Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/DUi8vwNEHXu5AcRVtLqDFvNv1TU.roa
File: DUi8vwNEHXu5AcRVtLqDFvNv1TU.roa (raw, json)
Hash identifier: 0ahMsIB8JSy26hd6kO7sH6iTb8l6YqPSLfOT1Y/zeSw=
Subject key identifier: 0D:48:BC:BF:03:44:1D:7B:B9:01:C4:55:B4:BA:83:16:F3:6F:D5:35
Certificate issuer: /CN=09f93d62beb75bb4232dcd052d270276d36f8573
Certificate serial: 0186F2EEE2C7B6C5B37A75E6EB14B1C4879F
Authority key identifier: 09:F9:3D:62:BE:B7:5B:B4:23:2D:CD:05:2D:27:02:76:D3:6F:85:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfk9Yr63W7QjLc0FLScCdtNvhXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/DUi8vwNEHXu5AcRVtLqDFvNv1TU.roa
Signing time: Sat 18 Mar 2023 04:16:27 +0000
ROA not before: Sat 18 Mar 2023 04:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20860
IP address blocks: 185.141.192.0/24 maxlen: 24
2a04:ac0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f2:ee:e2:c7:b6:c5:b3:7a:75:e6:eb:14:b1:c4:87:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f93d62beb75bb4232dcd052d270276d36f8573
Validity
Not Before: Mar 18 04:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d48bcbf03441d7bb901c455b4ba8316f36fd535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cb:30:44:60:73:4b:66:b1:9d:97:cc:ef:12:
ce:14:4a:ea:23:91:1c:ee:37:8d:3c:39:6e:ec:70:
f2:13:bb:bd:99:6a:70:10:8f:e5:f6:b8:dd:c0:28:
15:b4:8d:8e:f4:b6:76:8e:cc:b9:84:04:fc:44:7d:
15:7e:ae:8d:84:ea:0b:f4:1d:ec:47:a7:52:9c:f4:
5c:25:06:80:35:e8:5f:d5:87:14:f4:7a:b6:a3:96:
be:15:be:e2:50:42:dd:aa:b6:a6:9c:ad:c1:41:9b:
69:f0:44:a3:b0:95:df:e6:6c:5e:8e:4a:84:52:2b:
40:d9:3f:83:60:22:40:10:88:fb:84:21:0e:b0:5e:
91:64:91:bc:51:92:39:a5:0e:f6:aa:c0:c7:ec:98:
da:4a:f3:0f:38:16:15:2c:b9:32:31:0e:47:09:34:
b9:ae:f4:f5:75:90:c2:41:38:6a:9d:fb:87:76:6a:
d2:e2:8d:36:7d:29:b1:1d:7d:2f:bd:79:36:18:6a:
e2:af:97:5c:b9:b3:34:ae:e0:77:fd:cc:82:93:09:
37:74:a3:98:b2:36:bf:0c:47:1c:3f:4f:65:cf:79:
6c:9c:a5:2d:d3:a2:1c:f4:73:72:45:6e:b9:89:80:
93:71:5e:77:81:6c:27:de:9c:52:1d:c0:fb:32:fb:
86:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:48:BC:BF:03:44:1D:7B:B9:01:C4:55:B4:BA:83:16:F3:6F:D5:35
X509v3 Authority Key Identifier:
keyid:09:F9:3D:62:BE:B7:5B:B4:23:2D:CD:05:2D:27:02:76:D3:6F:85:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfk9Yr63W7QjLc0FLScCdtNvhXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/DUi8vwNEHXu5AcRVtLqDFvNv1TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/Cfk9Yr63W7QjLc0FLScCdtNvhXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.192.0/24
IPv6:
2a04:ac0:1::/48
