Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/kE6Z58OK1dbmiAQl_8Ib1HKKRYM.roa
File: kE6Z58OK1dbmiAQl_8Ib1HKKRYM.roa (raw, json)
Hash identifier: KbZB/pkCjHsgHfKYCxvnZdnx/Q/lQkj8K8tVXcaDSb8=
Subject key identifier: 90:4E:99:E7:C3:8A:D5:D6:E6:88:04:25:FF:C2:1B:D4:72:8A:45:83
Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Certificate serial: 018572034585052ACE7818B01914EC55D915
Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/kE6Z58OK1dbmiAQl_8Ib1HKKRYM.roa
Signing time: Mon 02 Jan 2023 10:24:55 +0000
ROA not before: Mon 02 Jan 2023 10:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200064
IP address blocks: 185.111.186.0/24 maxlen: 24
185.111.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:45:85:05:2a:ce:78:18:b0:19:14:ec:55:d9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Validity
Not Before: Jan 2 10:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=904e99e7c38ad5d6e6880425ffc21bd4728a4583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:44:36:ab:30:92:cd:b5:5e:75:f4:11:b9:b0:
c9:4b:44:d6:bb:81:6d:33:42:96:1e:48:6d:ba:69:
e0:c0:d0:52:07:26:1a:52:64:b2:29:f7:b4:8b:a3:
0b:5c:04:51:5c:2b:7d:1a:8d:a0:68:f3:6e:85:c9:
14:7b:38:0d:89:11:d7:85:e2:29:79:98:ca:a0:3e:
e1:c3:e8:cb:83:ec:9b:b5:c2:a7:cc:5b:ac:c2:a6:
24:b7:0e:e5:60:04:17:73:36:9b:e2:83:56:83:b7:
65:bd:a2:cc:9d:1b:54:f4:b1:6e:2e:81:a3:1d:13:
9b:3f:91:e8:f8:c8:ec:38:54:3d:35:2d:f5:50:f0:
87:ee:ea:22:1c:1a:80:39:d4:19:8c:c4:3a:bd:92:
6b:ea:74:30:ac:36:cd:94:80:03:80:72:3f:6e:ef:
4c:28:93:ea:54:b0:12:45:e0:99:f6:2d:f3:ef:9c:
a0:8c:62:0f:f6:38:ba:dd:a4:51:c2:4c:0e:e4:3f:
8d:b4:9e:80:64:b8:30:52:5d:57:50:c0:13:25:11:
2c:a3:b9:b4:c8:c0:8e:83:a6:36:ab:94:3b:23:0f:
d4:b7:62:87:c4:de:af:a1:60:f7:62:9c:3a:fc:ed:
47:67:b5:d0:19:e4:27:03:77:7b:4c:01:98:af:42:
8f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4E:99:E7:C3:8A:D5:D6:E6:88:04:25:FF:C2:1B:D4:72:8A:45:83
X509v3 Authority Key Identifier:
keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/kE6Z58OK1dbmiAQl_8Ib1HKKRYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.186.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:b1:42:68:01:a1:29:96:8a:f5:b9:67:4c:84:05:c1:03:bd:
b0:11:8e:73:23:ff:e9:1f:e6:29:df:3c:bd:56:7b:9e:51:bb:
79:57:32:23:08:2f:2e:fe:19:e8:33:65:90:5b:4c:de:3f:27:
c7:a6:f7:11:8a:96:4f:d8:b0:3b:1e:cf:25:12:e7:b0:98:cc:
73:cf:21:e1:12:c8:f7:f9:d2:c7:d9:3b:72:03:a3:44:21:c3:
67:19:e8:e5:d7:72:83:47:47:6a:ba:28:36:fc:ee:de:89:c2:
7a:5b:f6:3a:1b:aa:a2:fa:9b:17:0c:06:96:0f:c9:8f:59:e1:
a5:de:a5:38:e3:bc:c7:61:e8:4c:0a:c5:c1:59:95:da:e4:0a:
8c:99:fe:a7:4c:e4:7b:a1:d7:2e:a0:20:27:49:13:9e:e4:9d:
f6:53:bd:ed:d3:90:33:23:f1:f8:2a:50:4b:f1:00:9c:0c:df:
8e:ef:5a:4e:31:a3:e3:24:7f:4a:98:c1:3a:3f:e1:ac:af:4a:
7e:1e:b2:5c:c1:a5:70:32:fb:6d:9a:64:29:48:f1:b7:e0:63:
2e:bf:63:a0:64:47:41:9c:8d:81:d3:02:9a:e7:f5:21:77:aa:
c9:0e:a0:b0:bc:0d:6f:ed:e6:63:6b:c9:9a:e5:3f:ee:c9:f6:
27:c7:2b:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA0WFBSrOeBiwGRTsVdkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNTRmZTgzMWI2YTcxOWY0MmU2Yzg0ODZmZDAzYjU1MGJl
NzYxZmIwHhcNMjMwMTAyMTAyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRlOTllN2MzOGFkNWQ2ZTY4ODA0MjVmZmMyMWJkNDcyOGE0NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUQ2qzCSzbVedfQRubDJS0TWu4Ft
M0KWHkhtumngwNBSByYaUmSyKfe0i6MLXARRXCt9Go2gaPNuhckUezgNiRHXheIp
eZjKoD7hw+jLg+ybtcKnzFuswqYktw7lYAQXczab4oNWg7dlvaLMnRtU9LFuLoGj
HRObP5Ho+MjsOFQ9NS31UPCH7uoiHBqAOdQZjMQ6vZJr6nQwrDbNlIADgHI/bu9M
KJPqVLASReCZ9i3z75ygjGIP9ji63aRRwkwO5D+NtJ6AZLgwUl1XUMATJREso7m0
yMCOg6Y2q5Q7Iw/Ut2KHxN6voWD3Ypw6/O1HZ7XQGeQnA3d7TAGYr0KPlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBOmefDitXW5ogEJf/CG9RyikWDMB8GA1UdIwQY
MBaAFKtU/oMbanGfQubISG/QO1UL52H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYt
NmZkOTc4OTIwNWJhLzEva0U2WjU4T0sxZGJtaUFRbF84SWIxSEtLUllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYtNmZkOTc4OTIwNWJh
LzEvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuW+6MA0G
CSqGSIb3DQEBCwUAA4IBAQB9sUJoAaEplor1uWdMhAXBA72wEY5zI//pH+Yp3zy9
VnueUbt5VzIjCC8u/hnoM2WQW0zePyfHpvcRipZP2LA7Hs8lEuewmMxzzyHhEsj3
+dLH2TtyA6NEIcNnGejl13KDR0dquig2/O7eicJ6W/Y6G6qi+psXDAaWD8mPWeGl
3qU447zHYehMCsXBWZXa5AqMmf6nTOR7odcuoCAnSROe5J32U73t05AzI/H4KlBL
8QCcDN+O71pOMaPjJH9KmME6P+Gsr0p+HrJcwaVwMvttmmQpSPG34GMuv2OgZEdB
nI2B0wKa5/Uhd6rJDqCwvA1v7eZja8ma5T/uyfYnxyvn
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:15 2025 by rpki-client