Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/dwerHf2Ao2xiovFjts67Z2LqgV8.roa
File: dwerHf2Ao2xiovFjts67Z2LqgV8.roa (raw, json)
Hash identifier: 5N3qdiM0Q4Fh9sVY63JVdI9Gyc6eIawSZkByj8EGXHw=
Subject key identifier: 77:07:AB:1D:FD:80:A3:6C:62:A2:F1:63:B6:CE:BB:67:62:EA:81:5F
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 0184424021EA31D53CF63F777B5ECA1DDDF8
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/dwerHf2Ao2xiovFjts67Z2LqgV8.roa
Signing time: Fri 04 Nov 2022 10:46:49 +0000
ROA not before: Fri 04 Nov 2022 10:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3215
IP address blocks: 185.42.233.0/24 maxlen: 24
185.42.232.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:40:21:ea:31:d5:3c:f6:3f:77:7b:5e:ca:1d:dd:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Nov 4 10:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7707ab1dfd80a36c62a2f163b6cebb6762ea815f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:46:0b:75:09:42:d6:3e:ab:14:b0:27:5b:82:
d7:e1:11:a8:8c:75:fe:3a:2f:d4:8a:52:c4:04:83:
88:60:32:91:c9:83:a8:15:a1:a0:31:0b:44:e7:f1:
a2:80:33:d6:f4:64:41:07:b1:a7:84:23:56:e8:fd:
91:47:e4:48:fd:62:e2:0f:85:91:e1:ce:5c:3e:aa:
f5:78:08:22:0c:df:3b:00:94:eb:48:3b:e7:17:ac:
3d:a8:31:8e:0d:49:e1:78:08:c0:ba:a8:c2:b2:15:
d8:24:a1:06:f1:9d:2d:02:25:f3:54:6c:97:59:4d:
77:ce:55:69:45:f9:5e:98:ad:ca:47:7c:20:24:fe:
95:c5:9b:92:15:20:ea:c1:e5:4e:cd:78:11:81:b8:
82:c7:56:0a:83:a9:56:7b:5f:93:2b:e2:79:2c:1b:
e4:40:50:ce:f2:75:50:26:d4:ed:0a:15:66:9b:97:
ad:d2:b1:07:44:33:39:76:6a:b6:8c:9c:c7:ba:62:
f7:ec:2b:81:c4:ab:00:27:1f:b7:98:05:a5:1a:40:
56:da:c7:d8:34:b4:46:70:24:1f:e6:58:0e:8f:73:
f2:4d:a5:90:de:75:04:81:12:e6:a6:fb:61:2b:1f:
54:92:8c:79:c0:22:9a:95:de:93:c5:ec:9a:61:77:
ed:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:07:AB:1D:FD:80:A3:6C:62:A2:F1:63:B6:CE:BB:67:62:EA:81:5F
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/dwerHf2Ao2xiovFjts67Z2LqgV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.232.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:96:a8:63:ce:da:4a:4d:4e:47:44:a1:ca:5b:b2:c1:13:8a:
a2:50:1a:33:03:ca:7a:1e:72:b0:ae:14:d5:7c:f2:8c:61:c0:
f1:be:04:fb:1c:19:ee:97:43:f8:47:54:74:55:b7:55:97:56:
25:ac:64:ed:0f:f7:df:c3:e6:1f:40:fc:4b:12:26:44:de:70:
7b:7a:a2:78:ca:28:68:9c:5f:04:2e:c5:91:4c:c6:74:7e:72:
11:30:e8:59:01:19:db:7e:dc:7a:48:07:5c:ed:d1:8a:2e:13:
71:82:57:11:0a:0d:ac:0c:ae:90:f7:2a:be:43:8a:c0:0b:04:
90:ef:0c:72:0e:37:23:ad:0b:61:0f:68:58:b7:4a:9f:f8:82:
6c:2e:a2:8d:1a:08:2f:05:01:72:8d:bf:ce:50:2e:3e:24:1a:
59:80:45:ae:0f:c1:c9:9d:19:a3:2e:24:03:16:1e:7c:c7:aa:
3e:ea:49:8c:3d:d0:34:8c:3a:85:c3:c9:25:ac:71:1a:e3:c6:
e0:ec:c2:85:4a:4f:b1:5a:4d:ca:77:6c:57:d7:15:b0:a8:b3:
c6:f1:2c:44:1a:f6:54:1d:43:3b:08:43:65:6d:03:26:db:83:
46:63:c3:38:a1:b8:fe:a9:f2:7c:05:e6:44:49:f2:c8:a8:d9:
61:f0:1a:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRCQCHqMdU89j93e17KHd34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjIxMTA0MTA0NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA3YWIxZGZkODBhMzZjNjJhMmYxNjNiNmNlYmI2NzYyZWE4MTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0YLdQlC1j6rFLAnW4LX4RGojHX+
Oi/UilLEBIOIYDKRyYOoFaGgMQtE5/GigDPW9GRBB7GnhCNW6P2RR+RI/WLiD4WR
4c5cPqr1eAgiDN87AJTrSDvnF6w9qDGODUnheAjAuqjCshXYJKEG8Z0tAiXzVGyX
WU13zlVpRflemK3KR3wgJP6VxZuSFSDqweVOzXgRgbiCx1YKg6lWe1+TK+J5LBvk
QFDO8nVQJtTtChVmm5et0rEHRDM5dmq2jJzHumL37CuBxKsAJx+3mAWlGkBW2sfY
NLRGcCQf5lgOj3PyTaWQ3nUEgRLmpvthKx9Ukox5wCKald6TxeyaYXftkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcHqx39gKNsYqLxY7bOu2di6oFfMB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvZHdlckhmMkFvMnhpb3ZGanRzNjdaMkxxZ1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSroMA0G
CSqGSIb3DQEBCwUAA4IBAQAqlqhjztpKTU5HRKHKW7LBE4qiUBozA8p6HnKwrhTV
fPKMYcDxvgT7HBnul0P4R1R0VbdVl1YlrGTtD/ffw+YfQPxLEiZE3nB7eqJ4yiho
nF8ELsWRTMZ0fnIRMOhZARnbftx6SAdc7dGKLhNxglcRCg2sDK6Q9yq+Q4rACwSQ
7wxyDjcjrQthD2hYt0qf+IJsLqKNGggvBQFyjb/OUC4+JBpZgEWuD8HJnRmjLiQD
Fh58x6o+6kmMPdA0jDqFw8klrHEa48bg7MKFSk+xWk3Kd2xX1xWwqLPG8SxEGvZU
HUM7CENlbQMm24NGY8M4obj+qfJ8BeZESfLIqNlh8Br+
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:45:10 2025 by rpki-client