Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/vibYKuO5cMQJCSVmzZsQDQfo9bw.roa
File: vibYKuO5cMQJCSVmzZsQDQfo9bw.roa (raw, json)
Hash identifier: n2csS9BJKgBzfoyZSlE8MEzXKJD0Errv5W+Ohp2H90U=
Subject key identifier: BE:26:D8:2A:E3:B9:70:C4:09:09:25:66:CD:9B:10:0D:07:E8:F5:BC
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 018BD86A39324D4A2954E56B13CB00412B80
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/vibYKuO5cMQJCSVmzZsQDQfo9bw.roa
Signing time: Thu 16 Nov 2023 13:55:21 +0000
ROA not before: Thu 16 Nov 2023 13:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57193
IP address blocks: 185.11.244.0/24 maxlen: 24
185.11.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:6a:39:32:4d:4a:29:54:e5:6b:13:cb:00:41:2b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Nov 16 13:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be26d82ae3b970c409092566cd9b100d07e8f5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:99:91:82:46:63:4e:ab:ba:f6:04:16:9d:9e:
73:60:a8:9b:f1:d7:b8:2b:35:24:14:d2:ba:57:88:
77:24:12:64:a9:32:7f:27:54:e9:68:aa:e7:14:67:
6b:4b:fc:22:d9:fe:6f:97:c3:04:75:93:59:23:72:
fa:c5:27:66:77:dc:b0:a2:e6:bf:23:85:de:68:e4:
86:44:25:71:dd:36:7e:de:35:bf:d6:f8:8e:43:08:
ae:ba:51:e0:01:52:9d:d7:f5:32:85:d1:f9:8d:6e:
62:63:34:1d:35:b9:4e:dd:56:5a:85:89:ba:b5:b9:
04:db:ee:da:43:c1:c9:49:85:24:a3:55:f6:ad:b6:
33:18:43:fb:33:6c:cb:5c:85:de:cc:31:0c:b5:d3:
4a:3a:99:2d:7a:6f:2c:6c:55:57:55:75:ca:f9:7a:
fa:3a:a5:57:c8:bc:8c:4b:86:0c:5a:bc:4a:7e:cb:
4d:af:36:e2:23:d3:c3:24:f8:06:e9:aa:ee:f4:21:
36:92:14:d5:5d:38:3f:cd:04:0f:45:1f:d4:94:97:
f1:f2:a8:fb:72:47:4c:c7:d4:60:c8:dc:72:66:62:
5c:69:4a:ec:52:51:db:78:f5:0f:cc:b7:32:f5:66:
16:1e:61:b1:43:fb:9e:b9:aa:35:91:5d:0c:f8:ab:
76:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:26:D8:2A:E3:B9:70:C4:09:09:25:66:CD:9B:10:0D:07:E8:F5:BC
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/vibYKuO5cMQJCSVmzZsQDQfo9bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.244.0/23
Signature Algorithm: sha256WithRSAEncryption
94:77:3d:ed:f3:c7:a9:10:af:80:f7:97:2d:fd:3e:ae:fc:1d:
e9:67:7f:16:96:d6:10:7c:e8:7c:f4:04:c5:f5:fa:7c:98:3e:
ef:e7:3c:e4:0e:13:49:f3:de:71:09:86:60:78:0f:54:04:e1:
99:f7:5b:15:09:c4:c9:4b:8a:8e:81:32:f2:4b:8c:d7:19:74:
8c:2a:9e:81:cc:f8:bc:c5:eb:37:07:a7:2a:22:44:c7:2a:db:
c3:63:7b:2f:2b:ef:ad:61:b2:69:5a:a7:e9:92:02:2b:da:b5:
01:f2:2e:d4:82:b5:da:ca:04:fb:df:f0:6a:18:97:2f:1e:3d:
4e:61:4f:ef:99:af:43:45:0e:fd:df:76:33:58:14:d5:4e:6d:
65:19:4b:ef:66:5a:9a:c1:3c:84:05:8e:e8:bb:fe:a3:07:60:
64:ea:0c:c2:f2:76:7a:47:84:d8:3c:d4:cc:e3:08:bc:b0:cc:
ee:73:aa:8f:68:ed:a3:9a:f8:0e:4b:c2:e9:13:86:7d:98:0e:
ae:7e:4c:a5:31:35:b0:0f:d1:e7:fd:eb:24:5c:ee:35:8b:7c:
68:26:76:c1:3a:67:6e:64:78:0a:2f:07:60:76:a4:9a:68:ae:
17:e5:bc:11:2a:19:03:90:1e:74:82:8e:b5:33:ec:1e:3d:33:
7e:51:05:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvYajkyTUopVOVrE8sAQSuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjMxMTE2MTM1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTI2ZDgyYWUzYjk3MGM0MDkwOTI1NjZjZDliMTAwZDA3ZThmNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZmRgkZjTqu69gQWnZ5zYKib8de4
KzUkFNK6V4h3JBJkqTJ/J1TpaKrnFGdrS/wi2f5vl8MEdZNZI3L6xSdmd9ywoua/
I4XeaOSGRCVx3TZ+3jW/1viOQwiuulHgAVKd1/UyhdH5jW5iYzQdNblO3VZahYm6
tbkE2+7aQ8HJSYUko1X2rbYzGEP7M2zLXIXezDEMtdNKOpktem8sbFVXVXXK+Xr6
OqVXyLyMS4YMWrxKfstNrzbiI9PDJPgG6aru9CE2khTVXTg/zQQPRR/UlJfx8qj7
ckdMx9RgyNxyZmJcaUrsUlHbePUPzLcy9WYWHmGxQ/ueuao1kV0M+Kt2kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4m2CrjuXDECQklZs2bEA0H6PW8MB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvdmliWUt1TzVjTVFKQ1NWbXpac1FEUWZvOWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQv0MA0G
CSqGSIb3DQEBCwUAA4IBAQCUdz3t88epEK+A95ct/T6u/B3pZ38WltYQfOh89ATF
9fp8mD7v5zzkDhNJ895xCYZgeA9UBOGZ91sVCcTJS4qOgTLyS4zXGXSMKp6BzPi8
xes3B6cqIkTHKtvDY3svK++tYbJpWqfpkgIr2rUB8i7UgrXaygT73/BqGJcvHj1O
YU/vma9DRQ7933YzWBTVTm1lGUvvZlqawTyEBY7ou/6jB2Bk6gzC8nZ6R4TYPNTM
4wi8sMzuc6qPaO2jmvgOS8LpE4Z9mA6ufkylMTWwD9Hn/eskXO41i3xoJnbBOmdu
ZHgKLwdgdqSaaK4X5bwRKhkDkB50go61M+wePTN+UQVX
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:12 2025 by rpki-client