Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/N3JMferSOf6J3dm05N6ME2sbKlY.roa
File: N3JMferSOf6J3dm05N6ME2sbKlY.roa (raw, json)
Hash identifier: qs8gp3rOtLwZy7lZqY1Rth0tZBAohuQr6cV7E9BMADc=
Subject key identifier: 37:72:4C:7D:EA:D2:39:FE:89:DD:D9:B4:E4:DE:8C:13:6B:1B:2A:56
Certificate issuer: /CN=2559e9be1fbd1e6909a0be9a90b380f824fab1a5
Certificate serial: 01856F5478ED81021A4FF67B4A1B1A6930D8
Authority key identifier: 25:59:E9:BE:1F:BD:1E:69:09:A0:BE:9A:90:B3:80:F8:24:FA:B1:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/N3JMferSOf6J3dm05N6ME2sbKlY.roa
Signing time: Sun 01 Jan 2023 21:54:44 +0000
ROA not before: Sun 01 Jan 2023 21:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 185.198.4.0/24 maxlen: 24
185.198.5.0/24 maxlen: 24
185.198.7.0/24 maxlen: 24
185.198.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:78:ed:81:02:1a:4f:f6:7b:4a:1b:1a:69:30:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2559e9be1fbd1e6909a0be9a90b380f824fab1a5
Validity
Not Before: Jan 1 21:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37724c7dead239fe89ddd9b4e4de8c136b1b2a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:33:9f:0a:be:9d:75:78:be:f1:fa:ee:46:9c:
c4:c3:44:ff:75:35:e3:03:d5:cf:57:32:0d:7a:62:
f5:2c:2b:59:2c:eb:cc:4a:d1:98:99:c3:e8:fb:52:
c0:04:e7:42:fc:1d:eb:a0:3f:9e:02:41:81:61:b1:
e6:0e:d3:d3:98:01:4d:e7:fe:a3:b8:20:99:56:6e:
fa:8a:79:02:80:4c:d7:f1:8a:01:df:c6:64:05:29:
3b:bb:f4:56:80:3b:7a:cd:ba:a6:e9:07:e0:86:3e:
ad:8c:a5:ea:73:68:5a:e9:df:ad:ef:a2:cc:3a:15:
a2:59:5d:04:0b:4e:40:60:35:11:c9:4c:c9:3a:3d:
58:87:ea:81:ad:3d:b3:57:0c:38:dd:a8:22:9c:ed:
78:f0:41:0c:07:96:c3:10:19:7f:cc:cd:46:73:4a:
76:50:62:20:5d:c5:64:df:93:2a:95:c4:67:ff:04:
85:68:a0:11:75:06:3d:4e:62:91:a8:44:7f:a0:18:
f7:56:2e:2e:a2:2f:aa:b6:dd:0a:92:e9:7c:7c:da:
2e:5b:ec:a1:36:19:f9:b3:a1:22:67:05:78:85:5e:
a2:1e:4f:71:98:07:bd:1d:99:7d:54:7b:8c:21:bc:
c5:8b:0e:0d:16:54:bb:74:ab:ad:59:5d:b1:82:1c:
f6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:72:4C:7D:EA:D2:39:FE:89:DD:D9:B4:E4:DE:8C:13:6B:1B:2A:56
X509v3 Authority Key Identifier:
keyid:25:59:E9:BE:1F:BD:1E:69:09:A0:BE:9A:90:B3:80:F8:24:FA:B1:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/N3JMferSOf6J3dm05N6ME2sbKlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/JVnpvh-9HmkJoL6akLOA-CT6saU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.4.0/22
Signature Algorithm: sha256WithRSAEncryption
88:c9:de:4f:8b:3c:9d:b1:30:d4:ef:eb:82:9b:b4:d0:a9:0d:
