Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/8S0LcuchkGrent3Tddu4BaX3nsY.roa
File: 8S0LcuchkGrent3Tddu4BaX3nsY.roa (raw, json)
Hash identifier: BigQTopisZvNyL+GiYLfv5J8rK1KxxCFa5YsJYve2T4=
Subject key identifier: F1:2D:0B:72:E7:21:90:6A:DE:9E:DD:D3:75:DB:B8:05:A5:F7:9E:C6
Certificate issuer: /CN=1c2cf57271c2b8f04baa7e63a9b8103d5203d7f8
Certificate serial: 01856C4A5E9062F9180C91A939D25343BEAE
Authority key identifier: 1C:2C:F5:72:71:C2:B8:F0:4B:AA:7E:63:A9:B8:10:3D:52:03:D7:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCz1cnHCuPBLqn5jqbgQPVID1_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/8S0LcuchkGrent3Tddu4BaX3nsY.roa
Signing time: Sun 01 Jan 2023 07:44:51 +0000
ROA not before: Sun 01 Jan 2023 07:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206496
IP address blocks: 185.198.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:5e:90:62:f9:18:0c:91:a9:39:d2:53:43:be:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c2cf57271c2b8f04baa7e63a9b8103d5203d7f8
Validity
Not Before: Jan 1 07:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f12d0b72e721906ade9eddd375dbb805a5f79ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bd:5a:32:5b:bc:27:68:93:e6:9a:03:a4:50:
e4:e6:cc:a7:e1:83:8c:9b:8f:40:0c:43:57:3c:88:
d8:1a:9f:42:af:56:96:61:dd:fd:5c:97:ed:2e:bb:
20:13:65:02:0e:74:f8:1b:b8:b9:e3:ad:3f:7c:be:
66:51:3c:7e:da:65:79:9d:0f:f3:26:39:f0:e9:18:
35:00:19:5c:85:16:75:cb:89:c7:d0:61:5e:bf:e2:
67:6f:d7:25:90:b9:10:2e:ac:ea:0e:87:13:3b:eb:
f4:13:e4:7c:10:91:71:97:c6:2d:ca:d3:c8:3a:d6:
29:fd:3d:e2:19:14:d1:ec:4d:02:37:9d:01:bf:95:
06:63:62:84:3b:93:77:70:73:69:b4:f3:28:95:f7:
ff:dd:c7:e6:09:74:f8:5f:0d:16:6a:02:98:93:02:
93:42:96:92:c9:77:93:45:c7:53:7a:c7:b5:78:d6:
d0:ee:3b:65:d5:6b:73:65:2f:d6:fd:fa:ca:49:31:
3f:10:26:7e:92:cc:4d:db:b1:31:32:e9:30:54:e4:
42:70:e9:56:1a:f1:27:6f:8b:36:04:26:45:31:06:
d9:c6:15:f1:5c:ff:42:d9:38:cd:f2:c4:1f:cb:75:
cd:47:cf:cb:ed:ad:39:af:76:68:fd:64:82:25:ce:
d2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2D:0B:72:E7:21:90:6A:DE:9E:DD:D3:75:DB:B8:05:A5:F7:9E:C6
X509v3 Authority Key Identifier:
keyid:1C:2C:F5:72:71:C2:B8:F0:4B:AA:7E:63:A9:B8:10:3D:52:03:D7:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCz1cnHCuPBLqn5jqbgQPVID1_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/8S0LcuchkGrent3Tddu4BaX3nsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/HCz1cnHCuPBLqn5jqbgQPVID1_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.14.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a4:8d:10:b0:f7:01:80:b0:03:e3:b8:d2:f5:65:3f:92:c7:
