Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/G31f9qmwHAI5aPZ9TuzqbVOq62Q.roa
File: G31f9qmwHAI5aPZ9TuzqbVOq62Q.roa (raw, json)
Hash identifier: S745BPUTZ8k4npAeRCjCj6TNADQ0fiogae9gBj00ttE=
Subject key identifier: 1B:7D:5F:F6:A9:B0:1C:02:39:68:F6:7D:4E:EC:EA:6D:53:AA:EB:64
Certificate issuer: /CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Certificate serial: 01856DAF62C3FA79BC74A956C667B51613B5
Authority key identifier: 43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/G31f9qmwHAI5aPZ9TuzqbVOq62Q.roa
Signing time: Sun 01 Jan 2023 14:14:48 +0000
ROA not before: Sun 01 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204883
IP address blocks: 185.237.208.0/24 maxlen: 24
185.237.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:62:c3:fa:79:bc:74:a9:56:c6:67:b5:16:13:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Validity
Not Before: Jan 1 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b7d5ff6a9b01c023968f67d4eecea6d53aaeb64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:95:95:0a:fd:35:4d:a8:61:60:53:65:35:57:
99:eb:a7:28:1f:6c:24:11:a0:74:0f:94:1a:fe:4b:
af:c6:5f:57:9b:8c:3b:25:ef:68:43:0a:04:67:10:
28:e3:bc:cc:f4:59:60:6c:ec:28:e8:ae:73:79:f7:
ec:f3:46:60:8f:f1:8c:61:27:8d:e8:e7:93:ac:99:
65:86:d4:21:83:0d:e9:c4:61:58:07:f1:c3:1a:97:
99:45:cf:27:e8:1a:f2:55:49:e7:37:31:c2:5f:7d:
de:03:0f:45:3a:bc:36:1b:f6:81:16:4b:18:c7:bc:
a1:84:36:24:07:ae:1a:ca:8f:c8:81:cf:d4:a7:b7:
9f:ef:02:44:c3:7e:c4:bd:6a:e9:88:ef:8d:90:b5:
91:7c:ce:6c:ec:c9:fe:98:ce:1a:40:83:6f:c1:69:
cb:af:c4:20:80:08:ac:6e:69:33:ea:9f:b1:92:50:
97:06:e8:f6:03:4a:35:1b:ca:9c:ad:79:0c:50:52:
03:e1:99:7b:d0:e9:8a:6f:9a:55:f1:16:10:1a:0d:
00:92:c8:4d:51:5a:9c:00:42:d3:1b:ce:e4:6b:ec:
32:6f:2e:81:f4:98:5a:4e:6c:5d:dd:d2:b2:e5:4f:
94:b9:1b:e5:14:e4:07:13:be:f9:42:31:ec:94:f1:
d4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7D:5F:F6:A9:B0:1C:02:39:68:F6:7D:4E:EC:EA:6D:53:AA:EB:64
X509v3 Authority Key Identifier:
keyid:43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/G31f9qmwHAI5aPZ9TuzqbVOq62Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.208.0/23
Signature Algorithm: sha256WithRSAEncryption
10:94:31:68:ed:5b:ae:c3:cb:33:fe:9b:ba:42:e9:cb:4c:be:
7c:2b:e2:d1:04:c2:f0:ca:46:02:a3:e0:cf:ba:f5:92:5f:0c:
60:35:78:ff:05:00:f1:f9:ed:06:f0:64:36:cb:9b:a0:b5:9e:
8b:26:ef:d2:54:5a:c1:84:f6:d0:8c:c7:c2:3a:6e:ec:eb:39:
fe:2e:02:b5:91:88:e1:84:cb:85:0b:7a:25:a8:d3:d6:b4:d0:
03:1f:68:b4:04:01:77:c1:eb:49:d7:8b:68:84:db:0b:bd:59:
64:6e:02:cb:72:85:7e:f1:f1:71:90:1e:72:98:0d:6d:db:f5:
07:fe:aa:89:fa:ea:27:37:0b:1e:ff:be:b6:77:d3:f5:be:69:
ed:70:5c:93:9a:f2:86:2d:86:b6:93:9f:df:7a:c5:34:4a:1e:
d1:5a:78:29:92:15:65:95:5e:90:3d:71:bc:0e:d1:66:68:43:
fa:70:b2:f3:2e:3f:2c:da:27:2d:fe:95:25:ea:cd:3d:c8:16:
87:d7:5c:3b:c2:36:23:aa:ec:94:c5:33:ff:f1:84:a8:76:39:
cb:14:3e:dd:50:e3:d5:dd:5c:39:ad:d4:37:d1:34:d7:b9:37:
aa:f9:61:e4:f7:3f:89:c5:e2:a7:bd:b8:aa:9f:19:00:4e:76:
54:31:a9:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr2LD+nm8dKlWxme1FhO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDVkMDc3M2M3YWRlMDhkNDQ4MTllM2I2MTFiZDI5N2Ez
OTg5ZDMwHhcNMjMwMTAxMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdkNWZmNmE5YjAxYzAyMzk2OGY2N2Q0ZWVjZWE2ZDUzYWFlYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5WVCv01TahhYFNlNVeZ66coH2wk
EaB0D5Qa/kuvxl9Xm4w7Je9oQwoEZxAo47zM9FlgbOwo6K5zeffs80Zgj/GMYSeN
6OeTrJllhtQhgw3pxGFYB/HDGpeZRc8n6BryVUnnNzHCX33eAw9FOrw2G/aBFksY
x7yhhDYkB64ayo/Igc/Up7ef7wJEw37EvWrpiO+NkLWRfM5s7Mn+mM4aQINvwWnL
r8QggAisbmkz6p+xklCXBuj2A0o1G8qcrXkMUFID4Zl70OmKb5pV8RYQGg0AkshN
UVqcAELTG87ka+wyby6B9JhaTmxd3dKy5U+UuRvlFOQHE775QjHslPHUeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBt9X/apsBwCOWj2fU7s6m1TqutkMB8GA1UdIwQY
MBaAFENF0Hc8et4I1EgZ47YRvSl6OYnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUt
NGM5MDVhZGJmMDc2LzEvRzMxZjlxbXdIQUk1YVBaOVR1enFiVk9xNjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iYjk5NDctMTcyYy00OGIxLWJlOGUtNGM5MDVhZGJmMDc2
LzEvUTBYUWR6eDYzZ2pVU0JuanRoRzlLWG81aWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBue3QMA0G
CSqGSIb3DQEBCwUAA4IBAQAQlDFo7Vuuw8sz/pu6QunLTL58K+LRBMLwykYCo+DP
uvWSXwxgNXj/BQDx+e0G8GQ2y5ugtZ6LJu/SVFrBhPbQjMfCOm7s6zn+LgK1kYjh
hMuFC3olqNPWtNADH2i0BAF3wetJ14tohNsLvVlkbgLLcoV+8fFxkB5ymA1t2/UH
/qqJ+uonNwse/762d9P1vmntcFyTmvKGLYa2k5/fesU0Sh7RWngpkhVllV6QPXG8
DtFmaEP6cLLzLj8s2ict/pUl6s09yBaH11w7wjYjquyUxTP/8YSodjnLFD7dUOPV
3Vw5rdQ30TTXuTeq+WHk9z+JxeKnvbiqnxkATnZUMamG
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:56:18 2025 by rpki-client