Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/K_5rM7DEADmvSgSREjmJnawsyYQ.roa
File: K_5rM7DEADmvSgSREjmJnawsyYQ.roa (raw, json)
Hash identifier: StrQce4hzmsSJveu/iQtJU9tVKEHiuUbhsP7Qa13wvw=
Subject key identifier: 2B:FE:6B:33:B0:C4:00:39:AF:4A:04:91:12:39:89:9D:AC:2C:C9:84
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 0188318F4A09D54F5DA701AF04C205333F56
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/K_5rM7DEADmvSgSREjmJnawsyYQ.roa
Signing time: Fri 19 May 2023 01:10:54 +0000
ROA not before: Fri 19 May 2023 01:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.189.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:31:8f:4a:09:d5:4f:5d:a7:01:af:04:c2:05:33:3f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: May 19 01:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bfe6b33b0c40039af4a04911239899dac2cc984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:12:c0:58:f4:ea:b9:72:76:47:6b:2d:25:28:
80:bb:bd:51:59:87:7a:6e:9f:1f:a1:e8:6e:6e:12:
bc:da:15:75:48:a0:4e:e6:0c:f0:09:8b:c7:1d:3a:
97:22:e2:0f:3c:61:d2:d4:ef:03:6f:43:6e:6a:84:
2d:37:3a:29:1f:2b:31:2e:d9:19:85:60:88:c5:be:
a4:58:f8:79:f8:aa:3e:ab:a3:a6:b5:ab:70:f3:ab:
cd:e1:d4:78:82:ff:c8:92:49:70:ee:6f:4e:40:ef:
2a:ae:4c:02:88:d3:40:a1:e8:32:b4:b6:dd:0d:9a:
ca:46:ca:50:74:8c:24:f3:9b:4a:e0:2e:eb:35:10:
81:19:f2:cb:e8:58:3e:ff:6e:09:14:85:69:05:90:
f5:63:ae:60:6f:cd:cf:52:ee:fa:50:bf:8e:52:c8:
98:12:7e:a8:45:13:19:46:f7:da:2f:16:11:7b:b6:
14:b1:a8:eb:bf:0c:0e:0b:ea:1b:96:7d:80:f5:93:
15:01:cd:d9:cd:01:ab:2e:e8:e7:d8:45:5f:fb:7c:
3a:d2:d3:d9:3c:57:99:3c:e5:cb:e7:c0:1f:b5:51:
e8:c6:8c:1e:c8:4a:a4:7c:1c:39:35:06:ac:44:42:
d6:84:31:d0:48:00:ae:29:65:a8:d6:1c:50:fc:05:
c5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FE:6B:33:B0:C4:00:39:AF:4A:04:91:12:39:89:9D:AC:2C:C9:84
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/K_5rM7DEADmvSgSREjmJnawsyYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.244.0/24
Signature Algorithm: sha256WithRSAEncryption
26:22:86:40:7d:db:3f:02:9c:94:25:75:b2:60:24:38:e3:74:
87:24:e1:6d:07:24:cc:be:3f:c7:9f:ae:d7:36:31:25:79:a9:
5c:e8:0e:99:c7:08:53:67:c4:4c:88:ce:1f:41:0e:79:95:76:
c1:29:24:a7:d0:50:b5:0a:ed:88:2f:54:0b:3d:2b:c7:39:9d:
39:62:82:9d:34:78:5a:21:8a:c4:8c:40:c4:25:6d:62:4b:f0:
4e:a2:fb:4c:eb:4f:e3:6f:a9:d3:ea:09:88:1d:36:54:5b:ea:
33:16:ff:d3:d4:28:17:78:37:dd:96:69:c3:d7:3f:dc:bc:9b:
a2:4a:d2:48:28:03:5f:c3:6d:5e:81:e3:a3:9e:08:2c:93:63:
85:0c:06:bf:51:b1:df:6f:8a:22:01:fa:dc:ed:80:e8:db:18:
8e:0e:b3:2f:e0:7d:f7:e9:ff:6d:f3:c7:97:8c:c9:ac:d5:c1:
2c:e3:0a:51:40:51:3d:28:c0:7a:04:40:b9:d6:e3:cb:c8:0e:
7c:22:e4:9a:ea:d7:d4:a2:f6:bb:1e:3e:bf:7e:0b:fe:f4:ad:
80:ab:ba:42:d0:79:92:5e:50:87:1f:13:67:35:52:f5:ee:1a:
57:b2:48:38:4f:9b:d6:b8:04:75:5c:45:4b:b0:c6:e2:82:65:
e1:ff:b5:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgxj0oJ1U9dpwGvBMIFMz9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjMwNTE5MDExMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZlNmIzM2IwYzQwMDM5YWY0YTA0OTExMjM5ODk5ZGFjMmNjOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghLAWPTquXJ2R2stJSiAu71RWYd6
bp8foehubhK82hV1SKBO5gzwCYvHHTqXIuIPPGHS1O8Db0NuaoQtNzopHysxLtkZ
hWCIxb6kWPh5+Ko+q6Omtatw86vN4dR4gv/Ikklw7m9OQO8qrkwCiNNAoegytLbd
DZrKRspQdIwk85tK4C7rNRCBGfLL6Fg+/24JFIVpBZD1Y65gb83PUu76UL+OUsiY
En6oRRMZRvfaLxYRe7YUsajrvwwOC+obln2A9ZMVAc3ZzQGrLujn2EVf+3w60tPZ
PFeZPOXL58AftVHoxoweyEqkfBw5NQasRELWhDHQSACuKWWo1hxQ/AXFIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCv+azOwxAA5r0oEkRI5iZ2sLMmEMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvS181ck03REVBRG12U2dTUkVqbUpuYXdzeVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub30MA0G
CSqGSIb3DQEBCwUAA4IBAQAmIoZAfds/ApyUJXWyYCQ443SHJOFtByTMvj/Hn67X
NjElealc6A6ZxwhTZ8RMiM4fQQ55lXbBKSSn0FC1Cu2IL1QLPSvHOZ05YoKdNHha
IYrEjEDEJW1iS/BOovtM60/jb6nT6gmIHTZUW+ozFv/T1CgXeDfdlmnD1z/cvJui
StJIKANfw21egeOjnggsk2OFDAa/UbHfb4oiAfrc7YDo2xiODrMv4H336f9t88eX
jMms1cEs4wpRQFE9KMB6BEC51uPLyA58IuSa6tfUova7Hj6/fgv+9K2Aq7pC0HmS
XlCHHxNnNVL17hpXskg4T5vWuAR1XEVLsMbigmXh/7Ud
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:25:20 2025 by rpki-client