Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/5d5593-77fb-44a5-a60c-a7b5f95358bf/1/3eLh62WN0PZtNrNJH5thX8XWkBQ.roa
File: 3eLh62WN0PZtNrNJH5thX8XWkBQ.roa (raw, json)
Hash identifier: G3E1h1t/yvbfEgc6g04IiLsrrVqCIfOfS5uHJr4XY/o=
Subject key identifier: DD:E2:E1:EB:65:8D:D0:F6:6D:36:B3:49:1F:9B:61:5F:C5:D6:90:14
Certificate issuer: /CN=729fa13095d3e7f09fd8f61ac5084c3bc5194a0e
Certificate serial: 01856D5CFA8C70B40FBE230E2926D1780E52
Authority key identifier: 72:9F:A1:30:95:D3:E7:F0:9F:D8:F6:1A:C5:08:4C:3B:C5:19:4A:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cp-hMJXT5_Cf2PYaxQhMO8UZSg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/5d5593-77fb-44a5-a60c-a7b5f95358bf/1/3eLh62WN0PZtNrNJH5thX8XWkBQ.roa
Signing time: Sun 01 Jan 2023 12:44:48 +0000
ROA not before: Sun 01 Jan 2023 12:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203586
IP address blocks: 185.219.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:fa:8c:70:b4:0f:be:23:0e:29:26:d1:78:0e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=729fa13095d3e7f09fd8f61ac5084c3bc5194a0e
Validity
Not Before: Jan 1 12:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dde2e1eb658dd0f66d36b3491f9b615fc5d69014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:02:5f:96:f9:c4:8b:02:d1:7f:3f:c9:a7:d2:
74:0a:cc:d8:00:9f:70:dd:8e:9f:28:eb:b1:01:40:
0f:83:d1:43:71:72:0a:84:30:d2:bd:b8:9f:39:34:
3b:e9:e4:c9:d7:35:cb:84:8d:03:67:f4:aa:9c:eb:
b1:b2:f4:90:e6:c6:51:9b:4a:a3:cd:00:99:86:38:
81:10:3e:77:24:b7:f2:f0:42:f0:1d:2e:a5:07:77:
78:74:f4:6f:ed:ac:82:fd:21:c1:df:5b:f3:51:47:
d2:e8:11:8f:0b:76:75:ed:73:0e:7f:b5:39:34:75:
7c:49:76:fb:03:9b:f4:95:4d:4d:d7:a6:a9:54:12:
bc:15:da:37:81:75:0d:5a:93:b8:ce:09:1c:c0:39:
74:27:c7:41:1d:8c:07:f8:19:2e:7c:8a:32:cf:94:
f0:10:8d:31:84:b3:73:07:48:03:37:72:df:ca:5a:
23:86:d0:af:39:27:ac:a0:21:f9:36:bf:f6:4b:70:
5f:90:c0:c2:6c:32:65:13:a9:5d:b9:5d:22:c4:a3:
9c:fe:7f:ad:70:a9:78:11:dc:e5:43:c3:9a:13:1b:
e7:0e:ed:5f:bd:c9:56:9a:50:b7:51:d4:78:ff:bc:
e0:5b:0c:4c:0e:31:ee:10:ea:93:ff:8b:b1:2a:b2:
2c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E2:E1:EB:65:8D:D0:F6:6D:36:B3:49:1F:9B:61:5F:C5:D6:90:14
X509v3 Authority Key Identifier:
keyid:72:9F:A1:30:95:D3:E7:F0:9F:D8:F6:1A:C5:08:4C:3B:C5:19:4A:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cp-hMJXT5_Cf2PYaxQhMO8UZSg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/5d5593-77fb-44a5-a60c-a7b5f95358bf/1/3eLh62WN0PZtNrNJH5thX8XWkBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/5d5593-77fb-44a5-a60c-a7b5f95358bf/1/cp-hMJXT5_Cf2PYaxQhMO8UZSg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.184.0/22
