Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/CdwmjETxV0IR4_MmMB-kL7keTnQ.roa
File: CdwmjETxV0IR4_MmMB-kL7keTnQ.roa (raw, json)
Hash identifier: a24gFtYa7rKabSs3ORnP2ZjBEtr/M+tNY9YzkoMOFZc=
Subject key identifier: 09:DC:26:8C:44:F1:57:42:11:E3:F3:26:30:1F:A4:2F:B9:1E:4E:74
Certificate issuer: /CN=ff1ba40007ccdcd0930f1a2bdc4b02e29945767a
Certificate serial: 0185729EBF86528BDDC3CA42A31F9BA95B3E
Authority key identifier: FF:1B:A4:00:07:CC:DC:D0:93:0F:1A:2B:DC:4B:02:E2:99:45:76:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_xukAAfM3NCTDxor3EsC4plFdno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/CdwmjETxV0IR4_MmMB-kL7keTnQ.roa
Signing time: Mon 02 Jan 2023 13:14:44 +0000
ROA not before: Mon 02 Jan 2023 13:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50300
IP address blocks: 185.104.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:bf:86:52:8b:dd:c3:ca:42:a3:1f:9b:a9:5b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff1ba40007ccdcd0930f1a2bdc4b02e29945767a
Validity
Not Before: Jan 2 13:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09dc268c44f1574211e3f326301fa42fb91e4e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0c:0d:31:ee:4b:f0:ec:a2:60:15:eb:69:70:
21:62:4e:95:35:3a:24:f4:1c:85:bc:3a:d6:10:09:
1c:f7:16:d1:ae:8d:e1:ef:a8:4e:76:81:b8:79:06:
23:09:f1:37:7a:1b:69:a1:a8:f0:65:dc:02:52:ef:
1b:ba:f2:46:83:21:6b:c3:d8:9d:32:39:b9:d4:bf:
bd:b5:6e:c8:4d:5b:67:55:89:6e:30:bd:16:01:ef:
83:1f:59:ba:64:92:73:23:02:50:70:82:99:7f:0d:
ce:0d:44:f7:d6:c5:5f:dd:2e:af:05:0e:57:b8:b3:
fb:0a:b5:76:29:f1:08:bc:46:a9:4d:97:b7:f6:8d:
54:e1:85:e0:36:00:b0:53:70:22:79:45:6b:13:3c:
11:fe:af:f3:df:0e:7a:85:fa:14:18:9e:1e:2d:ed:
0b:4c:b4:e2:f1:31:f0:65:7d:be:45:7a:80:52:d1:
8b:aa:b3:8e:d0:38:02:70:e9:57:6a:c1:5c:88:16:
ba:18:35:40:3a:ac:6d:54:27:3d:5f:92:f1:77:5d:
30:da:73:40:81:b2:a3:79:28:f4:7a:29:31:6f:af:
5a:3c:e9:b2:ae:04:fc:74:71:be:cc:44:09:30:ab:
0a:c8:ed:ff:3f:fb:d5:8a:57:28:da:8a:b9:67:6c:
dc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DC:26:8C:44:F1:57:42:11:E3:F3:26:30:1F:A4:2F:B9:1E:4E:74
X509v3 Authority Key Identifier:
keyid:FF:1B:A4:00:07:CC:DC:D0:93:0F:1A:2B:DC:4B:02:E2:99:45:76:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_xukAAfM3NCTDxor3EsC4plFdno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/CdwmjETxV0IR4_MmMB-kL7keTnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/_xukAAfM3NCTDxor3EsC4plFdno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.136.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:24:4e:78:66:de:46:7c:1e:67:e8:49:28:57:fb:a5:46:8a:
