Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/AaCFXS0_rMISN7HwJVgSJp9oWwg.roa
File: AaCFXS0_rMISN7HwJVgSJp9oWwg.roa (raw, json)
Hash identifier: Xq+FyQ99H+TS3JyDa97F1v4SLXj1eDw9wcqt1q72XyY=
Subject key identifier: 01:A0:85:5D:2D:3F:AC:C2:12:37:B1:F0:25:58:12:26:9F:68:5B:08
Certificate issuer: /CN=09f93d62beb75bb4232dcd052d270276d36f8573
Certificate serial: 0186F2EEE369E3FA4307A353899F2EFAC036
Authority key identifier: 09:F9:3D:62:BE:B7:5B:B4:23:2D:CD:05:2D:27:02:76:D3:6F:85:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfk9Yr63W7QjLc0FLScCdtNvhXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/AaCFXS0_rMISN7HwJVgSJp9oWwg.roa
Signing time: Sat 18 Mar 2023 04:16:27 +0000
ROA not before: Sat 18 Mar 2023 04:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46844
IP address blocks: 185.141.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f2:ee:e3:69:e3:fa:43:07:a3:53:89:9f:2e:fa:c0:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f93d62beb75bb4232dcd052d270276d36f8573
Validity
Not Before: Mar 18 04:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01a0855d2d3facc21237b1f0255812269f685b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:05:dd:23:6a:67:fb:a0:df:6c:75:cc:50:
cb:cd:68:fb:9d:a9:83:2c:b5:b3:38:4e:ad:ed:53:
01:7c:4e:c4:21:04:4a:0f:f8:d0:31:7e:2f:76:86:
c3:5b:fc:64:d6:14:ed:37:47:78:72:2c:8f:07:f9:
83:ee:10:67:20:f2:ee:23:62:83:6d:d7:70:4e:e8:
cd:87:2a:be:e1:a7:e8:31:cf:56:8f:f8:13:b8:a4:
cc:9c:5e:25:83:62:ee:b2:f2:38:cc:e1:91:76:08:
8a:16:ee:e9:82:26:91:3f:b1:35:5f:3a:18:b2:23:
f0:b9:5c:52:b3:8f:3f:e3:cc:eb:37:5a:70:04:04:
44:12:20:3a:64:89:77:09:e5:34:23:40:bd:2c:f8:
5b:c4:33:8c:36:b2:73:49:f7:ac:4e:56:28:1d:47:
01:1c:8b:60:41:9d:94:0d:82:87:a3:66:35:98:93:
25:25:bd:70:3c:62:4a:fe:fc:25:81:df:c6:87:38:
92:9f:08:5f:21:53:89:b0:81:a9:8a:74:4a:d0:13:
8f:5e:d5:5c:c0:d6:6d:72:0c:54:11:94:1b:47:44:
05:6f:b3:db:ff:02:9f:a3:6b:a9:62:9b:00:aa:f3:
4f:23:86:19:5e:19:9f:96:37:27:99:bb:5a:57:8d:
4a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A0:85:5D:2D:3F:AC:C2:12:37:B1:F0:25:58:12:26:9F:68:5B:08
X509v3 Authority Key Identifier:
keyid:09:F9:3D:62:BE:B7:5B:B4:23:2D:CD:05:2D:27:02:76:D3:6F:85:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfk9Yr63W7QjLc0FLScCdtNvhXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/AaCFXS0_rMISN7HwJVgSJp9oWwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/Cfk9Yr63W7QjLc0FLScCdtNvhXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.195.0/24
Signature Algorithm: sha256WithRSAEncryption
