Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/aanO-Sl6wsI8jzN6PKfybmj44C4.roa
File: aanO-Sl6wsI8jzN6PKfybmj44C4.roa (raw, json)
Hash identifier: kZeo1z6y9bGA+maNPqtbvoorGGoadmhUCoTejEIMVNk=
Subject key identifier: 69:A9:CE:F9:29:7A:C2:C2:3C:8F:33:7A:3C:A7:F2:6E:68:F8:E0:2E
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 018926A3B676ADA69FD1035E5823C3696683
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/aanO-Sl6wsI8jzN6PKfybmj44C4.roa
Signing time: Wed 05 Jul 2023 15:20:10 +0000
ROA not before: Wed 05 Jul 2023 15:20:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206483
IP address blocks: 185.185.76.0/24 maxlen: 24
5.180.188.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:a3:b6:76:ad:a6:9f:d1:03:5e:58:23:c3:69:66:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jul 5 15:20:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a9cef9297ac2c23c8f337a3ca7f26e68f8e02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ef:fa:8c:7a:6b:a6:16:c4:d3:e6:f9:6a:53:
c2:95:64:2e:98:76:11:4e:92:95:95:11:fc:7f:25:
bc:42:19:68:ce:b6:10:84:d8:57:0d:fe:b9:09:b2:
13:cd:f0:7f:74:ee:66:0c:d1:e9:0f:bc:20:89:d4:
2d:01:f0:4d:b9:3b:67:1a:81:17:d4:72:9f:95:eb:
f8:8e:6a:d6:24:30:5f:cc:b8:a3:67:81:9f:72:c7:
7e:27:2f:7b:13:c6:e9:a7:23:3f:70:0c:3f:d6:85:
24:61:f0:38:77:4d:3d:d1:b6:f0:0c:b5:0a:b0:74:
f1:40:05:64:e2:6a:13:15:12:8b:8f:b2:dc:2f:13:
be:78:53:3e:0d:70:fc:07:95:18:0a:c7:8e:b2:12:
2e:6a:c6:bb:a5:9a:01:68:be:31:a7:a4:e2:8b:fe:
56:80:fc:f3:fa:34:08:f0:e6:44:ad:e1:65:5c:a8:
b1:b8:97:a6:f9:82:21:c3:c3:da:30:8b:42:9b:0f:
6a:8e:c4:57:36:55:78:d2:2f:fc:d1:ac:4d:69:94:
bb:d2:c3:f0:5a:aa:93:fa:56:42:ad:a4:92:ea:97:
b1:f8:5c:c1:c2:16:47:5c:54:a0:56:b8:bf:87:a1:
78:7b:b0:97:34:a8:84:3c:c8:98:d5:ea:09:d2:2c:
56:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A9:CE:F9:29:7A:C2:C2:3C:8F:33:7A:3C:A7:F2:6E:68:F8:E0:2E
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/aanO-Sl6wsI8jzN6PKfybmj44C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.76.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:ae:f7:b4:71:80:a9:8c:7a:d9:2e:0a:db:40:03:7e:70:5b:
35:a2:33:87:74:30:e3:72:db:c4:5e:3e:4b:7c:df:08:68:8c:
8b:6d:2e:9f:0f:07:bb:b3:1c:9f:de:c7:e0:2f:bd:ad:e5:bc:
0b:7e:a9:9b:5e:d8:e2:95:6e:91:e5:7d:eb:42:22:38:48:c8:
09:42:56:18:92:2a:cb:04:08:49:01:38:6e:fd:f8:c5:c2:6a:
4a:6c:ab:e2:b9:17:f6:9d:3a:51:a7:1b:5e:5b:9b:21:ae:14:
71:0b:be:37:6c:64:87:34:09:d6:84:1f:cd:eb:10:6b:25:31:
48:68:00:75:7f:2a:2b:e3:e5:61:13:a4:b9:cf:d9:ad:10:b9:
40:6e:24:78:fe:3e:14:0e:16:c2:71:0c:6f:c8:a0:e3:4c:e1:
b2:70:1e:79:7d:50:05:1e:8c:f9:36:7f:5d:11:c7:14:fc:9d:
2d:57:df:0e:44:cb:41:a2:66:58:d2:46:8c:63:c2:4e:55:bc:
75:9e:2d:9e:8e:96:ab:00:6d:9b:da:37:89:d2:4f:00:2a:fd:
bc:9d:a0:c2:ae:71:ad:9a:da:ab:82:82:9e:4d:a0:54:c4:b3:
9a:49:b5:ba:4b:58:28:e0:8f:1e:11:ca:c6:a5:ab:26:56:21:
02:56:b4:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkmo7Z2raaf0QNeWCPDaWaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjMwNzA1MTUyMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE5Y2VmOTI5N2FjMmMyM2M4ZjMzN2EzY2E3ZjI2ZTY4ZjhlMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+/6jHprphbE0+b5alPClWQumHYR
TpKVlRH8fyW8QhlozrYQhNhXDf65CbITzfB/dO5mDNHpD7wgidQtAfBNuTtnGoEX
1HKflev4jmrWJDBfzLijZ4Gfcsd+Jy97E8bppyM/cAw/1oUkYfA4d0090bbwDLUK
sHTxQAVk4moTFRKLj7LcLxO+eFM+DXD8B5UYCseOshIuasa7pZoBaL4xp6Tii/5W
gPzz+jQI8OZEreFlXKixuJem+YIhw8PaMItCmw9qjsRXNlV40i/80axNaZS70sPw
WqqT+lZCraSS6pex+FzBwhZHXFSgVri/h6F4e7CXNKiEPMiY1eoJ0ixWBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGmpzvkpesLCPI8zejyn8m5o+OAuMB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvYWFuTy1TbDZ3c0k4anpONlBLZnlibWo0NEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbS8AwQA
ublMMA0GCSqGSIb3DQEBCwUAA4IBAQAMrve0cYCpjHrZLgrbQAN+cFs1ojOHdDDj
ctvEXj5LfN8IaIyLbS6fDwe7sxyf3sfgL72t5bwLfqmbXtjilW6R5X3rQiI4SMgJ
QlYYkirLBAhJAThu/fjFwmpKbKviuRf2nTpRpxteW5shrhRxC743bGSHNAnWhB/N
6xBrJTFIaAB1fyor4+VhE6S5z9mtELlAbiR4/j4UDhbCcQxvyKDjTOGycB55fVAF
Hoz5Nn9dEccU/J0tV98ORMtBomZY0kaMY8JOVbx1ni2ejparAG2b2jeJ0k8AKv28
naDCrnGtmtqrgoKeTaBUxLOaSbW6S1go4I8eEcrGpasmViECVrS1
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:04:07 2025 by rpki-client