Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/leQxTpT6SvCnd5lPMU7nyU-a2aE.roa
File: leQxTpT6SvCnd5lPMU7nyU-a2aE.roa (raw, json)
Hash identifier: 3b/wmZfTl2U+AGfcmfzCd6gB92Esu3KrMQDKo3UC6Jk=
Subject key identifier: 95:E4:31:4E:94:FA:4A:F0:A7:77:99:4F:31:4E:E7:C9:4F:9A:D9:A1
Certificate issuer: /CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Certificate serial: 03B46603
Authority key identifier: 43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/leQxTpT6SvCnd5lPMU7nyU-a2aE.roa
Signing time: Sat 01 Jan 2022 03:02:45 +0000
ROA not before: Sat 01 Jan 2022 03:02:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204883
IP address blocks: 185.237.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62154243 (0x3b46603)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Validity
Not Before: Jan 1 03:02:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95e4314e94fa4af0a777994f314ee7c94f9ad9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8f:7c:2e:aa:44:1d:16:84:b6:98:b1:e8:d1:
f9:85:79:e1:b3:c6:c1:26:a5:fb:73:d3:fb:d3:f6:
32:9c:e7:1f:49:c6:a6:2a:85:9c:93:98:ba:78:81:
a3:89:25:2b:21:7a:c1:0b:fc:88:b4:75:a2:10:cd:
96:c9:76:d3:3a:75:08:e0:e4:bd:1a:fe:67:40:4c:
b7:f1:b2:8f:a0:e7:50:aa:e3:20:08:2e:8b:b1:0c:
84:b0:eb:41:ff:d5:e8:f4:2d:e9:59:5a:b6:ce:d1:
96:3b:32:5c:a0:73:a0:75:33:be:ab:e5:15:28:a1:
a9:26:d1:ed:f6:72:87:53:33:ef:fb:e1:17:1d:8f:
99:6b:c4:52:7f:05:35:0e:f2:87:9a:3e:3b:bc:81:
72:dd:51:c2:86:b8:f1:a8:44:6f:5c:58:0a:2f:96:
ea:38:1e:e7:95:b7:7f:a5:f7:70:b7:b7:d9:35:08:
bc:03:c6:79:54:3c:3a:69:b0:98:9a:cc:08:48:5b:
e6:48:38:7d:51:2f:9c:d6:11:3c:6d:66:4b:b9:80:
8f:b1:f5:dd:b2:26:c4:e5:f2:56:97:a9:c0:3e:5b:
0c:51:24:82:97:18:ed:ef:f3:fd:28:a8:07:f1:17:
31:e6:22:e5:bf:87:a9:a7:ac:22:58:0c:24:43:44:
e3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E4:31:4E:94:FA:4A:F0:A7:77:99:4F:31:4E:E7:C9:4F:9A:D9:A1
X509v3 Authority Key Identifier:
keyid:43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/leQxTpT6SvCnd5lPMU7nyU-a2aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.208.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e4:9b:76:20:75:6b:34:f3:f5:f9:de:af:8d:02:c5:86:74:
e1:5d:44:3c:cb:13:14:1e:6f:d2:6f:89:5c:63:b3:7c:81:1f:
bd:0d:df:5b:4c:b8:9d:07:06:c9:38:c6:f1:7f:0b:a8:0a:bd:
15:bb:29:ce:a7:58:e8:13:e2:18:28:a1:0c:5a:71:03:ca:e2:
b6:4d:c2:59:19:30:9e:40:9f:73:ca:0d:7e:95:e9:b2:86:92:
3e:74:b7:fb:cd:e7:6e:ba:8c:a9:10:39:8b:d5:f6:8c:2e:0f:
0a:36:ca:3f:0c:9e:04:2c:18:1d:63:04:4f:f9:0e:46:fb:fe:
6c:ba:ba:c1:33:2d:35:13:36:d6:23:2c:53:5b:ed:c6:37:43:
b4:54:ad:30:d6:c7:aa:6e:a1:02:4a:09:69:b6:eb:4c:d6:19:
04:9f:38:6a:ff:d2:8e:f0:ce:ea:82:44:a5:71:ef:54:28:c6:
5c:9a:fe:e7:08:df:51:05:91:ee:bb:3f:2d:4b:80:d8:b2:4a:
ed:26:e0:7b:b2:07:20:53:38:7c:5e:eb:54:ea:a2:a9:36:7c:
9b:18:a9:1a:c9:ed:21:ef:f7:fb:42:22:c7:94:50:78:5c:19:
27:3c:2c:e8:de:fc:15:94:0f:bb:0f:65:d1:da:55:d9:14:42:
2a:69:33:6d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7RmAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzQ1ZDA3NzNjN2FkZTA4ZDQ0ODE5ZTNiNjExYmQyOTdhMzk4OWQzMB4XDTIyMDEw
MTAzMDI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVlNDMxNGU5NGZh
NGFmMGE3Nzc5OTRmMzE0ZWU3Yzk0ZjlhZDlhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWPfC6qRB0WhLaYsejR+YV54bPGwSal+3PT+9P2MpznH0nG
piqFnJOYuniBo4klKyF6wQv8iLR1ohDNlsl20zp1CODkvRr+Z0BMt/Gyj6DnUKrj
IAgui7EMhLDrQf/V6PQt6Vlats7RljsyXKBzoHUzvqvlFSihqSbR7fZyh1Mz7/vh
Fx2PmWvEUn8FNQ7yh5o+O7yBct1Rwoa48ahEb1xYCi+W6jge55W3f6X3cLe32TUI
vAPGeVQ8OmmwmJrMCEhb5kg4fVEvnNYRPG1mS7mAj7H13bImxOXyVpepwD5bDFEk
gpcY7e/z/SioB/EXMeYi5b+HqaesIlgMJENE45UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSV5DFOlPpK8Kd3mU8xTufJT5rZoTAfBgNVHSMEGDAWgBRDRdB3PHreCNRI
GeO2Eb0pejmJ0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1EwWFFkeng2M2dqVVNCbmp0aEc5S1hvNWlkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvYmI5OTQ3LTE3MmMtNDhiMS1iZThlLTRjOTA1YWRiZjA3Ni8x
L2xlUXhUcFQ2U3ZDbmQ1bFBNVTdueVUtYTJhRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
YmI5OTQ3LTE3MmMtNDhiMS1iZThlLTRjOTA1YWRiZjA3Ni8xL1EwWFFkeng2M2dq
VVNCbmp0aEc5S1hvNWlkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnt0DANBgkqhkiG9w0BAQsFAAOC
AQEAQuSbdiB1azTz9fner40CxYZ04V1EPMsTFB5v0m+JXGOzfIEfvQ3fW0y4nQcG
yTjG8X8LqAq9FbspzqdY6BPiGCihDFpxA8ritk3CWRkwnkCfc8oNfpXpsoaSPnS3
+83nbrqMqRA5i9X2jC4PCjbKPwyeBCwYHWMET/kORvv+bLq6wTMtNRM21iMsU1vt
xjdDtFStMNbHqm6hAkoJabbrTNYZBJ84av/SjvDO6oJEpXHvVCjGXJr+5wjfUQWR
7rs/LUuA2LJK7Sbge7IHIFM4fF7rVOqiqTZ8mxipGsntIe/3+0Iix5RQeFwZJzws
6N78FZQPuw9l0dpV2RRCKmkzbQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:46:07 2025 by rpki-client