9e:c9:cf:db:4f:3a:63:81:a8:08:b9:90:ef:18:0d:e9:8c:83:
82:96:fc:2f:c4:ef:ca:18:8c:16:51:d4:fc:ce:77:9b:27:83:
13:e0:50:85:cd:0b:39:ab:08:fe:c9:76:b7:61:ba:6a:77:9b:
14:cd:4d:0a:8b:1a:88:6d:0b:f8:04:3f:1e:4e:bc:01:5d:7b:
13:a4:bc:d8:73:58:d3:d4:a0:bf:d9:f9:5f:d2:d3:56:93:da:
1c:59:2b:e6:f6:ad:b5:09:18:57:53:05:8b:8e:53:24:e2:b6:
46:eb:17:1d:e3:a8:ef:bc:32:2b:45:76:1f:a9:a5:71:08:29:
16:da:c7:82:93:d8:89:0b:fd:c5:c9:3a:7a:f7:af:58:c3:76:
6e:71:9c:6e:07:3a:ac:b4:2e:e1:3b:3b:24:d2:25:df:ad:a9:
5d:9a:b5:a0:e4:2f:2a:aa:90:11:9b:24:64:c9:e9:cc:cd:37:
74:9c:4e:3f:59:56:b6:a3:3e:57:97:07:b3:23:a7:7e:58:76:
3d:bc:02:a5:da:2c:d3:6b:9b:a7:cc:e6:8b:70:89:12:47:25:
8d:3a:db:68:41:af:85:d9:6a:b8:cc:92:39:4a:3e:06:58:95:
8d:26:87:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSl6QYvkYDJGpOdJTQ76uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMmNmNTcyNzFjMmI4ZjA0YmFhN2U2M2E5YjgxMDNkNTIw
M2Q3ZjgwHhcNMjMwMTAxMDc0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTJkMGI3MmU3MjE5MDZhZGU5ZWRkZDM3NWRiYjgwNWE1Zjc5ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr71aMlu8J2iT5poDpFDk5syn4YOM
m49ADENXPIjYGp9Cr1aWYd39XJftLrsgE2UCDnT4G7i5460/fL5mUTx+2mV5nQ/z
Jjnw6Rg1ABlchRZ1y4nH0GFev+Jnb9clkLkQLqzqDocTO+v0E+R8EJFxl8YtytPI
OtYp/T3iGRTR7E0CN50Bv5UGY2KEO5N3cHNptPMolff/3cfmCXT4Xw0WagKYkwKT
QpaSyXeTRcdTese1eNbQ7jtl1WtzZS/W/frKSTE/ECZ+ksxN27ExMukwVORCcOlW
GvEnb4s2BCZFMQbZxhXxXP9C2TjN8sQfy3XNR8/L7a05r3Zo/WSCJc7SiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPEtC3LnIZBq3p7d03XbuAWl957GMB8GA1UdIwQY
MBaAFBws9XJxwrjwS6p+Y6m4ED1SA9f4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEN6MWNuSEN1UEJMcW41anFiZ1FQVklEMV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81YWJjOTItZjU1YS00NTQ4LTlhMDAt
NWI0NTM2YTc5ZTgyLzEvOFMwTGN1Y2hrR3JlbnQzVGRkdTRCYVgzbnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81YWJjOTItZjU1YS00NTQ4LTlhMDAtNWI0NTM2YTc5ZTgy
LzEvSEN6MWNuSEN1UEJMcW41anFiZ1FQVklEMV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucYOMA0G
CSqGSIb3DQEBCwUAA4IBAQBYpI0QsPcBgLAD47jS9WU/kseeyc/bTzpjgagIuZDv
GA3pjIOClvwvxO/KGIwWUdT8znebJ4MT4FCFzQs5qwj+yXa3Ybpqd5sUzU0KixqI
bQv4BD8eTrwBXXsTpLzYc1jT1KC/2flf0tNWk9ocWSvm9q21CRhXUwWLjlMk4rZG
6xcd46jvvDIrRXYfqaVxCCkW2seCk9iJC/3FyTp6969Yw3ZucZxuBzqstC7hOzsk
0iXfraldmrWg5C8qqpARmyRkyenMzTd0nE4/WVa2oz5XlwezI6d+WHY9vAKl2izT
a5unzOaLcIkSRyWNOttoQa+F2Wq4zJI5Sj4GWJWNJofk
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:40:22 2025 by rpki-client