Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/rmhZsF8IX3V6gm80A9GpmANnfes.roa
File: rmhZsF8IX3V6gm80A9GpmANnfes.roa (raw, json)
Hash identifier: 0S37I6mDScoxSQVlXRc4jqvjsg2v2M8WtVF+xNDFLXw=
Subject key identifier: AE:68:59:B0:5F:08:5F:75:7A:82:6F:34:03:D1:A9:98:03:67:7D:EB
Certificate issuer: /CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Certificate serial: 018571BA2C68000F81A93358BE2ABEBBB31A
Authority key identifier: 32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/rmhZsF8IX3V6gm80A9GpmANnfes.roa
Signing time: Mon 02 Jan 2023 09:05:04 +0000
ROA not before: Mon 02 Jan 2023 09:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 185.34.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:2c:68:00:0f:81:a9:33:58:be:2a:be:bb:b3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Validity
Not Before: Jan 2 09:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae6859b05f085f757a826f3403d1a99803677deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9d:b1:62:5e:eb:de:e7:96:7c:5c:27:35:45:
4b:a5:ef:b2:1b:ef:b8:b8:cc:4b:de:1c:9c:21:c8:
b9:fe:2b:63:95:ff:4f:ed:74:92:f9:bd:13:b2:db:
c3:0a:29:0f:bb:2b:13:c3:6e:00:26:22:9d:a8:57:
44:25:1c:d9:09:1e:a1:58:d3:c2:20:b7:48:20:1f:
81:39:29:d8:dd:03:ad:27:98:f4:e1:af:73:90:c2:
cb:30:90:fc:4b:7a:29:b7:a2:8a:98:f8:49:e6:79:
19:d5:15:83:76:c6:58:f6:23:7c:6e:22:e0:fa:2b:
fa:12:d2:9a:51:84:36:e3:42:04:8d:fc:b8:06:bc:
39:11:83:db:83:81:12:87:8f:b0:0c:7c:83:ad:11:
a4:70:f0:cf:50:47:24:09:83:d0:43:fd:92:53:15:
73:74:46:b2:39:76:fb:59:87:f4:e4:87:e4:33:43:
12:97:2d:75:91:63:08:ea:ab:de:7e:dc:dc:19:bb:
87:12:8e:6a:23:74:71:0b:4a:81:f8:f2:c6:85:49:
7e:8d:38:42:7a:db:a2:6a:58:fe:9b:64:e6:03:81:
b3:26:36:1f:1d:00:e5:8a:cf:2f:6f:cc:2e:04:a7:
87:7b:e3:8f:b4:1f:dd:2a:11:7d:f1:a0:f2:a4:aa:
bf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:68:59:B0:5F:08:5F:75:7A:82:6F:34:03:D1:A9:98:03:67:7D:EB
X509v3 Authority Key Identifier:
keyid:32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/rmhZsF8IX3V6gm80A9GpmANnfes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.128.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a4:e2:10:43:fc:eb:e8:1d:28:12:ce:be:ce:79:88:ab:c8:
5d:9a:62:07:6f:d4:b4:9c:58:a3:d9:c7:b2:f8:03:bd:d8:f2:
5f:e2:1d:66:bc:a0:6d:25:e8:76:33:71:da:44:eb:2d:2c:6b:
99:5d:e9:81:38:cd:76:ac:5f:28:9e:c9:0d:2d:34:0d:b5:1c:
3a:0c:e1:9c:71:e8:c6:f8:7b:a1:31:83:4c:14:c3:cf:d4:aa:
6d:8d:e3:b7:77:9d:81:e2:78:54:12:31:d4:2a:d7:c2:fe:e0:
73:71:8d:c0:36:22:5c:cc:7f:d9:b2:00:26:6f:ad:77:9f:02:
f2:ad:30:a4:b4:00:bb:21:8d:1a:8b:ca:44:eb:83:3c:0a:28:
f0:dc:9b:ef:64:f9:6f:3d:85:46:90:fc:a1:57:4a:e0:da:cf:
0b:0f:f5:5d:a0:bf:b2:d6:8c:4b:62:fc:05:f5:59:89:41:eb:
8b:13:69:98:06:f6:f3:cc:d3:79:8e:8c:6f:82:ae:93:14:34:
99:e8:38:98:9f:56:58:ac:e7:68:77:be:26:4a:1e:bd:d6:52:
ae:8f:19:43:78:f1:46:cf:4e:87:4d:52:fe:5a:79:fb:bc:6b:
3b:8c:cb:5e:04:a4:50:fa:33:93:0b:58:30:4f:21:d8:33:56:
df:fa:a3:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxuixoAA+BqTNYviq+u7MaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWQ2NzAwMmRjNzMwN2U4NTYzYjZlNDkzNGNjZDU3MjNh
NDRmM2UwHhcNMjMwMTAyMDkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTY4NTliMDVmMDg1Zjc1N2E4MjZmMzQwM2QxYTk5ODAzNjc3ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp2xYl7r3ueWfFwnNUVLpe+yG++4
uMxL3hycIci5/itjlf9P7XSS+b0TstvDCikPuysTw24AJiKdqFdEJRzZCR6hWNPC
ILdIIB+BOSnY3QOtJ5j04a9zkMLLMJD8S3opt6KKmPhJ5nkZ1RWDdsZY9iN8biLg
+iv6EtKaUYQ240IEjfy4Brw5EYPbg4ESh4+wDHyDrRGkcPDPUEckCYPQQ/2SUxVz
dEayOXb7WYf05IfkM0MSly11kWMI6qveftzcGbuHEo5qI3RxC0qB+PLGhUl+jThC
etuialj+m2TmA4GzJjYfHQDlis8vb8wuBKeHe+OPtB/dKhF98aDypKq/3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5oWbBfCF91eoJvNAPRqZgDZ33rMB8GA1UdIwQY
MBaAFDLtZwAtxzB+hWO25JNMzVcjpE8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMt
ZjFlOWJjNDFkOTJmLzEvcm1oWnNGOElYM1Y2Z204MEE5R3BtQU5uZmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMtZjFlOWJjNDFkOTJm
LzEvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSKAMA0G
CSqGSIb3DQEBCwUAA4IBAQBVpOIQQ/zr6B0oEs6+znmIq8hdmmIHb9S0nFij2cey
+AO92PJf4h1mvKBtJeh2M3HaROstLGuZXemBOM12rF8onskNLTQNtRw6DOGccejG
+HuhMYNMFMPP1KptjeO3d52B4nhUEjHUKtfC/uBzcY3ANiJczH/ZsgAmb613nwLy
rTCktAC7IY0ai8pE64M8Cijw3JvvZPlvPYVGkPyhV0rg2s8LD/VdoL+y1oxLYvwF
9VmJQeuLE2mYBvbzzNN5joxvgq6TFDSZ6DiYn1ZYrOdod74mSh691lKujxlDePFG
z06HTVL+Wnn7vGs7jMteBKRQ+jOTC1gwTyHYM1bf+qM7
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:04:56 2025 by rpki-client