Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/O_340IDSsSWfQZr6UA1o7SGSTw0.roa
File: O_340IDSsSWfQZr6UA1o7SGSTw0.roa (raw, json)
Hash identifier: aavzC0rZFxzKql55MlnjzrcU8aNX4f78gtOviBgL+s0=
Subject key identifier: 3B:FD:F8:D0:80:D2:B1:25:9F:41:9A:FA:50:0D:68:ED:21:92:4F:0D
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 018A12E2C08BDC011F6639E65D6751B3CD1B
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/O_340IDSsSWfQZr6UA1o7SGSTw0.roa
Signing time: Sun 20 Aug 2023 12:19:24 +0000
ROA not before: Sun 20 Aug 2023 12:19:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.189.244.0/23 maxlen: 24
185.189.246.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:12:e2:c0:8b:dc:01:1f:66:39:e6:5d:67:51:b3:cd:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Aug 20 12:19:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bfdf8d080d2b1259f419afa500d68ed21924f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f9:c4:db:0a:7d:18:a4:5a:74:3c:5d:83:27:
c6:fc:4b:82:5d:8f:33:81:c3:24:83:f5:54:fa:96:
47:77:a9:a3:1f:6a:4b:29:bc:78:39:a2:60:5c:90:
aa:fb:d5:62:aa:d5:dc:82:c9:45:5d:bc:3c:f8:42:
da:a3:cf:57:b1:de:12:95:4e:19:6f:a1:d8:91:7d:
74:09:34:80:70:61:a0:8d:dd:7e:80:f6:e5:ad:02:
fd:7f:11:95:e6:8a:d8:85:cf:70:6e:9b:26:13:5e:
d4:0c:08:de:2e:8c:15:d6:b0:d1:f6:f2:30:96:40:
d0:ef:40:95:e9:ef:d4:ce:1c:dc:2a:50:23:ab:0f:
4e:fd:7c:20:85:29:f1:9a:21:bd:bd:fd:12:1f:d2:
3a:df:2d:d8:52:c5:50:17:34:a2:82:9f:17:b8:8d:
9e:c3:d0:07:66:91:a4:66:8e:08:f8:13:4c:38:6b:
92:e0:e8:07:bb:a0:fa:2e:3e:11:84:2b:a2:53:35:
26:ce:9c:a7:f5:5d:59:b4:db:8c:fb:9d:cf:aa:15:
d6:c8:65:92:35:7f:5a:7c:a3:08:14:18:2a:67:69:
c3:cf:e1:5c:c8:52:ff:1b:3b:cf:6e:79:b7:7a:bb:
3e:d2:fa:ab:b4:ff:6e:ed:98:d1:97:45:5a:f7:26:
57:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FD:F8:D0:80:D2:B1:25:9F:41:9A:FA:50:0D:68:ED:21:92:4F:0D
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/O_340IDSsSWfQZr6UA1o7SGSTw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.244.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:3c:2b:76:6f:3a:5c:41:f2:bc:09:a6:60:17:51:bb:11:d9:
30:2f:11:a5:f4:b0:04:bb:67:7e:15:be:64:6e:b0:3c:2d:9e:
b2:c0:8c:df:7a:60:39:11:32:10:b5:3b:03:fc:d5:8f:a6:98:
78:fa:b6:34:fb:08:50:3f:f4:47:8b:ca:0e:af:d8:ea:99:08:
da:7e:41:30:e1:bb:7b:cd:4c:5b:e4:f4:f4:3a:a5:88:49:f4:
b1:e2:57:1e:ec:52:b7:74:51:fa:70:85:84:b6:8b:68:c1:f0:
7f:1a:85:cb:8b:9c:a4:d4:3e:5b:a7:5d:3a:6c:ac:59:28:28:
a0:76:6f:e0:84:f2:7e:2f:70:02:09:af:cc:1e:b7:27:f2:d8:
83:83:cc:55:11:94:d5:26:53:5c:80:0a:49:7e:71:ff:3d:b3:
06:e4:62:f4:3c:2d:d6:9f:c4:a6:2d:1d:d6:d1:de:29:96:de:
67:2a:aa:63:cd:a6:20:9a:bc:82:87:d3:1f:fd:b2:4b:4f:56:
0d:58:de:58:d5:0b:e8:ac:74:79:72:69:df:61:ee:a4:dd:ba:
62:8d:60:f3:c4:f0:ef:fb:33:e4:31:74:ef:d2:e8:37:68:bf:
36:ca:01:92:70:df:e8:2a:b3:8a:8f:28:2d:7a:67:e4:72:12:
89:6e:2f:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoS4sCL3AEfZjnmXWdRs80bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjMwODIwMTIxOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmZkZjhkMDgwZDJiMTI1OWY0MTlhZmE1MDBkNjhlZDIxOTI0ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PnE2wp9GKRadDxdgyfG/EuCXY8z
gcMkg/VU+pZHd6mjH2pLKbx4OaJgXJCq+9ViqtXcgslFXbw8+ELao89Xsd4SlU4Z
b6HYkX10CTSAcGGgjd1+gPblrQL9fxGV5orYhc9wbpsmE17UDAjeLowV1rDR9vIw
lkDQ70CV6e/UzhzcKlAjqw9O/XwghSnxmiG9vf0SH9I63y3YUsVQFzSigp8XuI2e
w9AHZpGkZo4I+BNMOGuS4OgHu6D6Lj4RhCuiUzUmzpyn9V1ZtNuM+53PqhXWyGWS
NX9afKMIFBgqZ2nDz+FcyFL/GzvPbnm3ers+0vqrtP9u7ZjRl0Va9yZX7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDv9+NCA0rEln0Ga+lANaO0hkk8NMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvT18zNDBJRFNzU1dmUVpyNlVBMW83U0dTVHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub30MA0G
CSqGSIb3DQEBCwUAA4IBAQCtPCt2bzpcQfK8CaZgF1G7EdkwLxGl9LAEu2d+Fb5k
brA8LZ6ywIzfemA5ETIQtTsD/NWPpph4+rY0+whQP/RHi8oOr9jqmQjafkEw4bt7
zUxb5PT0OqWISfSx4lce7FK3dFH6cIWEtotowfB/GoXLi5yk1D5bp106bKxZKCig
dm/ghPJ+L3ACCa/MHrcn8tiDg8xVEZTVJlNcgApJfnH/PbMG5GL0PC3Wn8SmLR3W
0d4plt5nKqpjzaYgmryCh9Mf/bJLT1YNWN5Y1QvorHR5cmnfYe6k3bpijWDzxPDv
+zPkMXTv0ug3aL82ygGScN/oKrOKjygtemfkchKJbi/w
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:12:30 2025 by rpki-client