db:49:a1:52:e8:1e:49:ec:3a:30:8b:86:89:2a:25:e7:00:ab:
10:06:1c:df:54:24:00:0c:ab:2c:ff:d0:cd:49:54:41:c3:9d:
92:69:3c:0b:c9:fc:0e:47:d8:fb:3c:6c:e8:3c:3a:af:a4:d9:
a1:38:a4:54:52:c0:55:41:0a:62:10:c6:0a:74:0a:18:4c:be:
67:7b:9d:85:06:78:90:07:ae:6e:b7:8e:a1:54:86:97:bf:36:
24:04:71:a2:09:e9:02:28:2a:5a:24:33:f9:62:48:b5:42:d9:
9a:e3:9e:a7:73:03:91:ea:9f:2a:01:f6:3b:02:e2:23:ec:2c:
d2:70:27:99:28:3c:f2:d2:50:2d:e7:ce:9c:eb:f7:3b:82:d5:
01:45:cb:f2:a3:37:f4:7f:7f:d2:27:bd:10:57:cc:b1:a4:75:
7a:39:f8:38:16:e4:7f:f2:ee:56:90:07:5f:55:7e:9a:43:50:
9e:6a:a2:20:e7:15:c4:52:0c:95:70:91:58:9f:a2:8f:75:1d:
71:ba:03:bb:a2:34:97:ad:d7:8b:43:55:b2:a4:bb:57:3e:e2:
0a:98:b4:a9:11:4d:09:97:3d:e7:da:0c:3f:24:3f:d0:78:5e:
bb:54:c5:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVHjtgQIaT/Z7ShsaaTDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTllOWJlMWZiZDFlNjkwOWEwYmU5YTkwYjM4MGY4MjRm
YWIxYTUwHhcNMjMwMTAxMjE1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzcyNGM3ZGVhZDIzOWZlODlkZGQ5YjRlNGRlOGMxMzZiMWIyYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDOfCr6ddXi+8fruRpzEw0T/dTXj
A9XPVzINemL1LCtZLOvMStGYmcPo+1LABOdC/B3roD+eAkGBYbHmDtPTmAFN5/6j
uCCZVm76inkCgEzX8YoB38ZkBSk7u/RWgDt6zbqm6Qfghj6tjKXqc2ha6d+t76LM
OhWiWV0EC05AYDURyUzJOj1Yh+qBrT2zVww43aginO148EEMB5bDEBl/zM1Gc0p2
UGIgXcVk35MqlcRn/wSFaKARdQY9TmKRqER/oBj3Vi4uoi+qtt0Kkul8fNouW+yh
Nhn5s6EiZwV4hV6iHk9xmAe9HZl9VHuMIbzFiw4NFlS7dKutWV2xghz2dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdyTH3q0jn+id3ZtOTejBNrGypWMB8GA1UdIwQY
MBaAFCVZ6b4fvR5pCaC+mpCzgPgk+rGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZucHZoLTlIbWtKb0w2YWtMT0EtQ1Q2c2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy81ZWRkNmYtMmM2NS00NDdkLWJjYWQt
NGFhYWRhNjVkNzFjLzEvTjNKTWZlclNPZjZKM2RtMDVONk1FMnNiS2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy81ZWRkNmYtMmM2NS00NDdkLWJjYWQtNGFhYWRhNjVkNzFj
LzEvSlZucHZoLTlIbWtKb0w2YWtMT0EtQ1Q2c2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucYEMA0G
CSqGSIb3DQEBCwUAA4IBAQCIyd5PizydsTDU7+uCm7TQqQ3bSaFS6B5J7Dowi4aJ
KiXnAKsQBhzfVCQADKss/9DNSVRBw52SaTwLyfwOR9j7PGzoPDqvpNmhOKRUUsBV
QQpiEMYKdAoYTL5ne52FBniQB65ut46hVIaXvzYkBHGiCekCKCpaJDP5Yki1Qtma
456ncwOR6p8qAfY7AuIj7CzScCeZKDzy0lAt586c6/c7gtUBRcvyozf0f3/SJ70Q
V8yxpHV6Ofg4FuR/8u5WkAdfVX6aQ1CeaqIg5xXEUgyVcJFYn6KPdR1xugO7ojSX
rdeLQ1WypLtXPuIKmLSpEU0Jlz3n2gw/JD/QeF67VMVh
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:14 2025 by rpki-client