c:
75:6f:7a:ad:92:c4:3b:7a:56:c4:00:92:c5:da:9b:74:4d:0a:
cd:20:2b:de:6e:67:63:db:62:7e:8e:fe:75:15:a6:e6:19:3f:
ab:99:0e:a7:4b:b3:b6:f7:c9:95:9a:96:c2:94:b0:8d:9f:28:
ef:b1:fa:61:2d:20:db:29:95:85:38:36:bc:00:a7:f1:94:36:
70:58:8e:66:a3:e4:87:dc:2d:6a:8b:c7:1a:17:8b:91:d3:92:
08:86:5f:03:5e:a4:69:f5:6a:5f:e4:5f:0d:e2:64:2f:14:ab:
6f:32:1a:4c:77:82:0e:d2:cb:5c:18:0d:ef:ec:78:5c:d1:ff:
bc:a6:ba:22:b3:36:0a:77:ff:e2:70:50:04:61:20:af:ea:fe:
0b:bf:e7:4d:40:62:9f:22:16:35:7b:eb:e4:c0:1d:be:25:9f:
41:fd:30:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxTyXYvBWzQ1ZwHzRIDfZS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWNkMWIzYzg3NzI5NTZmYTg1NTM1YTg0NjRiNGNhMTk2
NjNhZGUwHhcNMjMxMjEwMTI1MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIxNWIwNWQzZTM0NzNlZDdmNjg3MTkyNzk3M2ZmYWMxZjQ5MjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhUUGYpKGU5cFUSPF7pdl8ikSSEN
Ff8WRy9P2CxubVTcqu7sfWAmYET6yIodYYlao7FH5l6jR5OocY285VhvO8HVnNss
IZ75vYWgMESPkufsgzTG+m1NYlvoQy0EpThiTTUEwT+XlN/lkVJGqE8fDGa97KCm
qB7rpnngzYUGAhKS9Y0bX2i6rub926zZCOXfqMrI9XYXBtVSgNttTXMgkW3f8oW/
/u0ZrYRkd9QGfDI6EgaP6AhyYEMp577RuS7amH5FVfoD+k7CUaEuc5jAHRhCqvCT
R7n5UhFeIg6pzm6fKULM+EWQaxiDrsuZXjjAfuwagMaRAHmnxp7kKcBDvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8hWwXT40c+1/aHGSeXP/rB9JJSMB8GA1UdIwQY
MBaAFJwc0bPIdylW+oVTWoRktMoZZjreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJ6UnM4aDNLVmI2aFZOYWhHUzB5aGxtT3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8wNmVhYjAtNmM2ZS00Yzk1LWJiZGMt
OTE2MDQ3MDYyYTIyLzEvRHlGYkJkUGpSejdYOW9jWko1Y18tc0gwa2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8wNmVhYjAtNmM2ZS00Yzk1LWJiZGMtOTE2MDQ3MDYyYTIy
LzEvbkJ6UnM4aDNLVmI2aFZOYWhHUzB5aGxtT3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYjzMA0G
CSqGSIb3DQEBCwUAA4IBAQBzEoacEJmOQmF7hGfHz2vswkANEUvl9354v5Q48i44
3rsFrNasUC5EcdvkMrGxD4SIFf9Xdmj02l5NurGmPWduIA5VgDygTTIj9ZDruJcu
imgXRlNxv0XFaEx1b3qtksQ7elbEAJLF2pt0TQrNICvebmdj22J+jv51FabmGT+r
mQ6nS7O298mVmpbClLCNnyjvsfphLSDbKZWFODa8AKfxlDZwWI5mo+SH3C1qi8ca
F4uR05IIhl8DXqRp9Wpf5F8N4mQvFKtvMhpMd4IO0stcGA3v7Hhc0f+8proiszYK
d//icFAEYSCv6v4Lv+dNQGKfIhY1e+vkwB2+JZ9B/TAA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:52 2025 by rpki-client