Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/myJ1ySp2iLiOL03KBaj4vmhjAqs.roa
File: myJ1ySp2iLiOL03KBaj4vmhjAqs.roa (raw, json)
Hash identifier: iDDIrnhGqXxx51KfH3rBYG/YS6n+TAJb1gjmIhm24Bs=
Subject key identifier: 9B:22:75:C9:2A:76:88:B8:8E:2F:4D:CA:05:A8:F8:BE:68:63:02:AB
Certificate issuer: /CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Certificate serial: 0182F75B7D3A9D19E97B1B4C8D2E8ACD3F0D
Authority key identifier: 39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/myJ1ySp2iLiOL03KBaj4vmhjAqs.roa
Signing time: Thu 01 Sep 2022 04:42:24 +0000
ROA not before: Thu 01 Sep 2022 04:42:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48918
IP address blocks: 185.250.110.0/24 maxlen: 24
185.250.109.0/24 maxlen: 24
185.250.108.0/24 maxlen: 24
2a0c:c40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f7:5b:7d:3a:9d:19:e9:7b:1b:4c:8d:2e:8a:cd:3f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Validity
Not Before: Sep 1 04:42:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b2275c92a7688b88e2f4dca05a8f8be686302ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:11:fa:03:bb:5e:16:a9:94:c1:3a:ef:63:c7:
c1:78:b9:8d:b1:86:ab:db:a8:29:54:3c:7e:12:45:
45:48:56:8f:d8:df:83:c4:e5:6b:58:32:e9:a7:dc:
b8:28:fc:69:0c:5e:4b:ab:b9:60:f9:67:ef:d3:e5:
c2:71:c3:99:b2:cd:9c:73:68:89:64:a2:10:26:be:
f9:b3:ff:d6:b7:25:38:c4:f8:41:d9:bc:e1:d4:39:
17:c6:af:ee:59:fe:0a:ef:89:f0:bb:a3:52:da:79:
1b:7c:6e:c7:a6:d6:c9:ab:3c:da:32:4e:08:b8:5f:
dc:ef:54:7f:bb:59:10:81:0b:4c:64:c8:fe:1f:aa:
c0:ab:fe:1b:ae:9b:7b:35:79:c6:64:9b:99:ff:9c:
66:53:91:ba:67:4d:e0:7a:a3:e4:ad:5e:7a:7f:74:
d9:9e:a0:7c:c8:c3:80:1d:51:73:d5:d1:0d:da:66:
ba:24:64:8f:f7:07:d7:15:fd:75:9f:c2:8f:80:5f:
a1:20:4a:f9:b2:7e:f1:05:25:46:6d:c2:36:79:eb:
4f:13:81:32:2e:9a:c8:9a:ea:cb:35:0b:93:f0:1e:
63:e1:4b:61:dc:15:a5:18:5a:53:5c:9e:27:9a:a0:
a0:53:18:63:96:7a:b3:08:7a:44:e1:16:5e:10:b0:
d2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:22:75:C9:2A:76:88:B8:8E:2F:4D:CA:05:A8:F8:BE:68:63:02:AB
X509v3 Authority Key Identifier:
keyid:39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/myJ1ySp2iLiOL03KBaj4vmhjAqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/OffHSY_ZyfKGgElRYrnrdq1HxgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.108.0-185.250.110.255
IPv6:
2a0c:c40::/32
Signature Algorithm: sha256WithRSAEncryption
41:80:fa:3f:85:33:81:7f:05:9e:82:c2:3e:3a:93:ef:c6:66:
d1:98:c7:1a:23:f3:d8:99:59:dc:64:99:73:de:a9:e2:4b:50:
d6:b0:ca:53:e3:be:97:83:5d:2b:da:ce:cd:1b:07:2f:6b:b0:
04:f2:49:0c:08:76:c9:f0:21:93:df:4f:45:b8:23:cd:73:db:
6a:39:71:b4:e9:ac:bd:97:db:df:08:d7:0d:26:b7:7f:34:e6:
50:d5:52:66:0b:98:bb:51:37:5d:8a:07:08:ac:6f:52:75:83:
cf:46:6f:48:0c:c2:86:2f:d8:c7:67:fe:81:81:d0:fc:e1:8a:
99:7e:3c:46:84:21:77:c5:1c:d9:06:52:e1:63:4c:7f:0f:b4:
4f:bc:f6:93:ae:5b:da:1b:3c:b9:f3:d9:ea:eb:82:0f:26:f4:
e2:7f:0c:15:d7:1b:09:00:fb:cb:fc:d9:08:87:cf:3e:2f:58:
36:50:fa:31:f4:d1:52:40:a3:b5:5e:48:93:cf:68:14:b6:89:
96:9f:ea:8c:53:93:d5:05:08:7b:b6:aa:3c:37:4b:ca:5d:15:
28:bc:f6:e9:0f:12:bf:0b:0b:6b:f9:16:02:15:3c:81:f4:f9:
39:de:81:e1:e5:a2:4e:82:e4:a8:17:84:90:e5:55:e1:c2:98:
d4:ae:0c:14
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYL3W306nRnpextMjS6KzT8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjdjNzQ5OGZkOWM5ZjI4NjgwNDk1MTYyYjllYjc2YWQ0
N2M2MDMwHhcNMjIwOTAxMDQ0MjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjIyNzVjOTJhNzY4OGI4OGUyZjRkY2EwNWE4ZjhiZTY4NjMwMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+xH6A7teFqmUwTrvY8fBeLmNsYar
26gpVDx+EkVFSFaP2N+DxOVrWDLpp9y4KPxpDF5Lq7lg+Wfv0+XCccOZss2cc2iJ
ZKIQJr75s//WtyU4xPhB2bzh1DkXxq/uWf4K74nwu6NS2nkbfG7HptbJqzzaMk4I
uF/c71R/u1kQgQtMZMj+H6rAq/4brpt7NXnGZJuZ/5xmU5G6Z03geqPkrV56f3TZ
nqB8yMOAHVFz1dEN2ma6JGSP9wfXFf11n8KPgF+hIEr5sn7xBSVGbcI2eetPE4Ey
LprImurLNQuT8B5j4Uth3BWlGFpTXJ4nmqCgUxhjlnqzCHpE4RZeELDSGQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJsidckqdoi4ji9NygWo+L5oYwKrMB8GA1UdIwQY
MBaAFDn3x0mP2cnyhoBJUWK563atR8YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUt
ZWZjZmJhOTkwN2RjLzEvbXlKMXlTcDJpTGlPTDAzS0JhajR2bWhqQXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUtZWZjZmJhOTkwN2Rj
LzEvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5+mwD
BAC5+m4wDQQCAAIwBwMFACoMDEAwDQYJKoZIhvcNAQELBQADggEBAEGA+j+FM4F/
BZ6Cwj46k+/GZtGYxxoj89iZWdxkmXPeqeJLUNawylPjvpeDXSvazs0bBy9rsATy
SQwIdsnwIZPfT0W4I81z22o5cbTprL2X298I1w0mt3805lDVUmYLmLtRN12KBwis
b1J1g89Gb0gMwoYv2Mdn/oGB0Pzhipl+PEaEIXfFHNkGUuFjTH8PtE+89pOuW9ob
PLnz2errgg8m9OJ/DBXXGwkA+8v82QiHzz4vWDZQ+jH00VJAo7VeSJPPaBS2iZaf
6oxTk9UFCHu2qjw3S8pdFSi89ukPEr8LC2v5FgIVPIH0+TnegeHlok6C5KgXhJDl
VeHCmNSuDBQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:23 2025 by rpki-client