Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ceb5a1-16c0-478f-a2cf-4f225d088566/1/uSmovAItJRPz9w69vbScY2P1T_Q.roa
File: uSmovAItJRPz9w69vbScY2P1T_Q.roa (raw, json)
Hash identifier: eKc+fiXxjgcuE0OjOkrLGLbk3bCawcGiTLOPzH2HK84=
Subject key identifier: B9:29:A8:BC:02:2D:25:13:F3:F7:0E:BD:BD:B4:9C:63:63:F5:4F:F4
Certificate issuer: /CN=c21fab767447d36911974cf9bb1d1ae9131fc845
Certificate serial: 01856C8A50E8FA7C66C58173CA4859AA1216
Authority key identifier: C2:1F:AB:76:74:47:D3:69:11:97:4C:F9:BB:1D:1A:E9:13:1F:C8:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wh-rdnRH02kRl0z5ux0a6RMfyEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ceb5a1-16c0-478f-a2cf-4f225d088566/1/uSmovAItJRPz9w69vbScY2P1T_Q.roa
Signing time: Sun 01 Jan 2023 08:54:42 +0000
ROA not before: Sun 01 Jan 2023 08:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201627
IP address blocks: 185.68.168.0/22 maxlen: 22
185.68.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:50:e8:fa:7c:66:c5:81:73:ca:48:59:aa:12:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c21fab767447d36911974cf9bb1d1ae9131fc845
Validity
Not Before: Jan 1 08:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b929a8bc022d2513f3f70ebdbdb49c6363f54ff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:df:35:db:6a:2f:8b:2a:5e:85:18:14:13:0c:
37:17:30:96:b2:5e:e0:99:0d:38:88:d4:3d:98:9f:
39:46:77:ee:20:40:72:1c:24:04:1f:19:69:92:ea:
c9:9c:25:e5:3d:62:39:2a:b2:f6:3e:af:e8:9e:a7:
9a:35:fe:be:86:86:ad:3d:0b:a5:8f:0e:73:9b:d6:
df:2e:60:4a:47:44:58:bf:a5:44:14:d4:d4:34:f7:
19:d9:06:f2:51:21:a8:cc:cd:dd:20:8e:ee:40:43:
0c:4b:12:8a:5b:a8:cb:5e:62:43:75:de:c4:c4:23:
1a:ad:e2:ec:5e:db:98:f9:6f:50:c7:86:4e:13:0f:
c8:1c:8a:f7:5f:bc:38:ca:1d:26:c5:9f:52:e1:d3:
e2:a3:ce:19:6c:5d:2d:51:1f:62:50:e6:7a:23:e9:
ab:65:ab:04:8f:33:73:1f:18:98:48:c1:36:2f:09:
ca:08:cb:f5:02:71:09:81:b6:68:9b:0f:0a:6b:da:
c1:d4:26:21:57:76:0a:69:ce:9c:a0:30:1a:fd:c5:
66:dc:e1:c3:c9:96:b6:7e:96:9b:fd:6f:20:49:55:
fb:4d:c5:1a:a2:ed:1e:6e:3a:94:35:27:81:5b:c7:
25:dc:4d:15:c8:52:6c:a2:19:1d:6a:27:e0:72:c1:
6f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:29:A8:BC:02:2D:25:13:F3:F7:0E:BD:BD:B4:9C:63:63:F5:4F:F4
X509v3 Authority Key Identifier:
keyid:C2:1F:AB:76:74:47:D3:69:11:97:4C:F9:BB:1D:1A:E9:13:1F:C8:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wh-rdnRH02kRl0z5ux0a6RMfyEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ceb5a1-16c0-478f-a2cf-4f225d088566/1/uSmovAItJRPz9w69vbScY2P1T_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ceb5a1-16c0-478f-a2cf-4f225d088566/1/wh-rdnRH02kRl0z5ux0a6RMfyEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.168.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:89:51:b8:e4:08:99:c4:1e:7d:e7:3f:63:f4:8d:44:b7:f8:
30:6e:8e:92:92:8a:fc:cc:a4:fb:d5:3a:6a:90:3b:17:aa:29:
84:7f:28:f4:59:f1:b4:85:cf:1f:e1:77:c2:e7:b5:2e:a2:b9:
5d:d4:ed:9c:f8:f5:55:55:69:4e:15:d1:f8:96:e3:4f:d9:12:
af:11:54:3f:df:b9:7e:14:6a:f6:89:e4:ee:9c:7b:8c:01:3b:
be:9b:4e:ef:5b:3b:6d:ba:2b:96:7b:87:02:52:1c:97:a4:8e:
fe:a5:21:67:77:58:c1:f9:70:8e:1b:a4:66:3e:b6:13:ae:2e:
f6:22:66:83:17:34:22:18:24:ad:a9:dc:29:fe:66:5a:79:59:
c6:87:ca:41:0f:47:f7:c8:84:02:1a:d4:b0:0f:d4:2b:31:81:
d5:b5:df:9f:b4:66:3a:2d:96:89:bf:10:c7:67:fb:2a:cf:4e:
d4:bb:6f:a9:47:4d:e4:37:57:40:04:14:a3:b3:ce:4c:e6:d4:
1c:99:5b:33:cb:cb:11:f4:17:2c:f2:40:d0:61:51:28:ae:65:
b6:3f:50:b7:da:8b:19:53:26:90:98:6c:06:ed:aa:93:ff:a4:
c5:0b:5f:6f:f0:a8:0f:c2:0f:7e:df:1a:2e:ff:9c:05:f1:69:
fb:53:83:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsilDo+nxmxYFzykhZqhIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMWZhYjc2NzQ0N2QzNjkxMTk3NGNmOWJiMWQxYWU5MTMx
ZmM4NDUwHhcNMjMwMTAxMDg1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTI5YThiYzAyMmQyNTEzZjNmNzBlYmRiZGI0OWM2MzYzZjU0ZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt8122oviypehRgUEww3FzCWsl7g
mQ04iNQ9mJ85RnfuIEByHCQEHxlpkurJnCXlPWI5KrL2Pq/onqeaNf6+hoatPQul
jw5zm9bfLmBKR0RYv6VEFNTUNPcZ2QbyUSGozM3dII7uQEMMSxKKW6jLXmJDdd7E
xCMareLsXtuY+W9Qx4ZOEw/IHIr3X7w4yh0mxZ9S4dPio84ZbF0tUR9iUOZ6I+mr
ZasEjzNzHxiYSME2LwnKCMv1AnEJgbZomw8Ka9rB1CYhV3YKac6coDAa/cVm3OHD
yZa2fpab/W8gSVX7TcUaou0ebjqUNSeBW8cl3E0VyFJsohkdaifgcsFvHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLkpqLwCLSUT8/cOvb20nGNj9U/0MB8GA1UdIwQY
MBaAFMIfq3Z0R9NpEZdM+bsdGukTH8hFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2gtcmRuUkgwMmtSbDB6NXV4MGE2Uk1meUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jZWI1YTEtMTZjMC00NzhmLWEyY2Yt
NGYyMjVkMDg4NTY2LzEvdVNtb3ZBSXRKUlB6OXc2OXZiU2NZMlAxVF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jZWI1YTEtMTZjMC00NzhmLWEyY2YtNGYyMjVkMDg4NTY2
LzEvd2gtcmRuUkgwMmtSbDB6NXV4MGE2Uk1meUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUSoMA0G
CSqGSIb3DQEBCwUAA4IBAQBdiVG45AiZxB595z9j9I1Et/gwbo6Skor8zKT71Tpq
kDsXqimEfyj0WfG0hc8f4XfC57Uuorld1O2c+PVVVWlOFdH4luNP2RKvEVQ/37l+
FGr2ieTunHuMATu+m07vWzttuiuWe4cCUhyXpI7+pSFnd1jB+XCOG6RmPrYTri72
ImaDFzQiGCStqdwp/mZaeVnGh8pBD0f3yIQCGtSwD9QrMYHVtd+ftGY6LZaJvxDH
Z/sqz07Uu2+pR03kN1dABBSjs85M5tQcmVszy8sR9Bcs8kDQYVEormW2P1C32osZ
UyaQmGwG7aqT/6TFC19v8KgPwg9+3xou/5wF8Wn7U4ML
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:41:53 2025 by rpki-client