31:96:dc:8c:6d:0c:5d:c4:d5:fc:a6:2f:21:64:0a:aa:0f:b2:
dd:be:f0:23:40:32:a8:f3:81:f3:83:ad:c1:da:6f:33:2c:28:
20:fa:02:6e:81:f5:57:16:59:7a:46:f3:c2:82:32:b6:fa:bb:
e1:53:64:5a:7c:95:46:ea:0a:90:7a:ca:36:a9:fb:98:dd:c7:
33:b4:15:4f:b2:a5:17:41:be:4b:ef:d9:c4:0e:42:d1:b5:f9:
ce:aa:cc:76:49:25:fa:03:65:7b:ab:ea:69:a3:29:b7:67:4d:
75:04:51:e7:f3:10:ec:5f:6e:dd:10:4a:30:da:af:04:2f:86:
4a:1a:00:c9:48:c8:75:42:04:9c:a8:90:b6:16:c6:56:5b:55:
d7:06:13:06:da:8f:53:93:29:95:16:24:83:0d:4e:2d:8d:33:
c9:1d:19:42:7c:3e:fd:50:92:bb:17:90:9a:f2:4b:6c:12:74:
4c:cc:5e:e0:29:cf:0c:d6:81:ba:ab:1c:37:9a:ca:d2:4a:12:
f4:d5:9f:3c:41:f9:39:67:e0:55:1b:6b:8f:5d:46:f4:45:f5:
b0:5c:71:89:20:0f:38:f2:f7:78:83:8a:67:d2:fd:05:36:f7:
48:0d:df:c2:29:23:14:49:6a:e6:8e:18:74:1c:27:94:3f:3f:
f9:7f:fa:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYby7uNp4/pDB6NTiZ8u+sA2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjkzZDYyYmViNzViYjQyMzJkY2QwNTJkMjcwMjc2ZDM2
Zjg1NzMwHhcNMjMwMzE4MDQxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWEwODU1ZDJkM2ZhY2MyMTIzN2IxZjAyNTU4MTIyNjlmNjg1YjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOkF3SNqZ/ug32x1zFDLzWj7namD
LLWzOE6t7VMBfE7EIQRKD/jQMX4vdobDW/xk1hTtN0d4ciyPB/mD7hBnIPLuI2KD
bddwTujNhyq+4afoMc9Wj/gTuKTMnF4lg2LusvI4zOGRdgiKFu7pgiaRP7E1XzoY
siPwuVxSs48/48zrN1pwBAREEiA6ZIl3CeU0I0C9LPhbxDOMNrJzSfesTlYoHUcB
HItgQZ2UDYKHo2Y1mJMlJb1wPGJK/vwlgd/GhziSnwhfIVOJsIGpinRK0BOPXtVc
wNZtcgxUEZQbR0QFb7Pb/wKfo2upYpsAqvNPI4YZXhmfljcnmbtaV41KgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGghV0tP6zCEjex8CVYEiafaFsIMB8GA1UdIwQY
MBaAFAn5PWK+t1u0Iy3NBS0nAnbTb4VzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZrOVlyNjNXN1FqTGMwRkxTY0NkdE52aFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83MDVhYWQtNTliMi00NzRlLWEzZDgt
YmYzNGQwMWY4YjBhLzEvQWFDRlhTMF9yTUlTTjdId0pWZ1NKcDlvV3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83MDVhYWQtNTliMi00NzRlLWEzZDgtYmYzNGQwMWY4YjBh
LzEvQ2ZrOVlyNjNXN1FqTGMwRkxTY0NkdE52aFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY3DMA0G
CSqGSIb3DQEBCwUAA4IBAQAxltyMbQxdxNX8pi8hZAqqD7LdvvAjQDKo84Hzg63B
2m8zLCgg+gJugfVXFll6RvPCgjK2+rvhU2RafJVG6gqQeso2qfuY3ccztBVPsqUX
Qb5L79nEDkLRtfnOqsx2SSX6A2V7q+ppoym3Z011BFHn8xDsX27dEEow2q8EL4ZK
GgDJSMh1QgScqJC2FsZWW1XXBhMG2o9TkymVFiSDDU4tjTPJHRlCfD79UJK7F5Ca
8ktsEnRMzF7gKc8M1oG6qxw3msrSShL01Z88Qfk5Z+BVG2uPXUb0RfWwXHGJIA84
8vd4g4pn0v0FNvdIDd/CKSMUSWrmjhh0HCeUPz/5f/rK
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:44:09 2025 by rpki-client