fa:35:b1:0a:50:b5:f6:20:80:62:99:ec:4a:16:c9:d0:f0:bc:
b6:4f:fe:44:6e:43:87:c2:23:5f:ec:11:74:68:82:f2:43:35:
38:4c:60:3a:d8:70:97:a4:3c:54:7c:75:44:cd:ca:76:75:96:
bf:63:d6:a6:0c:ee:8f:07:3f:60:03:2c:be:ef:6e:fb:d9:18:
93:0d:e7:4e:f0:83:b0:df:4f:82:3d:de:7c:66:40:4b:2f:b1:
62:b2:fe:88:1a:62:dc:1b:65:68:35:c2:d9:cf:ae:63:28:78:
4c:0d:78:6e:7b:dc:22:7c:ac:8a:9f:07:89:be:b7:64:fa:0a:
56:81:56:19:82:b4:f0:b2:33:5b:50:cb:00:5f:79:53:70:7e:
0a:52:38:27:5d:43:d2:a1:fc:17:df:17:dc:74:17:8e:27:31:
04:cc:15:8b:b6:33:9e:72:3c:07:a1:ca:f7:ae:03:eb:8c:d2:
8d:cc:5e:e3:b7:07:47:45:4b:76:6e:c0:9d:4a:cc:e7:0f:e3:
04:50:0d:3a:7f:a3:67:cf:7d:4a:59:12:4c:7c:49:d3:63:a3:
46:a7:41:a5:9d:c5:e0:e4:7a:5c:62:c2:92:ea:3c:5f:89:d9:
b5:7c:32:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynr+GUovdw8pCox+bqVs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMWJhNDAwMDdjY2RjZDA5MzBmMWEyYmRjNGIwMmUyOTk0
NTc2N2EwHhcNMjMwMTAyMTMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWRjMjY4YzQ0ZjE1NzQyMTFlM2YzMjYzMDFmYTQyZmI5MWU0ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwwNMe5L8OyiYBXraXAhYk6VNTok
9ByFvDrWEAkc9xbRro3h76hOdoG4eQYjCfE3ehtpoajwZdwCUu8buvJGgyFrw9id
Mjm51L+9tW7ITVtnVYluML0WAe+DH1m6ZJJzIwJQcIKZfw3ODUT31sVf3S6vBQ5X
uLP7CrV2KfEIvEapTZe39o1U4YXgNgCwU3AieUVrEzwR/q/z3w56hfoUGJ4eLe0L
TLTi8THwZX2+RXqAUtGLqrOO0DgCcOlXasFciBa6GDVAOqxtVCc9X5Lxd10w2nNA
gbKjeSj0eikxb69aPOmyrgT8dHG+zEQJMKsKyO3/P/vVilco2oq5Z2zcQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAncJoxE8VdCEePzJjAfpC+5Hk50MB8GA1UdIwQY
MBaAFP8bpAAHzNzQkw8aK9xLAuKZRXZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3h1a0FBZk0zTkNURHhvcjNFc0M0cGxGZG5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wNjA3MjAtNzMyMC00OWI1LTg5YWIt
OGQyYTY1M2JhOTk5LzEvQ2R3bWpFVHhWMElSNF9NbU1CLWtMN2tlVG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wNjA3MjAtNzMyMC00OWI1LTg5YWItOGQyYTY1M2JhOTk5
LzEvX3h1a0FBZk0zTkNURHhvcjNFc0M0cGxGZG5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWiIMA0G
CSqGSIb3DQEBCwUAA4IBAQCbJE54Zt5GfB5n6EkoV/ulRor6NbEKULX2IIBimexK
FsnQ8Ly2T/5EbkOHwiNf7BF0aILyQzU4TGA62HCXpDxUfHVEzcp2dZa/Y9amDO6P
Bz9gAyy+72772RiTDedO8IOw30+CPd58ZkBLL7Fisv6IGmLcG2VoNcLZz65jKHhM
DXhue9wifKyKnweJvrdk+gpWgVYZgrTwsjNbUMsAX3lTcH4KUjgnXUPSofwX3xfc
dBeOJzEEzBWLtjOecjwHocr3rgPrjNKNzF7jtwdHRUt2bsCdSsznD+MEUA06f6Nn
z31KWRJMfEnTY6NGp0GlncXg5HpcYsKS6jxfidm1fDKx
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:19:47 2025 by rpki-client