Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/UQ5pphraB0MVW6V3iz4k-2LAthk.roa
File: UQ5pphraB0MVW6V3iz4k-2LAthk.roa (raw, json)
Hash identifier: 6gval3ZhqEyn6gAGAIWDzah6vBbYf3iVT3lavrFie5E=
Subject key identifier: 51:0E:69:A6:1A:DA:07:43:15:5B:A5:77:8B:3E:24:FB:62:C0:B6:19
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 018570B9886A3EE115BEE4ABEB7A5ED113D3
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/UQ5pphraB0MVW6V3iz4k-2LAthk.roa
Signing time: Mon 02 Jan 2023 04:24:45 +0000
ROA not before: Mon 02 Jan 2023 04:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 185.94.242.0/23 maxlen: 23
185.124.96.0/24 maxlen: 24
185.94.240.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:88:6a:3e:e1:15:be:e4:ab:eb:7a:5e:d1:13:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 2 04:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=510e69a61ada0743155ba5778b3e24fb62c0b619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fc:a1:fd:4f:37:2c:38:e9:29:f7:bc:19:68:
df:1a:36:69:ce:ce:94:18:c2:46:43:d4:3e:4e:64:
54:b5:c0:72:b6:ed:14:4c:83:0c:93:42:12:79:bf:
9e:89:89:10:ab:4c:3e:2e:99:48:b2:16:b7:1d:3e:
b3:d1:4e:25:b9:7c:f3:eb:ee:f9:cc:3c:88:c6:5b:
4e:4c:48:ac:f3:4e:59:20:6e:00:52:49:8e:5b:f9:
0f:1d:92:c1:dc:d3:4f:84:d2:10:a9:01:ff:f9:b3:
f2:b5:05:35:51:2c:3a:d9:ef:50:32:94:30:ec:d3:
e5:a0:7e:18:77:d1:ac:9a:c0:10:73:e5:33:70:4a:
5c:70:0d:4e:20:79:cb:68:f7:dd:5c:71:2b:10:89:
8d:4a:76:cd:cd:cb:53:89:5d:51:59:11:67:2f:6c:
58:0c:67:f7:b7:c2:37:f1:02:e9:59:5d:aa:36:37:
2a:b4:a4:d1:f7:bb:10:fc:2a:be:90:db:42:b1:9e:
d1:03:fd:96:03:3f:6e:77:89:50:47:f3:8c:15:07:
1a:43:75:da:2e:25:d7:6f:3a:f1:46:d3:54:76:23:
0e:40:88:54:41:66:fa:62:23:0f:ab:de:ea:b4:09:
c8:25:bc:3c:87:c9:66:42:0a:0b:45:28:23:f5:45:
82:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0E:69:A6:1A:DA:07:43:15:5B:A5:77:8B:3E:24:FB:62:C0:B6:19
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/UQ5pphraB0MVW6V3iz4k-2LAthk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.240.0/22
185.124.96.0/24
Signature Algorithm: sha256WithRSAEncryption
10:3b:6e:16:9b:cc:05:82:c8:0d:3d:7a:69:7d:99:b1:ac:f7:
b8:f7:6f:d7:5b:ac:70:2d:48:44:f2:31:1b:60:72:da:6a:a2:
65:fb:9f:53:62:b7:55:c5:53:1b:87:03:a9:0a:bf:39:f2:a4:
88:a0:36:b5:59:c9:e3:88:c6:d4:42:f6:cd:d8:03:cd:73:18:
15:c1:41:89:50:0e:bd:d9:dc:59:cf:71:77:e0:ba:21:5e:e7:
cd:6b:f4:3b:b9:ae:48:14:d4:9e:d0:1b:73:98:09:94:ab:64:
d1:a9:fe:9c:65:da:e5:47:fb:48:88:72:1c:5a:04:12:39:cd:
08:5e:f5:a8:e2:ba:62:0b:e5:e4:b3:80:fb:4e:27:22:20:78:
5e:50:aa:e2:0c:72:e3:21:9a:5a:f0:54:b8:6a:60:ed:41:d8:
da:fa:89:c3:42:f9:f4:95:f2:1a:b7:c6:87:51:9b:37:94:c0:
b2:30:ae:c6:53:1b:77:90:a5:ec:27:cb:07:3a:d4:34:7e:8c:
4c:35:8c:d1:f2:f2:e6:fc:af:7b:2a:d3:64:d4:72:2a:1d:66:
b0:99:da:f1:85:28:f2:a9:39:66:24:3a:43:d6:5f:e4:93:2a:
ee:d0:8d:e4:21:3a:6a:03:cb:6b:a7:05:b1:cc:1d:b4:09:f6:
02:43:89:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwuYhqPuEVvuSr63pe0RPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx
Y2FmYTQwHhcNMjMwMTAyMDQyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTBlNjlhNjFhZGEwNzQzMTU1YmE1Nzc4YjNlMjRmYjYyYzBiNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfyh/U83LDjpKfe8GWjfGjZpzs6U
GMJGQ9Q+TmRUtcBytu0UTIMMk0ISeb+eiYkQq0w+LplIsha3HT6z0U4luXzz6+75
zDyIxltOTEis805ZIG4AUkmOW/kPHZLB3NNPhNIQqQH/+bPytQU1USw62e9QMpQw
7NPloH4Yd9GsmsAQc+UzcEpccA1OIHnLaPfdXHErEImNSnbNzctTiV1RWRFnL2xY
DGf3t8I38QLpWV2qNjcqtKTR97sQ/Cq+kNtCsZ7RA/2WAz9ud4lQR/OMFQcaQ3Xa
LiXXbzrxRtNUdiMOQIhUQWb6YiMPq97qtAnIJbw8h8lmQgoLRSgj9UWC1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFEOaaYa2gdDFVuld4s+JPtiwLYZMB8GA1UdIwQY
MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt
MGU3MjQxNmI0ZGM3LzEvVVE1cHBocmFCME1WVzZWM2l6NGstMkxBdGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3
LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuV7wAwQA
uXxgMA0GCSqGSIb3DQEBCwUAA4IBAQAQO24Wm8wFgsgNPXppfZmxrPe492/XW6xw
LUhE8jEbYHLaaqJl+59TYrdVxVMbhwOpCr858qSIoDa1WcnjiMbUQvbN2APNcxgV
wUGJUA692dxZz3F34LohXufNa/Q7ua5IFNSe0BtzmAmUq2TRqf6cZdrlR/tIiHIc
WgQSOc0IXvWo4rpiC+Xks4D7TiciIHheUKriDHLjIZpa8FS4amDtQdja+onDQvn0
lfIat8aHUZs3lMCyMK7GUxt3kKXsJ8sHOtQ0foxMNYzR8vLm/K97KtNk1HIqHWaw
mdrxhSjyqTlmJDpD1l/kkyru0I3kITpqA8trpwWxzB20CfYCQ4kV
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:10:30 2025 by rpki-client