Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e34cd5-011a-404a-9ad5-93b578d18c8c/1/0d1XWUIQzmkDFwlPA2fnTpibnXo.roa
File: 0d1XWUIQzmkDFwlPA2fnTpibnXo.roa (raw, json)
Hash identifier: dgyHaX86DwS0g/1Uv5FtkXDQUqGcpHlFt9bz/M9z2NI=
Subject key identifier: D1:DD:57:59:42:10:CE:69:03:17:09:4F:03:67:E7:4E:98:9B:9D:7A
Certificate issuer: /CN=e1151d489b36694192acbfcaa5e0bb46fc9e5be0
Certificate serial: 018C677083867D13BA1DEA69D8822414C7E1
Authority key identifier: E1:15:1D:48:9B:36:69:41:92:AC:BF:CA:A5:E0:BB:46:FC:9E:5B:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4RUdSJs2aUGSrL_KpeC7RvyeW-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e34cd5-011a-404a-9ad5-93b578d18c8c/1/0d1XWUIQzmkDFwlPA2fnTpibnXo.roa
Signing time: Thu 14 Dec 2023 08:27:55 +0000
ROA not before: Thu 14 Dec 2023 08:27:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59720
IP address blocks: 185.5.232.0/22 maxlen: 24
185.5.232.0/24 maxlen: 24
185.5.233.0/24 maxlen: 24
185.5.235.0/24 maxlen: 24
185.5.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:70:83:86:7d:13:ba:1d:ea:69:d8:82:24:14:c7:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1151d489b36694192acbfcaa5e0bb46fc9e5be0
Validity
Not Before: Dec 14 08:27:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1dd57594210ce690317094f0367e74e989b9d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:aa:43:45:48:25:28:db:61:88:0f:62:1b:06:
ac:e6:69:92:86:91:28:a1:da:9d:ef:36:95:56:01:
45:44:46:3d:e6:ec:e0:a0:7b:18:02:05:ac:92:55:
6d:20:03:8b:e0:40:e7:e0:63:d9:a1:55:ba:45:75:
22:6a:87:97:37:20:01:6a:05:df:dc:61:9c:8f:02:
32:a4:91:25:64:34:ee:74:e7:61:30:6e:82:9b:24:
5e:cd:3f:83:9b:ec:94:37:25:82:47:75:1d:3c:dd:
0b:7e:e2:bf:09:28:47:1e:7c:72:1e:4a:57:d6:44:
09:0d:b1:05:12:74:3d:de:cc:38:92:67:28:94:ae:
f6:34:f7:ae:4f:53:5e:1e:2a:a5:2a:ac:b5:7a:d3:
69:b1:a1:5c:85:b7:d5:f3:1d:67:df:6c:b1:af:07:
a2:57:76:82:45:41:cb:0a:aa:8f:18:5e:11:9a:91:
d8:4f:f3:d9:5a:15:b8:4e:a6:ed:5c:c9:a2:d1:45:
f5:2b:3f:6b:3d:ad:57:aa:f5:70:9d:32:76:37:c5:
16:1d:ab:d0:b5:8c:37:21:88:f0:74:83:29:80:db:
11:2d:ea:78:24:c3:3e:c7:9a:9a:7e:53:ca:28:25:
d6:8a:30:03:6d:2a:4a:a2:cd:00:ed:43:69:4e:0a:
80:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DD:57:59:42:10:CE:69:03:17:09:4F:03:67:E7:4E:98:9B:9D:7A
X509v3 Authority Key Identifier:
keyid:E1:15:1D:48:9B:36:69:41:92:AC:BF:CA:A5:E0:BB:46:FC:9E:5B:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4RUdSJs2aUGSrL_KpeC7RvyeW-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e34cd5-011a-404a-9ad5-93b578d18c8c/1/0d1XWUIQzmkDFwlPA2fnTpibnXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e34cd5-011a-404a-9ad5-93b578d18c8c/1/4RUdSJs2aUGSrL_KpeC7RvyeW-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.232.0/22
