Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bWhu04FFUAXMIQyVHO8su_aMmK4.roa
File: bWhu04FFUAXMIQyVHO8su_aMmK4.roa (raw, json)
Hash identifier: 0IMXcQo6xXg7Oam/UIh9nR2NLI+IP7kRDoCk3o2pT3Q=
Subject key identifier: 6D:68:6E:D3:81:45:50:05:CC:21:0C:95:1C:EF:2C:BB:F6:8C:98:AE
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 01856F8B8B63B7C252CA9B9DFE1F54C71604
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bWhu04FFUAXMIQyVHO8su_aMmK4.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8870
IP address blocks: 185.237.74.0/24 maxlen: 24
185.237.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8b:63:b7:c2:52:ca:9b:9d:fe:1f:54:c7:16:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d686ed381455005cc210c951cef2cbbf68c98ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:72:69:46:a3:08:fa:49:cf:0e:21:66:3f:
a8:9f:94:b2:6c:1e:ef:a0:be:e0:6e:77:c3:da:66:
b5:a6:29:2f:b2:e8:7a:a2:2e:98:ba:f6:60:96:bb:
50:83:0d:83:cf:d5:c8:4d:0a:58:23:66:a2:ef:19:
88:36:2f:3c:45:b8:8d:7e:f1:5b:b9:a0:be:15:e7:
b9:76:8a:d5:5a:fc:a5:83:a8:41:ec:b5:e6:f5:5a:
43:d4:e4:d7:96:6c:7d:20:b2:33:38:9b:5e:0c:45:
a3:14:58:48:8f:b2:de:41:59:8e:2a:df:d3:43:c8:
cd:35:2e:37:67:75:e8:8e:af:e2:80:c0:a2:1e:c6:
90:27:3c:d8:be:2f:1c:e8:10:71:d1:c3:65:28:32:
01:af:2b:16:e2:a8:32:21:66:f6:b7:5b:9a:85:c5:
d6:ca:42:b6:9f:2e:90:46:8c:73:80:63:04:55:74:
60:9b:b0:4c:55:21:de:64:b3:a0:c5:ce:0a:e2:37:
12:22:01:9f:fb:70:6d:14:36:49:de:67:b3:61:53:
cc:21:35:a2:86:1c:f2:aa:c0:bb:5e:ee:97:67:f4:
4f:ff:60:74:d9:bf:54:59:c2:fc:f4:0a:fa:23:17:
ac:c0:5f:b6:5c:0c:c6:d9:c6:5b:d6:ae:08:92:22:
01:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:68:6E:D3:81:45:50:05:CC:21:0C:95:1C:EF:2C:BB:F6:8C:98:AE
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bWhu04FFUAXMIQyVHO8su_aMmK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.74.0/23
Signature Algorithm: sha256WithRSAEncryption
13:64:dc:c8:6a:75:b0:c2:61:b9:69:59:c6:b9:aa:d4:f8:a6:
6f:e6:ac:21:46:05:b7:42:2d:ea:93:af:db:a6:83:bb:72:2c:
93:69:84:51:6b:1e:7c:8b:3d:f4:3f:73:00:9a:4a:8f:7c:84:
f6:3a:1c:69:f9:00:47:ab:9a:f7:1f:f3:5c:d2:e1:6d:43:25:
25:e4:48:70:30:c1:4b:83:30:01:f0:63:0b:8f:53:bd:bd:a2:
b5:57:cc:ba:b9:d9:ef:12:19:ad:bc:0b:a9:3c:86:50:ac:02:
9d:d7:53:b6:2f:13:f2:18:6e:91:c8:ec:55:14:66:c6:cb:82:
fc:24:6c:f3:e0:e6:15:8c:3f:8b:32:ec:c5:41:5f:59:53:df:
e2:0d:86:55:77:31:d8:44:36:0d:3f:82:fb:b3:5c:6f:b4:01:
03:c2:d1:80:c8:76:98:1b:ef:ae:5f:6c:7a:01:a6:ee:20:81:
24:e5:21:69:32:49:0b:eb:30:9b:e0:b3:86:dc:3a:62:d9:2f:
33:af:4c:67:bc:df:15:2d:db:22:50:e0:cc:23:67:99:17:4e:
ad:09:4c:40:db:55:28:a6:a4:05:30:96:7c:1b:99:37:85:e7:
d8:18:cf:18:94:92:52:65:6a:7e:5e:d7:cb:f2:67:53:fa:0e:
de:31:70:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi4tjt8JSypud/h9UxxYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDY4NmVkMzgxNDU1MDA1Y2MyMTBjOTUxY2VmMmNiYmY2OGM5OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogxyaUajCPpJzw4hZj+on5SybB7v
oL7gbnfD2ma1pikvsuh6oi6YuvZglrtQgw2Dz9XITQpYI2ai7xmINi88RbiNfvFb
uaC+Fee5dorVWvylg6hB7LXm9VpD1OTXlmx9ILIzOJteDEWjFFhIj7LeQVmOKt/T
Q8jNNS43Z3Xojq/igMCiHsaQJzzYvi8c6BBx0cNlKDIBrysW4qgyIWb2t1uahcXW
ykK2ny6QRoxzgGMEVXRgm7BMVSHeZLOgxc4K4jcSIgGf+3BtFDZJ3mezYVPMITWi
hhzyqsC7Xu6XZ/RP/2B02b9UWcL89Ar6IxeswF+2XAzG2cZb1q4IkiIBKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1obtOBRVAFzCEMlRzvLLv2jJiuMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvYldodTA0RkZVQVhNSVF5VkhPOHN1X2FNbUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBue1KMA0G
CSqGSIb3DQEBCwUAA4IBAQATZNzIanWwwmG5aVnGuarU+KZv5qwhRgW3Qi3qk6/b
poO7ciyTaYRRax58iz30P3MAmkqPfIT2Ohxp+QBHq5r3H/Nc0uFtQyUl5EhwMMFL
gzAB8GMLj1O9vaK1V8y6udnvEhmtvAupPIZQrAKd11O2LxPyGG6RyOxVFGbGy4L8
JGzz4OYVjD+LMuzFQV9ZU9/iDYZVdzHYRDYNP4L7s1xvtAEDwtGAyHaYG++uX2x6
AabuIIEk5SFpMkkL6zCb4LOG3Dpi2S8zr0xnvN8VLdsiUODMI2eZF06tCUxA21Uo
pqQFMJZ8G5k3hefYGM8YlJJSZWp+XtfL8mdT+g7eMXCn
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:28:20 2025 by rpki-client