Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/4c_9bEtB2g0DHjUNx8shlC2dui0.roa
File: 4c_9bEtB2g0DHjUNx8shlC2dui0.roa (raw, json)
Hash identifier: RybCo65wp08kJc+5x4+faurAOTqqGPdTfZ747fSqZ4E=
Subject key identifier: E1:CF:FD:6C:4B:41:DA:0D:03:1E:35:0D:C7:CB:21:94:2D:9D:BA:2D
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 018924E899C685E84FEFD99EB59F6D07F9CA
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/4c_9bEtB2g0DHjUNx8shlC2dui0.roa
Signing time: Wed 05 Jul 2023 07:16:10 +0000
ROA not before: Wed 05 Jul 2023 07:16:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208935
IP address blocks: 185.189.244.0/24 maxlen: 24
194.104.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:24:e8:99:c6:85:e8:4f:ef:d9:9e:b5:9f:6d:07:f9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Jul 5 07:16:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1cffd6c4b41da0d031e350dc7cb21942d9dba2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cf:a7:9d:38:8f:c1:60:ef:19:8a:73:b3:68:
26:1a:84:c4:58:b1:a4:f9:df:b1:3b:1e:58:14:72:
11:c5:0f:7e:b8:f5:83:2e:fd:cb:5d:8f:53:f1:16:
30:0f:b8:d8:72:c6:b0:8a:93:f1:b4:02:48:1f:49:
51:44:28:12:62:eb:a7:f3:04:19:e2:b6:3e:dc:de:
87:1c:10:5c:c8:bf:6c:16:e6:3a:7f:13:24:00:2e:
2d:94:ed:69:67:c5:16:29:1f:ac:a2:4c:6a:ff:b1:
1a:c5:4a:95:16:8c:4d:d2:f5:50:fa:73:3c:5b:bc:
7c:a5:39:93:0e:fe:1d:a5:76:00:c7:61:ba:14:13:
4a:d4:c2:ad:31:a4:e5:e6:ce:a3:a4:11:7f:ec:9b:
74:e3:18:70:8b:7b:67:47:85:94:ce:87:ce:cd:71:
c4:e8:82:0d:f8:87:a4:ed:f9:0e:59:13:b0:33:88:
f5:f4:3d:2e:24:15:23:0b:2a:25:6e:42:b9:bb:df:
d6:db:e8:d1:71:85:14:57:c9:2e:9e:a3:58:47:e2:
47:d3:7c:35:b3:81:0b:04:8c:99:3f:7d:28:78:d8:
a5:73:45:4f:f0:6e:82:64:2d:e4:80:76:6d:df:5f:
c9:11:a4:d6:06:78:19:aa:19:31:53:39:69:af:5a:
6b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CF:FD:6C:4B:41:DA:0D:03:1E:35:0D:C7:CB:21:94:2D:9D:BA:2D
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/4c_9bEtB2g0DHjUNx8shlC2dui0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.244.0/24
194.104.138.0/24
Signature Algorithm: sha256WithRSAEncryption
63:69:be:ca:ac:9d:80:ef:29:01:f3:ef:2d:fa:cf:a4:05:eb:
8d:45:68:79:b1:1a:6e:9f:da:53:df:bf:45:a2:c4:77:08:43:
0a:c5:78:eb:8d:70:3c:98:7e:59:96:23:60:42:81:2d:04:c8:
9a:fe:ed:9d:03:d4:b0:4d:0a:fa:dd:28:fe:63:bc:bc:52:2b:
0b:ec:56:bf:e5:16:df:44:4c:2e:ec:0a:43:7a:d5:ba:96:13:
ac:c1:6b:d1:e9:7e:76:d4:97:6e:66:62:0e:8a:20:a8:ee:d3:
23:8f:5b:fe:96:e4:40:d9:65:86:78:37:6f:a0:aa:b5:77:65:
1a:54:60:b8:8c:8a:08:e7:93:ad:d0:7a:7a:55:af:02:61:97:
a8:19:db:2c:1d:aa:61:ab:58:5f:ea:b1:79:66:73:e8:be:63:
1e:97:77:c0:3d:a5:e7:c6:ee:75:da:36:6f:75:29:9d:85:2d:
19:1f:51:8f:c3:d1:3d:b9:0a:98:9a:e7:b6:bd:8c:11:ad:24:
29:62:09:86:19:0b:fd:14:7a:50:55:8d:28:df:6e:aa:c4:86:
70:4c:9d:7b:bb:81:38:3d:f0:cc:0a:c1:ac:4c:1d:a3:83:70:
90:b0:e3:28:1a:d3:2a:96:34:e6:38:f9:7a:d9:41:0e:24:89:
7d:b8:79:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkk6JnGhehP79metZ9tB/nKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjMwNzA1MDcxNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWNmZmQ2YzRiNDFkYTBkMDMxZTM1MGRjN2NiMjE5NDJkOWRiYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAls+nnTiPwWDvGYpzs2gmGoTEWLGk
+d+xOx5YFHIRxQ9+uPWDLv3LXY9T8RYwD7jYcsawipPxtAJIH0lRRCgSYuun8wQZ
4rY+3N6HHBBcyL9sFuY6fxMkAC4tlO1pZ8UWKR+sokxq/7EaxUqVFoxN0vVQ+nM8
W7x8pTmTDv4dpXYAx2G6FBNK1MKtMaTl5s6jpBF/7Jt04xhwi3tnR4WUzofOzXHE
6IIN+Iek7fkOWROwM4j19D0uJBUjCyolbkK5u9/W2+jRcYUUV8kunqNYR+JH03w1
s4ELBIyZP30oeNilc0VP8G6CZC3kgHZt31/JEaTWBngZqhkxUzlpr1prBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOHP/WxLQdoNAx41DcfLIZQtnbotMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvNGNfOWJFdEIyZzBESGpVTng4c2hsQzJkdWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAub30AwQA
wmiKMA0GCSqGSIb3DQEBCwUAA4IBAQBjab7KrJ2A7ykB8+8t+s+kBeuNRWh5sRpu
n9pT379FosR3CEMKxXjrjXA8mH5ZliNgQoEtBMia/u2dA9SwTQr63Sj+Y7y8UisL
7Fa/5RbfREwu7ApDetW6lhOswWvR6X521JduZmIOiiCo7tMjj1v+luRA2WWGeDdv
oKq1d2UaVGC4jIoI55Ot0Hp6Va8CYZeoGdssHaphq1hf6rF5ZnPovmMel3fAPaXn
xu512jZvdSmdhS0ZH1GPw9E9uQqYmue2vYwRrSQpYgmGGQv9FHpQVY0o326qxIZw
TJ17u4E4PfDMCsGsTB2jg3CQsOMoGtMqljTmOPl62UEOJIl9uHle
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:15 2025 by rpki-client