Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/4cc115-af65-4913-9d69-1c35b839379b/1/mdL1H24Zjl7IEFsf_gNox45u0so.roa
File: mdL1H24Zjl7IEFsf_gNox45u0so.roa (raw, json)
Hash identifier: pUvnoCEUunjHQeU4kR5zHxHJcRbdprND/n3BYxd9gpo=
Subject key identifier: 99:D2:F5:1F:6E:19:8E:5E:C8:10:5B:1F:FE:03:68:C7:8E:6E:D2:CA
Certificate issuer: /CN=2f2b26c552563006213cfe4814a9dc2a0fc16f43
Certificate serial: 018907215D24D57691BE083D2E4B97864308
Authority key identifier: 2F:2B:26:C5:52:56:30:06:21:3C:FE:48:14:A9:DC:2A:0F:C1:6F:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LysmxVJWMAYhPP5IFKncKg_Bb0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/4cc115-af65-4913-9d69-1c35b839379b/1/mdL1H24Zjl7IEFsf_gNox45u0so.roa
Signing time: Thu 29 Jun 2023 12:29:34 +0000
ROA not before: Thu 29 Jun 2023 12:29:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 185.131.204.0/24 maxlen: 24
2a12:bfc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:07:21:5d:24:d5:76:91:be:08:3d:2e:4b:97:86:43:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f2b26c552563006213cfe4814a9dc2a0fc16f43
Validity
Not Before: Jun 29 12:29:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99d2f51f6e198e5ec8105b1ffe0368c78e6ed2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:18:51:43:45:b9:7c:1d:a0:0c:7f:dd:be:d9:
7d:59:c1:18:ad:ed:5d:e6:b2:99:30:fe:56:93:dd:
08:76:d5:77:9a:bf:2e:b8:69:75:7b:de:3c:05:d5:
10:83:e7:48:5c:31:70:d7:d9:c5:ad:0b:e1:95:bd:
30:92:b8:57:76:c2:a9:14:cb:5f:8c:52:c4:22:d1:
74:4b:9a:ed:16:47:e6:b6:3a:42:3f:0d:cf:f3:15:
a2:d3:4d:8a:7e:c9:e2:b9:b0:9f:a8:78:e8:21:0c:
3a:eb:8f:55:b0:81:c8:b7:30:27:1a:6c:fc:c4:94:
e6:cb:fb:14:1b:8d:d7:b4:f5:4d:84:2b:77:d6:fe:
ce:81:39:5d:8e:db:43:11:e5:63:ce:1b:3f:91:d0:
7a:ca:29:ce:94:ac:25:5a:25:6b:d9:d6:59:00:73:
85:52:c6:99:26:cc:a7:21:46:7e:1e:63:3d:74:74:
80:39:d6:71:bb:b8:bd:ed:2b:c6:e0:ff:58:01:4d:
eb:53:e8:3a:f9:e3:23:e6:e5:df:03:eb:f7:c3:ef:
ca:88:a2:34:ba:07:95:d0:94:35:1e:0a:43:8d:b6:
d4:6c:e5:48:0b:78:ad:21:71:0f:1f:4b:44:fa:b5:
51:48:08:c7:b5:b6:90:5c:1d:6e:ce:f5:25:1f:49:
5b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D2:F5:1F:6E:19:8E:5E:C8:10:5B:1F:FE:03:68:C7:8E:6E:D2:CA
X509v3 Authority Key Identifier:
keyid:2F:2B:26:C5:52:56:30:06:21:3C:FE:48:14:A9:DC:2A:0F:C1:6F:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LysmxVJWMAYhPP5IFKncKg_Bb0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/4cc115-af65-4913-9d69-1c35b839379b/1/mdL1H24Zjl7IEFsf_gNox45u0so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/4cc115-af65-4913-9d69-1c35b839379b/1/LysmxVJWMAYhPP5IFKncKg_Bb0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.204.0/24
