Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/5CfuATwdeYawgQdbR6bA2rIaE8Y.roa
File: 5CfuATwdeYawgQdbR6bA2rIaE8Y.roa (raw, json)
Hash identifier: yhYYw3R7+F0b7WlvGoVCVJASkFnYGxU0uu2ll6J4s5k=
Subject key identifier: E4:27:EE:01:3C:1D:79:86:B0:81:07:5B:47:A6:C0:DA:B2:1A:13:C6
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 018944BB96B1F0F2C371FD724BEE41E2BA79
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/5CfuATwdeYawgQdbR6bA2rIaE8Y.roa
Signing time: Tue 11 Jul 2023 11:34:51 +0000
ROA not before: Tue 11 Jul 2023 11:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8870
IP address blocks: 185.237.74.0/24 maxlen: 24
185.237.75.0/24 maxlen: 24
185.237.73.0/24 maxlen: 24
185.237.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:bb:96:b1:f0:f2:c3:71:fd:72:4b:ee:41:e2:ba:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jul 11 11:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e427ee013c1d7986b081075b47a6c0dab21a13c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9b:f2:17:21:a0:24:de:81:87:fa:28:18:9e:
af:e9:e9:38:e4:6d:e5:53:f9:64:25:2f:77:e9:89:
66:9b:5f:03:a4:f8:dc:27:7b:c0:b9:65:02:4b:78:
dc:32:d1:03:79:34:8f:c7:75:47:dd:7a:06:54:5a:
d3:89:6d:02:9c:fc:58:15:b7:e1:58:21:3d:ce:09:
1c:2a:ae:26:41:36:35:f1:03:4a:2b:af:98:eb:fe:
ff:ab:8e:c7:32:fe:8e:60:c4:0b:d1:ed:2d:3e:7e:
53:f2:23:c5:10:f0:aa:aa:f6:0a:3f:c5:1e:8e:b1:
54:a0:2d:b6:c0:41:4f:45:c1:82:19:49:42:8d:49:
cd:79:5c:a0:b4:2a:59:ab:2a:bd:fd:6a:b2:ba:a1:
45:99:2b:ab:10:5b:2e:91:0f:73:6a:d7:fd:1e:8e:
6f:63:56:9b:f0:eb:7d:9e:ee:90:02:0f:01:20:ed:
12:dd:69:03:6c:31:df:17:0e:d5:f3:3e:ec:ab:a3:
b4:4d:e1:21:3b:73:ea:ac:76:96:77:38:7d:5d:f1:
2c:c7:cb:6f:00:01:e8:8e:52:b7:f3:0a:32:3f:8e:
25:72:0a:02:d2:a1:ac:6b:2e:d8:04:cf:08:a8:a0:
b8:d4:01:e7:bb:d1:0d:40:40:96:ee:79:1d:8e:75:
11:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:27:EE:01:3C:1D:79:86:B0:81:07:5B:47:A6:C0:DA:B2:1A:13:C6
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/5CfuATwdeYawgQdbR6bA2rIaE8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.72.0/22
Signature Algorithm: sha256WithRSAEncryption
67:53:dd:d1:1b:0d:b5:48:43:86:7d:fe:95:10:87:eb:53:e0:
dd:23:fd:6f:19:82:74:8d:c6:87:d3:19:a2:bf:ab:49:86:56:
f4:73:4f:6f:ee:16:fd:2c:51:49:af:f4:4c:07:0c:53:45:b0:
b9:07:bf:b8:7d:f3:2e:83:71:b1:3b:ae:e6:00:60:b8:9b:0b:
c8:d7:b3:d1:09:37:55:b6:f5:8d:66:1c:46:87:a9:7c:72:18:
c9:44:a8:e0:0d:68:f6:c6:4c:e8:87:88:e6:3b:d9:1a:e7:56:
df:8b:33:a7:4b:e8:dd:24:a1:c3:9b:2d:a4:12:6c:32:15:86:
9e:40:ad:97:83:31:db:be:db:a6:a5:e1:1a:66:15:d2:40:53:
bd:d1:94:fc:4c:91:65:c0:02:03:3e:c2:26:5a:f1:77:bc:8a:
42:1d:1f:35:b0:e0:c4:79:e1:41:01:ac:50:a1:a2:73:fe:af:
17:dd:c4:9c:df:76:d1:c1:20:fb:a7:84:f3:66:31:a5:d5:4a:
ef:43:92:8f:b7:26:1b:7d:35:3a:bb:d7:e7:62:15:16:10:c5:
10:10:e0:ef:32:2e:4f:37:cc:3a:5a:c5:98:4c:31:28:3d:02:
cd:91:f7:a2:fc:cb:11:ab:52:ea:16:0f:4b:b6:67:ce:13:77:
b5:11:49:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlEu5ax8PLDcf1yS+5B4rp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjMwNzExMTEzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDI3ZWUwMTNjMWQ3OTg2YjA4MTA3NWI0N2E2YzBkYWIyMWExM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJvyFyGgJN6Bh/ooGJ6v6ek45G3l
U/lkJS936Ylmm18DpPjcJ3vAuWUCS3jcMtEDeTSPx3VH3XoGVFrTiW0CnPxYFbfh
WCE9zgkcKq4mQTY18QNKK6+Y6/7/q47HMv6OYMQL0e0tPn5T8iPFEPCqqvYKP8Ue
jrFUoC22wEFPRcGCGUlCjUnNeVygtCpZqyq9/WqyuqFFmSurEFsukQ9zatf9Ho5v
Y1ab8Ot9nu6QAg8BIO0S3WkDbDHfFw7V8z7sq6O0TeEhO3PqrHaWdzh9XfEsx8tv
AAHojlK38woyP44lcgoC0qGsay7YBM8IqKC41AHnu9ENQECW7nkdjnURzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQn7gE8HXmGsIEHW0emwNqyGhPGMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvNUNmdUFUd2RlWWF3Z1FkYlI2YkEycklhRThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue1IMA0G
CSqGSIb3DQEBCwUAA4IBAQBnU93RGw21SEOGff6VEIfrU+DdI/1vGYJ0jcaH0xmi
v6tJhlb0c09v7hb9LFFJr/RMBwxTRbC5B7+4ffMug3GxO67mAGC4mwvI17PRCTdV
tvWNZhxGh6l8chjJRKjgDWj2xkzoh4jmO9ka51bfizOnS+jdJKHDmy2kEmwyFYae
QK2XgzHbvtumpeEaZhXSQFO90ZT8TJFlwAIDPsImWvF3vIpCHR81sODEeeFBAaxQ
oaJz/q8X3cSc33bRwSD7p4TzZjGl1UrvQ5KPtyYbfTU6u9fnYhUWEMUQEODvMi5P
N8w6WsWYTDEoPQLNkfei/MsRq1LqFg9LtmfOE3e1EUnz
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:08:36 2025 by rpki-client