Signature Algorithm: sha256WithRSAEncryption
84:7b:ee:2d:db:d7:d3:56:a4:e0:20:03:ad:13:69:6a:fb:3a:
84:9b:a3:c8:2a:71:7e:0e:45:a6:76:14:c5:03:75:6d:8b:c7:
fc:b1:ca:a9:c9:de:b0:38:bb:a0:03:9d:48:f0:56:f9:7d:67:
58:87:93:41:eb:70:9e:d7:d0:9f:58:35:59:6a:1d:92:b3:70:
30:9a:0e:0a:f8:d2:73:dc:d4:19:ed:6e:8e:74:0f:0d:8e:00:
39:81:1b:e9:d7:63:dd:7a:51:a1:eb:da:c0:76:6e:ac:45:fa:
29:e2:92:39:a8:d2:f9:f7:3c:07:59:d2:9f:2c:89:73:a6:00:
b0:3e:0f:ae:c3:cb:b6:28:d2:84:fd:83:5d:31:89:a9:b3:e8:
42:67:9e:a5:67:10:b9:d3:2e:7b:f5:a1:d1:00:87:04:54:5a:
39:45:9c:0a:af:a0:e6:78:c7:73:d4:67:58:5b:ac:35:d5:98:
48:4f:06:cc:8a:00:90:62:b7:92:40:0e:c4:71:21:3b:51:1c:
2d:e8:b6:ae:39:a6:16:b0:dd:8d:2b:60:a6:d2:8c:6a:ca:7c:
9f:0f:e6:48:59:87:f4:0e:7a:35:5a:88:b6:95:28:34:87:dc:
8f:fd:5d:63:91:58:03:95:e1:34:a3:2b:37:30:d5:b7:72:46:
fc:73:21:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxncIOGfRO6Hepp2IIkFMfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMTUxZDQ4OWIzNjY5NDE5MmFjYmZjYWE1ZTBiYjQ2ZmM5
ZTViZTAwHhcNMjMxMjE0MDgyNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWRkNTc1OTQyMTBjZTY5MDMxNzA5NGYwMzY3ZTc0ZTk4OWI5ZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmapDRUglKNthiA9iGwas5mmShpEo
odqd7zaVVgFFREY95uzgoHsYAgWsklVtIAOL4EDn4GPZoVW6RXUiaoeXNyABagXf
3GGcjwIypJElZDTudOdhMG6CmyRezT+Dm+yUNyWCR3UdPN0LfuK/CShHHnxyHkpX
1kQJDbEFEnQ93sw4kmcolK72NPeuT1NeHiqlKqy1etNpsaFchbfV8x1n32yxrwei
V3aCRUHLCqqPGF4RmpHYT/PZWhW4TqbtXMmi0UX1Kz9rPa1XqvVwnTJ2N8UWHavQ
tYw3IYjwdIMpgNsRLep4JMM+x5qaflPKKCXWijADbSpKos0A7UNpTgqAmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHdV1lCEM5pAxcJTwNn506Ym516MB8GA1UdIwQY
MBaAFOEVHUibNmlBkqy/yqXgu0b8nlvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFJVZFNKczJhVUdTckxfS3BlQzdSdnllVy1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lMzRjZDUtMDExYS00MDRhLTlhZDUt
OTNiNTc4ZDE4YzhjLzEvMGQxWFdVSVF6bWtERndsUEEyZm5UcGliblhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lMzRjZDUtMDExYS00MDRhLTlhZDUtOTNiNTc4ZDE4Yzhj
LzEvNFJVZFNKczJhVUdTckxfS3BlQzdSdnllVy1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQXoMA0G
CSqGSIb3DQEBCwUAA4IBAQCEe+4t29fTVqTgIAOtE2lq+zqEm6PIKnF+DkWmdhTF
A3Vti8f8scqpyd6wOLugA51I8Fb5fWdYh5NB63Ce19CfWDVZah2Ss3Awmg4K+NJz
3NQZ7W6OdA8NjgA5gRvp12PdelGh69rAdm6sRfop4pI5qNL59zwHWdKfLIlzpgCw
Pg+uw8u2KNKE/YNdMYmps+hCZ56lZxC50y579aHRAIcEVFo5RZwKr6DmeMdz1GdY
W6w11ZhITwbMigCQYreSQA7EcSE7URwt6LauOaYWsN2NK2Cm0oxqynyfD+ZIWYf0
Dno1Woi2lSg0h9yP/V1jkVgDleE0oys3MNW3ckb8cyHF
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:13:28 2025 by rpki-client