IPv6:
2a12:bfc0::/48
Signature Algorithm: sha256WithRSAEncryption
81:b6:92:c6:b1:c5:45:33:93:58:b3:fc:63:f2:21:5c:77:88:
e6:66:17:5e:a5:3b:e5:85:bc:60:ab:25:2c:07:56:19:a9:81:
34:9c:3f:ee:7c:cd:d3:86:dd:ae:34:52:1c:b7:ed:df:2d:a7:
ed:90:91:06:0d:32:fe:e6:e4:ac:7c:b6:c3:52:b8:9d:71:70:
e8:cb:d7:75:64:44:68:18:6a:2b:f8:13:e9:4e:b3:7c:af:2c:
a9:29:57:2a:44:fd:c7:d4:3b:7f:d8:d8:a2:0e:63:b9:1b:1e:
b8:39:bd:31:0a:e5:d0:0a:2a:fd:97:9b:29:35:d7:43:4c:37:
59:80:66:c6:22:02:c4:2e:2d:6c:fd:c0:29:28:a8:dd:75:0b:
1e:3c:5e:20:03:10:9f:de:ff:6f:bf:10:a3:c3:15:b0:ee:0d:
9c:5d:9f:a8:b8:49:5b:d6:0a:b1:46:33:68:e0:a9:7f:ef:88:
a0:f7:a5:a6:ac:7d:01:47:d6:cf:73:a4:15:03:4f:3d:ee:84:
8d:b1:3b:04:47:36:45:9a:f4:f0:9f:d1:7e:c9:ab:bb:d2:9d:
64:0d:92:43:dd:d7:a0:62:f8:f9:f7:c8:01:9b:51:32:41:a7:
1f:b0:0e:72:c3:37:e6:99:ec:f5:c6:4e:90:5e:35:a4:db:a8:
b0:90:26:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYkHIV0k1XaRvgg9LkuXhkMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMmIyNmM1NTI1NjMwMDYyMTNjZmU0ODE0YTlkYzJhMGZj
MTZmNDMwHhcNMjMwNjI5MTIyOTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQyZjUxZjZlMTk4ZTVlYzgxMDViMWZmZTAzNjhjNzhlNmVkMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRhRQ0W5fB2gDH/dvtl9WcEYre1d
5rKZMP5Wk90IdtV3mr8uuGl1e948BdUQg+dIXDFw19nFrQvhlb0wkrhXdsKpFMtf
jFLEItF0S5rtFkfmtjpCPw3P8xWi002KfsniubCfqHjoIQw6649VsIHItzAnGmz8
xJTmy/sUG43XtPVNhCt31v7OgTldjttDEeVjzhs/kdB6yinOlKwlWiVr2dZZAHOF
UsaZJsynIUZ+HmM9dHSAOdZxu7i97SvG4P9YAU3rU+g6+eMj5uXfA+v3w+/KiKI0
ugeV0JQ1HgpDjbbUbOVIC3itIXEPH0tE+rVRSAjHtbaQXB1uzvUlH0lb1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJnS9R9uGY5eyBBbH/4DaMeObtLKMB8GA1UdIwQY
MBaAFC8rJsVSVjAGITz+SBSp3CoPwW9DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHlzbXhWSldNQVloUFA1SUZLbmNLZ19CYjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80Y2MxMTUtYWY2NS00OTEzLTlkNjkt
MWMzNWI4MzkzNzliLzEvbWRMMUgyNFpqbDdJRUZzZl9nTm94NDV1MHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80Y2MxMTUtYWY2NS00OTEzLTlkNjktMWMzNWI4MzkzNzli
LzEvTHlzbXhWSldNQVloUFA1SUZLbmNLZ19CYjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYPMMA8E
AgACMAkDBwAqEr/AAAAwDQYJKoZIhvcNAQELBQADggEBAIG2ksaxxUUzk1iz/GPy
IVx3iOZmF16lO+WFvGCrJSwHVhmpgTScP+58zdOG3a40Uhy37d8tp+2QkQYNMv7m
5Kx8tsNSuJ1xcOjL13VkRGgYaiv4E+lOs3yvLKkpVypE/cfUO3/Y2KIOY7kbHrg5
vTEK5dAKKv2Xmyk110NMN1mAZsYiAsQuLWz9wCkoqN11Cx48XiADEJ/e/2+/EKPD
FbDuDZxdn6i4SVvWCrFGM2jgqX/viKD3paasfQFH1s9zpBUDTz3uhI2xOwRHNkWa
9PCf0X7Jq7vSnWQNkkPd16Bi+Pn3yAGbUTJBpx+wDnLDN+aZ7PXGTpBeNaTbqLCQ
Jtg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:47:31 2025 by rpki-client