Signature Algorithm: sha256WithRSAEncryption
43:1e:92:eb:78:9c:fc:f9:a4:f3:02:a4:d3:33:e1:e9:55:27:
ec:50:f7:26:53:0a:ae:d8:c9:c8:33:b9:15:08:fc:30:91:a6:
10:d1:4f:0c:61:04:4b:da:31:ee:ce:a8:29:ce:83:ce:d5:ad:
71:e8:4e:29:4f:9e:2d:e8:f3:ae:84:f4:f2:cc:44:de:7a:92:
81:1d:15:a6:90:56:c8:44:71:3c:6a:17:90:ac:c4:c5:7f:78:
1b:65:af:49:4e:36:6f:35:dd:04:d7:63:cf:d4:43:cc:90:d1:
d9:3a:cc:3f:ad:2f:6a:93:01:4a:62:b1:78:75:01:b6:b8:37:
12:3f:d7:14:24:8b:ed:30:1e:5d:4c:90:2b:fc:9d:69:f8:08:
bc:0b:c6:12:8e:ad:d0:e7:95:6c:a2:01:36:60:cd:b9:f0:e5:
88:b0:c3:44:68:55:07:ec:6f:d4:d7:ba:38:49:47:ec:3a:a2:
6e:14:19:f3:1e:9a:fe:f7:55:5d:f4:61:0b:f1:2e:8d:3f:3c:
dc:7e:b5:39:09:1b:53:54:c4:e7:33:eb:64:ee:68:c7:c9:fa:
fa:f9:97:b1:28:a4:cb:c8:3b:ea:5c:95:b1:f2:22:cd:8c:5a:
3c:df:9b:b3:88:15:7f:8b:32:f1:aa:91:2a:bc:80:89:5c:42:
26:48:3a:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYby7uLHtsWzenXm6xSxxIefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjkzZDYyYmViNzViYjQyMzJkY2QwNTJkMjcwMjc2ZDM2
Zjg1NzMwHhcNMjMwMzE4MDQxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ4YmNiZjAzNDQxZDdiYjkwMWM0NTViNGJhODMxNmYzNmZkNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncswRGBzS2axnZfM7xLOFErqI5Ec
7jeNPDlu7HDyE7u9mWpwEI/l9rjdwCgVtI2O9LZ2jsy5hAT8RH0Vfq6NhOoL9B3s
R6dSnPRcJQaANehf1YcU9Hq2o5a+Fb7iUELdqramnK3BQZtp8ESjsJXf5mxejkqE
UitA2T+DYCJAEIj7hCEOsF6RZJG8UZI5pQ72qsDH7JjaSvMPOBYVLLkyMQ5HCTS5
rvT1dZDCQThqnfuHdmrS4o02fSmxHX0vvXk2GGrir5dcubM0ruB3/cyCkwk3dKOY
sja/DEccP09lz3lsnKUt06Ic9HNyRW65iYCTcV53gWwn3pxSHcD7MvuGYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA1IvL8DRB17uQHEVbS6gxbzb9U1MB8GA1UdIwQY
MBaAFAn5PWK+t1u0Iy3NBS0nAnbTb4VzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZrOVlyNjNXN1FqTGMwRkxTY0NkdE52aFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83MDVhYWQtNTliMi00NzRlLWEzZDgt
YmYzNGQwMWY4YjBhLzEvRFVpOHZ3TkVIWHU1QWNSVnRMcURGdk52MVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83MDVhYWQtNTliMi00NzRlLWEzZDgtYmYzNGQwMWY4YjBh
LzEvQ2ZrOVlyNjNXN1FqTGMwRkxTY0NkdE52aFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuY3AMA8E
AgACMAkDBwAqBArAAAEwDQYJKoZIhvcNAQELBQADggEBAEMekut4nPz5pPMCpNMz
4elVJ+xQ9yZTCq7YycgzuRUI/DCRphDRTwxhBEvaMe7OqCnOg87VrXHoTilPni3o
866E9PLMRN56koEdFaaQVshEcTxqF5CsxMV/eBtlr0lONm813QTXY8/UQ8yQ0dk6
zD+tL2qTAUpisXh1Aba4NxI/1xQki+0wHl1MkCv8nWn4CLwLxhKOrdDnlWyiATZg
zbnw5Yiww0RoVQfsb9TXujhJR+w6om4UGfMemv73VV30YQvxLo0/PNx+tTkJG1NU
xOcz62TuaMfJ+vr5l7EopMvIO+pclbHyIs2MWjzfm7OIFX+LMvGqkSq8gIlcQiZI
Oks=
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:01:26 2025 by rpki-client