Signature Algorithm: sha256WithRSAEncryption
52:b9:86:9a:9a:a5:bd:e0:77:27:5a:43:b4:6f:1f:46:7f:0b:
70:61:e9:99:d4:96:96:4c:2d:71:5f:5d:8b:6e:e3:f2:a1:4f:
79:7b:46:96:a1:55:a5:1e:6a:46:b2:de:00:1e:21:b8:35:a4:
5e:c5:01:9d:b4:c5:4d:96:d3:fa:90:a3:8f:ed:82:a2:d6:09:
73:7f:35:31:57:82:b6:c7:e2:b4:4c:c0:f5:3e:c0:e6:89:93:
84:56:b0:21:80:7b:7f:50:dc:9a:84:84:ac:16:83:e3:1f:3f:
fb:0f:53:57:85:46:18:1a:4a:ac:b8:01:5b:ab:b1:ff:c8:c5:
cd:03:84:78:5a:3d:1e:29:01:63:1a:64:3f:45:b2:95:7a:df:
cd:5e:e2:d2:e0:9f:8f:fb:d7:ff:f7:d0:33:73:62:d6:1a:86:
10:cb:ee:a3:dd:e9:6f:a6:82:d2:c8:04:4a:28:8c:fb:fc:c2:
a8:b8:36:62:bd:5d:fc:46:8d:90:dd:b0:07:ca:5c:b0:ae:8e:
5c:2d:05:95:22:e9:fe:46:ad:4e:3c:a6:ef:a5:ac:7b:f1:d8:
fb:10:ed:71:96:a1:a0:35:1c:b5:42:57:fb:b9:3c:8e:db:91:
d4:79:8e:81:68:f6:ab:ad:d9:4a:ba:e1:09:3a:61:42:6d:22:
ad:c2:b1:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXPqMcLQPviMOKSbReA5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOWZhMTMwOTVkM2U3ZjA5ZmQ4ZjYxYWM1MDg0YzNiYzUx
OTRhMGUwHhcNMjMwMTAxMTI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGUyZTFlYjY1OGRkMGY2NmQzNmIzNDkxZjliNjE1ZmM1ZDY5MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngJflvnEiwLRfz/Jp9J0CszYAJ9w
3Y6fKOuxAUAPg9FDcXIKhDDSvbifOTQ76eTJ1zXLhI0DZ/SqnOuxsvSQ5sZRm0qj
zQCZhjiBED53JLfy8ELwHS6lB3d4dPRv7ayC/SHB31vzUUfS6BGPC3Z17XMOf7U5
NHV8SXb7A5v0lU1N16apVBK8Fdo3gXUNWpO4zgkcwDl0J8dBHYwH+BkufIoyz5Tw
EI0xhLNzB0gDN3LfylojhtCvOSesoCH5Nr/2S3BfkMDCbDJlE6lduV0ixKOc/n+t
cKl4EdzlQ8OaExvnDu1fvclWmlC3UdR4/7zgWwxMDjHuEOqT/4uxKrIs7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3i4etljdD2bTazSR+bYV/F1pAUMB8GA1UdIwQY
MBaAFHKfoTCV0+fwn9j2GsUITDvFGUoOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3AtaE1KWFQ1X0NmMlBZYXhRaE1POFVaU2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC81ZDU1OTMtNzdmYi00NGE1LWE2MGMt
YTdiNWY5NTM1OGJmLzEvM2VMaDYyV04wUFp0TnJOSkg1dGhYOFhXa0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC81ZDU1OTMtNzdmYi00NGE1LWE2MGMtYTdiNWY5NTM1OGJm
LzEvY3AtaE1KWFQ1X0NmMlBZYXhRaE1POFVaU2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudu4MA0G
CSqGSIb3DQEBCwUAA4IBAQBSuYaamqW94HcnWkO0bx9GfwtwYemZ1JaWTC1xX12L
buPyoU95e0aWoVWlHmpGst4AHiG4NaRexQGdtMVNltP6kKOP7YKi1glzfzUxV4K2
x+K0TMD1PsDmiZOEVrAhgHt/UNyahISsFoPjHz/7D1NXhUYYGkqsuAFbq7H/yMXN
A4R4Wj0eKQFjGmQ/RbKVet/NXuLS4J+P+9f/99Azc2LWGoYQy+6j3elvpoLSyARK
KIz7/MKouDZivV38Ro2Q3bAHylywro5cLQWVIun+Rq1OPKbvpax78dj7EO1xlqGg
NRy1Qlf7uTyO25HUeY6BaParrdlKuuEJOmFCbSKtwrGM
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:15:13 2025 by rpki-client