Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/iE07Gs25ykXSDR1Kucic1J_hKP8.roa
File: iE07Gs25ykXSDR1Kucic1J_hKP8.roa (raw, json)
Hash identifier: rXvLn1/l0qe3B0aLe/KdwnKMw/cmKvfuOqpUn0nBx0M=
Subject key identifier: 88:4D:3B:1A:CD:B9:CA:45:D2:0D:1D:4A:B9:C8:9C:D4:9F:E1:28:FF
Certificate issuer: /CN=4c3789ecf67e04298c5ee44c67d8fb7f5d6d95a1
Certificate serial: 018B492D707860F4649BDB24A3AF6FECC971
Authority key identifier: 4C:37:89:EC:F6:7E:04:29:8C:5E:E4:4C:67:D8:FB:7F:5D:6D:95:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/iE07Gs25ykXSDR1Kucic1J_hKP8.roa
Signing time: Thu 19 Oct 2023 18:23:16 +0000
ROA not before: Thu 19 Oct 2023 18:23:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47280
IP address blocks: 185.191.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:2d:70:78:60:f4:64:9b:db:24:a3:af:6f:ec:c9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3789ecf67e04298c5ee44c67d8fb7f5d6d95a1
Validity
Not Before: Oct 19 18:23:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=884d3b1acdb9ca45d20d1d4ab9c89cd49fe128ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:66:08:e1:51:57:0f:4a:07:13:c5:ea:db:b5:
1a:28:ca:db:de:dc:37:8e:63:e0:60:e3:dc:f9:7d:
13:f3:77:f5:a9:ef:e7:d2:b9:89:75:7b:c2:c2:57:
ae:88:49:35:e6:7e:14:3a:87:d1:06:22:18:36:f9:
88:20:87:61:0c:e2:f5:d1:f4:4d:03:45:31:c7:02:
d9:9f:45:0b:a8:dc:c6:e7:ea:9d:a8:e1:26:38:75:
a9:72:0f:3e:af:dc:71:85:b1:6a:02:e5:2e:89:51:
60:d8:1c:8e:ac:78:b9:f8:f6:fc:7c:55:db:54:03:
af:6e:94:36:3b:10:fe:2d:6f:11:73:e1:b8:72:2a:
a1:4a:11:67:da:4a:e2:e9:b5:41:dc:8d:43:37:b0:
7f:86:77:43:ef:5c:88:c2:30:28:5a:ec:32:33:71:
44:ab:9d:9c:52:e7:a1:97:c8:14:f2:e3:5b:b7:84:
24:16:76:3d:47:19:0e:54:3f:ab:bb:c8:92:e6:9b:
06:54:ee:65:b5:42:6f:79:05:0c:6a:58:74:ab:34:
d0:c9:04:43:88:ac:5c:d6:62:f1:98:4d:e6:95:f7:
3f:a4:7a:ed:23:d2:f6:fe:ef:5a:b8:20:09:ca:bd:
ee:fd:c9:2a:e5:d7:19:d7:7f:ad:4e:97:74:06:4f:
5b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4D:3B:1A:CD:B9:CA:45:D2:0D:1D:4A:B9:C8:9C:D4:9F:E1:28:FF
X509v3 Authority Key Identifier:
keyid:4C:37:89:EC:F6:7E:04:29:8C:5E:E4:4C:67:D8:FB:7F:5D:6D:95:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/iE07Gs25ykXSDR1Kucic1J_hKP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.151.0/24
Signature Algorithm: sha256WithRSAEncryption
38:11:0d:5f:02:e1:4d:33:88:ee:05:30:d8:a6:da:1d:e8:88:
88:28:d7:21:60:c9:3c:2c:09:2d:42:5b:ce:ae:4d:31:61:f3:
