Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/IPaBj87V0wfA0pV6plFK_LJ7Ya8.roa
File: IPaBj87V0wfA0pV6plFK_LJ7Ya8.roa (raw, json)
Hash identifier: 9ne6MJmJWNSiIjapMQja5OImnQTqUzg9qJDH9Ak1bjo=
Subject key identifier: 20:F6:81:8F:CE:D5:D3:07:C0:D2:95:7A:A6:51:4A:FC:B2:7B:61:AF
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 018572B424DD02C23CF51455EEFEFE3693D9
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/IPaBj87V0wfA0pV6plFK_LJ7Ya8.roa
Signing time: Mon 02 Jan 2023 13:38:06 +0000
ROA not before: Mon 02 Jan 2023 13:38:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 185.213.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:24:dd:02:c2:3c:f5:14:55:ee:fe:fe:36:93:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Jan 2 13:38:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20f6818fced5d307c0d2957aa6514afcb27b61af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5c:9b:c5:7e:e7:35:01:8c:5c:e6:19:5b:82:
a1:0b:c9:b6:7c:4b:88:1a:54:aa:eb:7a:30:02:62:
4d:e6:ab:93:9e:06:a3:54:1b:de:bc:8b:d1:c8:80:
ab:48:9d:27:86:ea:b5:b7:f7:af:dc:0c:12:c6:dd:
da:e2:32:05:8d:68:2e:0e:35:b0:48:2c:94:73:97:
fe:85:04:db:f0:c5:be:86:2e:9d:c9:c0:bc:92:1f:
0b:00:63:74:3f:04:24:da:d1:2a:be:a2:dc:50:4b:
81:6d:8f:81:3d:96:13:53:51:43:a1:05:d3:1c:54:
b2:d5:0f:86:6d:40:87:59:7b:04:91:a7:75:32:d2:
68:82:eb:cc:43:bf:7d:ca:3f:55:9c:2c:cd:e8:1d:
91:09:3d:d2:ca:03:e2:f7:4d:33:03:d9:41:1b:4c:
9d:3d:04:49:52:e8:48:b2:d1:75:1c:83:ad:84:3f:
83:1b:d6:77:21:d8:c2:44:21:57:c1:f0:a7:23:2e:
da:60:db:59:aa:7c:5c:3f:a5:a7:a5:f0:93:ff:a6:
fb:0f:bd:93:e1:20:ee:36:b2:f2:0d:08:e6:c7:40:
ea:66:5a:c3:7d:2f:df:58:49:50:94:ba:88:e5:09:
a9:ed:83:b4:a4:ac:68:4f:0b:9e:5d:2d:43:47:df:
d3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F6:81:8F:CE:D5:D3:07:C0:D2:95:7A:A6:51:4A:FC:B2:7B:61:AF
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/IPaBj87V0wfA0pV6plFK_LJ7Ya8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.168.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:6f:4c:0e:e6:22:81:2d:0d:3c:e8:42:d7:9d:af:ee:6c:2a:
c5:b4:85:74:8d:c6:a1:ab:b5:d3:9f:51:8f:54:16:58:0e:94:
cf:69:e1:fd:96:11:e8:4e:8c:60:4b:c6:30:55:c1:82:4e:8f:
36:b0:07:86:89:62:a5:3c:5c:2a:59:da:03:68:0f:a2:62:ab:
42:4a:95:ac:12:35:2a:b2:2e:86:9e:11:c7:1a:59:fd:16:6d:
35:bb:ec:45:02:1c:ae:b8:72:7d:c6:d0:60:7f:da:d2:66:8b:
c3:b5:d9:ea:12:80:20:54:07:3f:ed:bb:e3:df:aa:f7:5d:b7:
12:b7:8c:af:24:3b:3a:c8:4d:f3:c0:02:74:fa:51:b4:79:97:
f0:28:bd:aa:47:cf:6a:35:90:e3:d3:80:0c:2e:43:29:90:cb:
b8:53:c9:27:81:e3:b1:c4:d0:6d:69:13:79:99:7c:21:13:b0:
08:9e:68:fe:9d:96:78:4d:e7:72:10:22:0a:8c:62:65:20:a9:
11:29:78:1f:24:8f:f0:81:6d:0a:ce:55:e7:fd:26:8d:e8:42:
54:2e:dd:51:9f:e2:42:c6:f3:4c:88:a4:8e:b4:21:bb:ea:2b:
f8:f4:17:dd:3c:9d:f3:67:41:64:d4:8c:d1:d2:2a:8e:eb:81:
d0:22:1f:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytCTdAsI89RRV7v7+NpPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjMwMTAyMTMzODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY2ODE4ZmNlZDVkMzA3YzBkMjk1N2FhNjUxNGFmY2IyN2I2MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylybxX7nNQGMXOYZW4KhC8m2fEuI
GlSq63owAmJN5quTngajVBvevIvRyICrSJ0nhuq1t/ev3AwSxt3a4jIFjWguDjWw
SCyUc5f+hQTb8MW+hi6dycC8kh8LAGN0PwQk2tEqvqLcUEuBbY+BPZYTU1FDoQXT
HFSy1Q+GbUCHWXsEkad1MtJoguvMQ799yj9VnCzN6B2RCT3SygPi900zA9lBG0yd
PQRJUuhIstF1HIOthD+DG9Z3IdjCRCFXwfCnIy7aYNtZqnxcP6WnpfCT/6b7D72T
4SDuNrLyDQjmx0DqZlrDfS/fWElQlLqI5Qmp7YO0pKxoTwueXS1DR9/TcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCD2gY/O1dMHwNKVeqZRSvyye2GvMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvSVBhQmo4N1Ywd2ZBMHBWNnBsRktfTEo3WWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudWoMA0G
CSqGSIb3DQEBCwUAA4IBAQB6b0wO5iKBLQ086ELXna/ubCrFtIV0jcahq7XTn1GP
VBZYDpTPaeH9lhHoToxgS8YwVcGCTo82sAeGiWKlPFwqWdoDaA+iYqtCSpWsEjUq
si6GnhHHGln9Fm01u+xFAhyuuHJ9xtBgf9rSZovDtdnqEoAgVAc/7bvj36r3XbcS
t4yvJDs6yE3zwAJ0+lG0eZfwKL2qR89qNZDj04AMLkMpkMu4U8kngeOxxNBtaRN5
mXwhE7AInmj+nZZ4TedyECIKjGJlIKkRKXgfJI/wgW0KzlXn/SaN6EJULt1Rn+JC
xvNMiKSOtCG76iv49BfdPJ3zZ0Fk1IzR0iqO64HQIh+2
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:13 2025 by rpki-client