Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/3LEh_S8utsFJV3QtMHUQMGWKmnk.roa
File: 3LEh_S8utsFJV3QtMHUQMGWKmnk.roa (raw, json)
Hash identifier: 4G/U9wEfcrGk1q0o2aWY6LG9JXtW0B/vC3KCFEjFwnQ=
Subject key identifier: DC:B1:21:FD:2F:2E:B6:C1:49:57:74:2D:30:75:10:30:65:8A:9A:79
Certificate issuer: /CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Certificate serial: 0185700B9765D19CE331D7D30DA4DFFA4BD1
Authority key identifier: AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/3LEh_S8utsFJV3QtMHUQMGWKmnk.roa
Signing time: Mon 02 Jan 2023 01:14:45 +0000
ROA not before: Mon 02 Jan 2023 01:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57866
IP address blocks: 185.114.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:97:65:d1:9c:e3:31:d7:d3:0d:a4:df:fa:4b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Validity
Not Before: Jan 2 01:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcb121fd2f2eb6c14957742d30751030658a9a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bc:cc:cf:e5:c8:cb:18:51:9e:2d:7b:4b:88:
c9:66:a8:1c:59:57:42:71:e0:13:b0:8d:d1:8b:dd:
1c:3b:39:06:3d:af:c2:8c:a0:40:0d:46:7f:c0:2d:
98:11:3d:8f:b0:fb:b6:da:e8:c7:44:32:2d:ce:1a:
81:22:1d:52:0c:58:d7:40:31:be:39:e5:32:66:4c:
63:b1:1f:2e:ea:24:7f:55:49:71:38:6d:bf:95:2c:
9d:9d:50:7a:00:be:16:91:dc:7d:03:fb:ac:4f:66:
76:e0:31:eb:71:34:5d:99:ba:56:f3:bb:07:df:bf:
ec:ed:72:56:69:79:ec:55:02:d2:fe:f2:37:3f:e5:
4c:1c:2f:df:74:3b:6b:1a:67:b4:94:70:4a:e6:b8:
9e:20:53:4a:8e:bb:db:ab:d9:ea:b1:a3:cc:59:96:
c5:26:f9:04:d6:9a:d1:7f:11:df:c6:1b:8c:29:4f:
a8:71:c6:42:39:d6:5e:88:39:f7:15:7e:71:4f:45:
26:b6:92:a2:b6:69:d9:ec:2c:5b:03:fa:32:14:86:
66:36:a4:ca:8d:0f:0e:a5:16:86:c6:a8:16:33:70:
a1:bc:72:84:30:32:95:af:be:d1:4c:15:3d:24:21:
44:e1:10:30:44:18:d5:b7:b7:1d:a7:43:a4:09:ec:
02:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B1:21:FD:2F:2E:B6:C1:49:57:74:2D:30:75:10:30:65:8A:9A:79
X509v3 Authority Key Identifier:
keyid:AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/3LEh_S8utsFJV3QtMHUQMGWKmnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.236.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:fb:21:29:d7:46:4c:32:66:b4:d7:71:16:d7:a9:6d:62:e8:
0e:03:c8:81:5a:d4:49:d2:d6:d3:32:d9:ca:1c:7a:d4:87:d3:
9d:86:a5:08:79:50:f4:7d:6d:3d:71:aa:09:f5:a9:b9:4e:d4:
73:92:59:d0:3c:e0:5f:ca:92:38:6a:f0:80:b0:65:8e:37:45:
d8:85:8c:51:70:1c:08:2a:8c:1e:ec:60:8b:a8:f2:63:c1:85:
ec:9e:f2:fb:3f:39:56:e2:d2:b0:49:1f:40:ce:45:d8:a6:2a:
7e:49:89:04:f2:a1:97:b1:02:b9:04:78:4d:01:70:70:30:74:
10:b8:b7:a1:83:9e:14:57:b8:48:ed:92:07:57:d6:c5:a5:2b:
78:d3:53:81:89:65:1d:61:b8:82:74:80:3c:b1:f3:59:0b:9a:
3f:c0:04:98:5d:04:6e:46:df:ed:9c:27:5a:86:bb:ed:f0:59:
2b:05:a7:bd:a1:91:17:6c:fe:dc:c4:24:b3:1a:f8:49:aa:ab:
5f:c2:e7:22:44:7d:de:d9:a5:06:bf:c3:84:41:e1:09:59:43:
4c:ce:ee:53:94:e0:93:3b:b5:db:12:8f:42:12:0b:16:b2:b5:
0e:27:d3:a3:fa:64:7d:62:34:9d:7f:7f:38:ad:3a:41:8a:c0:
8a:d3:78:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwC5dl0ZzjMdfTDaTf+kvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWU4NmE3NmJkZGMxMjAzYTAyOWQzMTQ3NWQzZWJjNTdk
OTBhNDEwHhcNMjMwMTAyMDExNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2IxMjFmZDJmMmViNmMxNDk1Nzc0MmQzMDc1MTAzMDY1OGE5YTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7zMz+XIyxhRni17S4jJZqgcWVdC
ceATsI3Ri90cOzkGPa/CjKBADUZ/wC2YET2PsPu22ujHRDItzhqBIh1SDFjXQDG+
OeUyZkxjsR8u6iR/VUlxOG2/lSydnVB6AL4Wkdx9A/usT2Z24DHrcTRdmbpW87sH
37/s7XJWaXnsVQLS/vI3P+VMHC/fdDtrGme0lHBK5rieIFNKjrvbq9nqsaPMWZbF
JvkE1prRfxHfxhuMKU+occZCOdZeiDn3FX5xT0UmtpKitmnZ7CxbA/oyFIZmNqTK
jQ8OpRaGxqgWM3ChvHKEMDKVr77RTBU9JCFE4RAwRBjVt7cdp0OkCewC/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyxIf0vLrbBSVd0LTB1EDBlipp5MB8GA1UdIwQY
MBaAFKqehqdr3cEgOgKdMUddPrxX2QpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQt
MDNiMGVlYzdmZjI5LzEvM0xFaF9TOHV0c0ZKVjNRdE1IVVFNR1dLbW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQtMDNiMGVlYzdmZjI5
LzEvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXLsMA0G
CSqGSIb3DQEBCwUAA4IBAQBN+yEp10ZMMma013EW16ltYugOA8iBWtRJ0tbTMtnK
HHrUh9OdhqUIeVD0fW09caoJ9am5TtRzklnQPOBfypI4avCAsGWON0XYhYxRcBwI
Kowe7GCLqPJjwYXsnvL7PzlW4tKwSR9AzkXYpip+SYkE8qGXsQK5BHhNAXBwMHQQ
uLehg54UV7hI7ZIHV9bFpSt401OBiWUdYbiCdIA8sfNZC5o/wASYXQRuRt/tnCda
hrvt8FkrBae9oZEXbP7cxCSzGvhJqqtfwuciRH3e2aUGv8OEQeEJWUNMzu5TlOCT
O7XbEo9CEgsWsrUOJ9Oj+mR9YjSdf384rTpBisCK03gG
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:39:12 2025 by rpki-client