Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/dSRB-U8tGkh3u7ueBUZx4EKVCPI.roa
File: dSRB-U8tGkh3u7ueBUZx4EKVCPI.roa (raw, json)
Hash identifier: p+TNXslr9wOKDAdCCj6NyWn0UCo0Ok4CQTZQZlIgnfk=
Subject key identifier: 75:24:41:F9:4F:2D:1A:48:77:BB:BB:9E:05:46:71:E0:42:95:08:F2
Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial: 018A25099668B8827ADBC461ACA51387722F
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/dSRB-U8tGkh3u7ueBUZx4EKVCPI.roa
Signing time: Thu 24 Aug 2023 00:54:59 +0000
ROA not before: Thu 24 Aug 2023 00:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43134
IP address blocks: 185.239.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:25:09:96:68:b8:82:7a:db:c4:61:ac:a5:13:87:72:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Validity
Not Before: Aug 24 00:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=752441f94f2d1a4877bbbb9e054671e0429508f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:09:cb:0e:d7:82:56:55:90:c2:6d:92:c2:
35:8b:4a:1a:5c:90:b6:52:13:7c:65:10:12:ec:5b:
fb:77:94:a4:a9:bc:66:e3:c1:c4:a1:bf:da:7b:0a:
34:7a:37:08:94:ed:2c:e5:3c:63:79:03:9e:47:2c:
ab:a8:17:5f:e8:bb:da:fc:6d:c9:fc:af:4d:a7:ff:
37:cd:ef:19:a6:48:db:4f:13:43:f8:12:b9:f8:49:
35:31:da:65:69:7f:7a:7f:04:f1:3c:07:25:ba:03:
65:13:08:a1:d3:cf:fa:d8:62:67:d8:a4:4d:37:a1:
7e:4d:04:57:f3:64:fa:b5:d0:f5:25:42:9a:0e:50:
b8:6b:33:5e:41:84:c4:62:ba:1a:81:c5:df:86:d0:
a0:17:a4:ca:21:48:da:df:7e:2a:33:bf:ab:90:f5:
b2:b6:a1:34:97:1d:14:87:14:70:11:f9:5e:86:18:
06:41:8a:0c:07:45:b7:8d:4b:89:68:2d:25:ff:83:
85:8c:67:1c:99:8b:7b:b5:05:04:84:62:78:c5:d6:
ca:b7:c6:2e:6b:47:e0:17:de:02:ea:75:04:c9:9a:
d6:71:73:57:df:8c:1d:80:7d:9c:52:dd:85:da:d7:
c7:ea:3e:c3:9b:10:e1:69:80:6c:26:82:40:f6:81:
01:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:24:41:F9:4F:2D:1A:48:77:BB:BB:9E:05:46:71:E0:42:95:08:F2
X509v3 Authority Key Identifier:
keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/dSRB-U8tGkh3u7ueBUZx4EKVCPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.125.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:f9:43:e5:52:08:09:86:67:f4:0e:b7:09:64:eb:2d:35:7b:
53:70:f5:eb:88:35:51:fb:18:e4:47:93:33:52:4c:68:a3:08:
4c:0d:50:d7:1d:df:7f:63:6e:c1:c8:9e:95:0a:4a:26:16:7c:
89:13:7f:bd:0b:c1:bf:7c:cd:64:2a:36:e8:86:3b:9a:96:1d:
30:85:b4:c3:a3:0e:b7:ef:fb:9d:8f:64:f9:1d:d4:4a:a3:7d:
6a:2a:ca:04:88:38:58:6c:97:5d:3c:d2:3d:5b:0d:9a:8f:b3:
d6:e9:01:44:1d:dc:da:39:e4:91:cf:44:b7:c2:fb:c4:75:c3:
ca:92:7b:cd:fe:91:c8:f5:17:d9:56:ee:40:5e:de:a2:de:e2:
63:5e:05:06:73:63:62:6b:3f:bf:25:59:02:28:bc:1e:a2:af:
e8:e4:c1:20:7b:2f:c4:e0:e7:1e:d8:06:37:09:93:6f:77:af:
d5:d1:cf:a6:fd:ac:9e:dd:ea:ff:a5:f2:95:96:c0:c1:b9:e2:
a5:ce:d7:67:d9:15:62:1f:29:55:c6:9f:4e:99:a9:8f:f3:ca:
eb:82:17:bf:b6:d8:35:ec:f7:e1:6b:a3:de:2b:d7:53:cf:8e:
5f:33:35:c0:c1:6e:69:87:ba:b1:3a:27:8f:46:35:88:29:95:
85:55:04:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYolCZZouIJ628RhrKUTh3IvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjMwODI0MDA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTI0NDFmOTRmMmQxYTQ4NzdiYmJiOWUwNTQ2NzFlMDQyOTUwOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmMJyw7XglZVkMJtksI1i0oaXJC2
UhN8ZRAS7Fv7d5Skqbxm48HEob/aewo0ejcIlO0s5TxjeQOeRyyrqBdf6Lva/G3J
/K9Np/83ze8ZpkjbTxND+BK5+Ek1MdplaX96fwTxPAclugNlEwih08/62GJn2KRN
N6F+TQRX82T6tdD1JUKaDlC4azNeQYTEYroagcXfhtCgF6TKIUja334qM7+rkPWy
tqE0lx0UhxRwEflehhgGQYoMB0W3jUuJaC0l/4OFjGccmYt7tQUEhGJ4xdbKt8Yu
a0fgF94C6nUEyZrWcXNX34wdgH2cUt2F2tfH6j7DmxDhaYBsJoJA9oEB4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUkQflPLRpId7u7ngVGceBClQjyMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvZFNSQi1VOHRHa2gzdTd1ZUJVWng0RUtWQ1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue99MA0G
CSqGSIb3DQEBCwUAA4IBAQDc+UPlUggJhmf0DrcJZOstNXtTcPXriDVR+xjkR5Mz
UkxoowhMDVDXHd9/Y27ByJ6VCkomFnyJE3+9C8G/fM1kKjbohjualh0whbTDow63
7/udj2T5HdRKo31qKsoEiDhYbJddPNI9Ww2aj7PW6QFEHdzaOeSRz0S3wvvEdcPK
knvN/pHI9RfZVu5AXt6i3uJjXgUGc2Niaz+/JVkCKLweoq/o5MEgey/E4Oce2AY3
CZNvd6/V0c+m/aye3er/pfKVlsDBueKlztdn2RViHylVxp9OmamP88rrghe/ttg1
7Pfha6PeK9dTz45fMzXAwW5ph7qxOiePRjWIKZWFVQSP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:54 2025 by rpki-client