Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/v29XaZDYtgsapdAIj4gK31VUxLY.roa
File: v29XaZDYtgsapdAIj4gK31VUxLY.roa (raw, json)
Hash identifier: ZoDi0DmHjizG6YTYPm2m05M91KiBM6MyiBsmEVstWiY=
Subject key identifier: BF:6F:57:69:90:D8:B6:0B:1A:A5:D0:08:8F:88:0A:DF:55:54:C4:B6
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01856F42DB4989139D16DF0361F64FA63E18
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/v29XaZDYtgsapdAIj4gK31VUxLY.roa
Signing time: Sun 01 Jan 2023 21:35:30 +0000
ROA not before: Sun 01 Jan 2023 21:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48551
IP address blocks: 185.221.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:db:49:89:13:9d:16:df:03:61:f6:4f:a6:3e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 21:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf6f576990d8b60b1aa5d0088f880adf5554c4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:32:03:d0:9f:ce:f0:f1:6d:f1:47:24:59:
b7:e4:36:ba:2d:60:2c:bf:d9:65:3a:79:24:94:f6:
ef:6a:a8:ec:2f:f2:d9:df:0d:89:d9:57:f2:9d:be:
67:5b:e1:57:20:b2:7e:8c:8c:e4:d4:db:06:7c:c8:
40:d3:9b:66:de:10:d6:d2:83:cf:f4:d4:2a:4e:2a:
dc:4c:f9:dc:be:78:77:16:e0:bc:e4:24:4b:dc:07:
4d:a4:c0:3b:e1:d7:70:b3:a7:12:5f:9f:37:27:a8:
48:64:74:ae:6f:bb:88:64:57:00:d2:13:b5:2d:d8:
da:20:05:c4:2b:b7:e4:14:0d:26:2b:6f:38:79:2e:
05:a1:f9:bc:b2:91:bd:b4:fa:f7:8f:17:e8:16:51:
c9:29:7e:4c:28:d5:db:f3:fb:96:e7:2b:22:d6:a3:
0a:a3:2f:af:6c:55:e6:17:80:3f:4b:f0:aa:8d:1d:
82:b9:77:a1:ee:c5:21:d6:81:a4:c8:23:12:49:9f:
61:7b:f9:13:47:0b:ae:90:c3:cb:fe:14:0e:6d:66:
db:57:fd:09:df:88:0e:32:5e:7b:35:c2:bc:11:8f:
83:b8:bd:76:24:04:33:01:f4:6b:6e:67:81:c7:b2:
83:5e:f2:9c:33:c9:75:0f:8b:71:c1:4e:bd:80:71:
57:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:6F:57:69:90:D8:B6:0B:1A:A5:D0:08:8F:88:0A:DF:55:54:C4:B6
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/v29XaZDYtgsapdAIj4gK31VUxLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.239.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:0b:f1:5e:8e:fa:e9:8f:23:f1:df:a0:b8:17:ba:d2:f8:cc:
17:82:a9:b9:cc:1c:24:55:d5:0b:8d:de:c8:7d:e2:54:e1:b0:
fe:35:d6:8a:e0:c1:fa:8e:e7:11:b2:cf:ee:ee:32:db:15:d9:
99:15:93:16:da:fc:89:04:5d:d1:21:f2:3c:07:94:c8:d6:6f:
7e:ad:1a:41:dc:d5:c3:fe:c8:03:b1:a9:16:36:2f:38:54:39:
a9:01:b5:5e:10:a0:bf:fb:49:ed:17:88:7b:2f:32:20:b6:9c:
c5:66:3c:c7:77:07:06:f7:61:6c:20:f0:16:67:10:d1:81:f4:
9a:a5:7a:97:80:ed:68:41:2f:cb:ad:3d:b6:6d:11:d2:d8:65:
52:c0:0a:f7:99:a1:c9:92:ab:9d:1c:0c:17:79:86:56:ec:b6:
68:7b:c0:b8:c2:32:b5:b8:0e:7b:cc:2f:06:41:a8:b5:19:6f:
1a:0e:9c:82:f2:7e:7e:51:24:4a:03:d2:58:b7:86:fb:6c:85:
8e:c2:6d:29:44:8d:a2:71:5b:23:09:e1:00:e0:63:ac:4c:9f:
2f:ee:a3:7e:78:1d:f6:84:96:ae:b7:43:f9:8f:0a:bd:f0:e5:
d7:10:cf:55:bc:a7:59:7d:e4:7f:b7:db:f8:e3:11:af:d5:2c:
70:b5:c9:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQttJiROdFt8DYfZPpj4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjZmNTc2OTkwZDhiNjBiMWFhNWQwMDg4Zjg4MGFkZjU1NTRjNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS8yA9CfzvDxbfFHJFm35Da6LWAs
v9llOnkklPbvaqjsL/LZ3w2J2Vfynb5nW+FXILJ+jIzk1NsGfMhA05tm3hDW0oPP
9NQqTircTPncvnh3FuC85CRL3AdNpMA74ddws6cSX583J6hIZHSub7uIZFcA0hO1
LdjaIAXEK7fkFA0mK284eS4Fofm8spG9tPr3jxfoFlHJKX5MKNXb8/uW5ysi1qMK
oy+vbFXmF4A/S/CqjR2CuXeh7sUh1oGkyCMSSZ9he/kTRwuukMPL/hQObWbbV/0J
34gOMl57NcK8EY+DuL12JAQzAfRrbmeBx7KDXvKcM8l1D4txwU69gHFXKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9vV2mQ2LYLGqXQCI+ICt9VVMS2MB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvdjI5WGFaRFl0Z3NhcGRBSWo0Z0szMVZVeExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud3vMA0G
CSqGSIb3DQEBCwUAA4IBAQAfC/FejvrpjyPx36C4F7rS+MwXgqm5zBwkVdULjd7I
feJU4bD+NdaK4MH6jucRss/u7jLbFdmZFZMW2vyJBF3RIfI8B5TI1m9+rRpB3NXD
/sgDsakWNi84VDmpAbVeEKC/+0ntF4h7LzIgtpzFZjzHdwcG92FsIPAWZxDRgfSa
pXqXgO1oQS/LrT22bRHS2GVSwAr3maHJkqudHAwXeYZW7LZoe8C4wjK1uA57zC8G
Qai1GW8aDpyC8n5+USRKA9JYt4b7bIWOwm0pRI2icVsjCeEA4GOsTJ8v7qN+eB32
hJaut0P5jwq98OXXEM9VvKdZfeR/t9v44xGv1SxwtckQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:35:46 2025 by rpki-client