Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/DKnNFoIXw_WHZ8cHOu5EhvwSOFM.roa
File: DKnNFoIXw_WHZ8cHOu5EhvwSOFM.roa (raw, json)
Hash identifier: ELRaMIAQ0uIGPDQJUEIsN5rbBIeGfVDMiCJGmhws3ZU=
Subject key identifier: 0C:A9:CD:16:82:17:C3:F5:87:67:C7:07:3A:EE:44:86:FC:12:38:53
Certificate issuer: /CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Certificate serial: 0188365511A0A5F4C55866C11C9034729AED
Authority key identifier: 58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/DKnNFoIXw_WHZ8cHOu5EhvwSOFM.roa
Signing time: Fri 19 May 2023 23:25:24 +0000
ROA not before: Fri 19 May 2023 23:25:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202563
IP address blocks: 185.222.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:36:55:11:a0:a5:f4:c5:58:66:c1:1c:90:34:72:9a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Validity
Not Before: May 19 23:25:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ca9cd168217c3f58767c7073aee4486fc123853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7b:5c:4f:30:74:11:af:f2:63:68:dd:cd:d0:
87:8e:59:c8:db:25:31:9a:c0:bd:0b:d5:ee:c7:71:
85:18:cd:2a:a3:d2:46:d0:b9:ae:31:e7:cc:bc:c7:
0d:6c:c1:cb:b5:ca:de:90:07:08:62:6e:1c:ad:7e:
76:00:f5:fd:a8:8a:fb:47:42:7e:ac:3a:17:c5:72:
45:dd:24:76:88:4e:eb:eb:f3:65:65:5a:e2:b0:8c:
b3:2b:a1:59:e6:97:33:d0:2f:e4:42:e6:90:44:56:
d8:3d:99:02:e1:53:4a:35:ff:48:69:1e:4e:52:95:
2e:98:f6:c2:53:f5:c5:45:e5:3f:13:93:ad:cf:d9:
d5:8e:95:a0:3c:8c:4d:5d:4d:ee:20:fc:78:cf:c5:
05:2b:a7:10:0a:ea:0b:67:c9:d4:f1:4a:66:be:82:
a9:27:85:d3:90:21:60:90:38:b9:50:76:23:8f:4f:
d4:79:bb:f5:bd:11:53:6a:93:34:70:fc:70:9d:43:
38:66:1b:e3:42:d1:99:5a:81:54:83:be:1a:be:96:
b1:3c:02:f1:e1:a7:d0:86:e8:14:0a:b8:60:00:e2:
09:24:1b:25:7c:5d:c6:ef:bb:8c:8e:41:d9:df:ec:
49:8e:df:a7:62:d4:87:4e:f9:0a:7c:b3:6d:73:53:
0d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A9:CD:16:82:17:C3:F5:87:67:C7:07:3A:EE:44:86:FC:12:38:53
X509v3 Authority Key Identifier:
keyid:58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/DKnNFoIXw_WHZ8cHOu5EhvwSOFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.4.0/24
Signature Algorithm: sha256WithRSAEncryption
48:79:89:90:96:5d:c8:02:44:16:14:ec:89:d9:22:78:43:4d:
76:64:54:0a:54:19:80:2a:23:f8:c8:42:7c:84:a1:3f:6e:ea:
2f:ef:de:09:cd:07:53:24:4b:8c:0b:98:48:12:76:4f:96:c4:
b3:1d:c2:7f:e7:03:43:c2:2e:a4:e6:e5:ba:6c:22:e7:34:9a:
80:94:34:a1:09:a8:42:2d:65:e5:8e:38:6b:46:b8:33:33:55:
bb:95:0d:84:1a:cb:66:ee:ab:3c:ba:9c:25:c4:74:af:0b:3d:
db:87:7c:b4:2c:a0:b4:71:f6:ae:6e:b8:ad:6c:c8:d9:99:57:
79:7f:84:b5:66:ee:b9:71:8f:88:38:97:13:96:6e:66:2f:74:
bd:08:04:54:75:58:a7:48:14:53:ca:87:be:f1:6f:a0:a9:ad:
68:c5:50:f2:3a:69:03:6d:d3:8b:6b:79:c9:c9:db:bf:36:93:
fd:08:1c:cb:24:c9:b3:a5:31:ef:1a:a5:3a:b9:22:a0:94:4a:
56:15:0c:a6:5b:2d:6b:6c:00:91:c1:56:fb:41:c2:25:e8:aa:
2e:33:81:09:4b:8b:37:01:b6:ad:8a:f2:8c:96:51:99:02:9d:
4d:2c:69:59:ee:3a:b4:6e:65:27:37:a9:4c:ec:b7:a3:23:69:
49:55:b6:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYg2VRGgpfTFWGbBHJA0cprtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MWVjYzFhNzRjZjkyYWI2MTljNWY3MTAxMjM5MzdjZTUw
ZDljNDMwHhcNMjMwNTE5MjMyNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2E5Y2QxNjgyMTdjM2Y1ODc2N2M3MDczYWVlNDQ4NmZjMTIzODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3tcTzB0Ea/yY2jdzdCHjlnI2yUx
msC9C9Xux3GFGM0qo9JG0LmuMefMvMcNbMHLtcrekAcIYm4crX52APX9qIr7R0J+
rDoXxXJF3SR2iE7r6/NlZVrisIyzK6FZ5pcz0C/kQuaQRFbYPZkC4VNKNf9IaR5O
UpUumPbCU/XFReU/E5Otz9nVjpWgPIxNXU3uIPx4z8UFK6cQCuoLZ8nU8UpmvoKp
J4XTkCFgkDi5UHYjj0/Uebv1vRFTapM0cPxwnUM4ZhvjQtGZWoFUg74avpaxPALx
4afQhugUCrhgAOIJJBslfF3G77uMjkHZ3+xJjt+nYtSHTvkKfLNtc1MNpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAypzRaCF8P1h2fHBzruRIb8EjhTMB8GA1UdIwQY
MBaAFFgezBp0z5KrYZxfcQEjk3zlDZxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYt
ZGE4OGI2YmRiMzE2LzEvREtuTkZvSVh3X1dIWjhjSE91NUVodndTT0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYtZGE4OGI2YmRiMzE2
LzEvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud4EMA0G
CSqGSIb3DQEBCwUAA4IBAQBIeYmQll3IAkQWFOyJ2SJ4Q012ZFQKVBmAKiP4yEJ8
hKE/buov794JzQdTJEuMC5hIEnZPlsSzHcJ/5wNDwi6k5uW6bCLnNJqAlDShCahC
LWXljjhrRrgzM1W7lQ2EGstm7qs8upwlxHSvCz3bh3y0LKC0cfaubritbMjZmVd5
f4S1Zu65cY+IOJcTlm5mL3S9CARUdVinSBRTyoe+8W+gqa1oxVDyOmkDbdOLa3nJ
ydu/NpP9CBzLJMmzpTHvGqU6uSKglEpWFQymWy1rbACRwVb7QcIl6KouM4EJS4s3
AbativKMllGZAp1NLGlZ7jq0bmUnN6lM7LejI2lJVbaQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:52:00 2025 by rpki-client