64:25:62:c6:fe:de:77:7c:c3:70:8e:e6:2d:18:d3:4c:71:e1:
01:dd:11:c6:17:97:b6:a7:b0:4c:02:10:60:b8:4a:94:6b:b4:
c6:55:cf:ee:fe:60:02:ba:5d:07:56:07:c6:5e:77:81:15:8f:
59:b0:a3:de:95:3e:e1:66:ad:2a:23:fd:85:97:6e:45:bb:81:
a0:72:43:b1:25:e6:29:21:5a:fd:38:66:ed:22:96:41:6e:7f:
71:71:7b:3e:95:14:f8:d3:09:32:3a:66:d4:25:26:6c:2c:a8:
3e:4e:a8:f7:a7:4b:38:f1:61:66:40:5c:b0:c6:0c:e9:31:66:
d0:e1:db:75:05:46:69:94:2c:c5:d7:2a:60:45:30:85:8d:1a:
6e:da:7c:18:22:f7:6e:27:4e:c5:ea:ee:31:0b:63:80:39:56:
fb:5c:d5:89:03:55:cc:4d:86:f7:bf:bd:9c:fe:31:ea:6f:fa:
be:60:e3:dc:f9:e1:1c:56:73:9a:6c:3f:77:0d:8a:df:2a:85:
aa:86:f4:f7:3c:fc:d6:41:35:6e:bb:dc:5f:43:83:b0:56:4b:
e9:10:80:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtJLXB4YPRkm9sko69v7MlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzc4OWVjZjY3ZTA0Mjk4YzVlZTQ0YzY3ZDhmYjdmNWQ2
ZDk1YTEwHhcNMjMxMDE5MTgyMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODRkM2IxYWNkYjljYTQ1ZDIwZDFkNGFiOWM4OWNkNDlmZTEyOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2YI4VFXD0oHE8Xq27UaKMrb3tw3
jmPgYOPc+X0T83f1qe/n0rmJdXvCwleuiEk15n4UOofRBiIYNvmIIIdhDOL10fRN
A0UxxwLZn0ULqNzG5+qdqOEmOHWpcg8+r9xxhbFqAuUuiVFg2ByOrHi5+Pb8fFXb
VAOvbpQ2OxD+LW8Rc+G4ciqhShFn2kri6bVB3I1DN7B/hndD71yIwjAoWuwyM3FE
q52cUuehl8gU8uNbt4QkFnY9RxkOVD+ru8iS5psGVO5ltUJveQUMalh0qzTQyQRD
iKxc1mLxmE3mlfc/pHrtI9L2/u9auCAJyr3u/ckq5dcZ13+tTpd0Bk9b5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhNOxrNucpF0g0dSrnInNSf4Sj/MB8GA1UdIwQY
MBaAFEw3iez2fgQpjF7kTGfY+39dbZWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERlSjdQWi1CQ21NWHVSTVo5ajdmMTF0bGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83ZWQ3YjEtYjhmMy00M2YzLTk2ZTMt
MWRjNTRkMWMwM2EzLzEvaUUwN0dzMjV5a1hTRFIxS3VjaWMxSl9oS1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83ZWQ3YjEtYjhmMy00M2YzLTk2ZTMtMWRjNTRkMWMwM2Ez
LzEvVERlSjdQWi1CQ21NWHVSTVo5ajdmMTF0bGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+XMA0G
CSqGSIb3DQEBCwUAA4IBAQA4EQ1fAuFNM4juBTDYptod6IiIKNchYMk8LAktQlvO
rk0xYfNkJWLG/t53fMNwjuYtGNNMceEB3RHGF5e2p7BMAhBguEqUa7TGVc/u/mAC
ul0HVgfGXneBFY9ZsKPelT7hZq0qI/2Fl25Fu4GgckOxJeYpIVr9OGbtIpZBbn9x
cXs+lRT40wkyOmbUJSZsLKg+Tqj3p0s48WFmQFywxgzpMWbQ4dt1BUZplCzF1ypg
RTCFjRpu2nwYIvduJ07F6u4xC2OAOVb7XNWJA1XMTYb3v72c/jHqb/q+YOPc+eEc
VnOabD93DYrfKoWqhvT3PPzWQTVuu9xfQ4OwVkvpEIBb
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:17:26 2025 by rpki-client