Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/746767-ef5f-436c-bd5d-8e8b79926aa3/1/aH8o87fwM5liO0DgPMDfx0UN8Y8.roa
File: aH8o87fwM5liO0DgPMDfx0UN8Y8.roa (raw, json)
Hash identifier: L0Ey00qiQKBfa9iCDn6sL6PrkC70i3FapohQslqm6Ow=
Subject key identifier: 68:7F:28:F3:B7:F0:33:99:62:3B:40:E0:3C:C0:DF:C7:45:0D:F1:8F
Certificate issuer: /CN=f8456292d85a0b86c4e2534b27d26b47bfe04317
Certificate serial: 01856D53C4FEB7B585EF0E1B54E758F13BCD
Authority key identifier: F8:45:62:92:D8:5A:0B:86:C4:E2:53:4B:27:D2:6B:47:BF:E0:43:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EVikthaC4bE4lNLJ9JrR7_gQxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/746767-ef5f-436c-bd5d-8e8b79926aa3/1/aH8o87fwM5liO0DgPMDfx0UN8Y8.roa
Signing time: Sun 01 Jan 2023 12:34:44 +0000
ROA not before: Sun 01 Jan 2023 12:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203932
IP address blocks: 185.198.241.0/24 maxlen: 24
2a13:4700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:c4:fe:b7:b5:85:ef:0e:1b:54:e7:58:f1:3b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8456292d85a0b86c4e2534b27d26b47bfe04317
Validity
Not Before: Jan 1 12:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=687f28f3b7f03399623b40e03cc0dfc7450df18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e3:ab:4d:d7:c6:c9:8f:3e:33:75:48:9b:f8:
77:0c:fa:c2:27:92:61:bc:24:0e:07:d2:92:c1:88:
7e:7f:09:71:e8:3b:49:9f:02:3d:40:75:f9:d0:b5:
60:43:1f:58:2b:34:f2:e3:dc:f7:61:26:0b:3d:ac:
e5:46:aa:d1:25:62:71:ac:25:69:f9:13:2d:78:25:
67:0c:c4:41:a7:b2:a1:46:2a:0a:52:b4:67:e6:c3:
c3:66:ea:73:f5:52:89:aa:55:73:e6:c6:88:30:6c:
20:92:74:4a:c7:d4:42:5b:94:7f:30:1f:a8:d8:8b:
9a:d7:a7:c8:37:c4:b2:eb:95:70:30:64:3c:dd:85:
32:a3:45:0d:e3:fe:8f:d4:5d:94:a1:8e:1f:ff:bc:
63:cb:07:1d:3f:2d:d8:09:42:b4:ca:52:3a:5a:3a:
4d:ca:6b:50:87:21:35:f8:bb:26:cb:9a:b5:23:a9:
0c:7c:0b:b8:94:ae:e6:1a:72:27:8a:fc:47:50:ef:
7d:f4:99:ee:a9:3f:fe:bd:72:5c:31:03:5f:2d:3e:
1b:25:63:d0:6d:74:b0:3a:af:9f:a4:c2:d8:18:52:
ac:91:b1:2f:c5:a6:3c:43:90:a0:f6:5d:29:f4:6f:
43:4c:ec:90:e4:96:b0:c2:8b:c9:74:e6:14:a8:06:
18:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7F:28:F3:B7:F0:33:99:62:3B:40:E0:3C:C0:DF:C7:45:0D:F1:8F
X509v3 Authority Key Identifier:
keyid:F8:45:62:92:D8:5A:0B:86:C4:E2:53:4B:27:D2:6B:47:BF:E0:43:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EVikthaC4bE4lNLJ9JrR7_gQxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/746767-ef5f-436c-bd5d-8e8b79926aa3/1/aH8o87fwM5liO0DgPMDfx0UN8Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/746767-ef5f-436c-bd5d-8e8b79926aa3/1/1-EVikthaC4bE4lNLJ9JrR7_gQxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.241.0/24
IPv6:
2a13:4700::/29
Signature Algorithm: sha256WithRSAEncryption
91:53:2e:77:48:e1:ea:86:c1:84:e2:2c:51:6f:32:bf:86:f6:
c9:64:14:50:c1:f7:6e:ac:23:ff:5b:23:a7:b1:1a:de:ae:42:
7c:18:98:68:b5:74:af:79:02:c4:a3:ea:1e:2c:6c:e3:f9:e4:
62:87:30:33:96:ff:94:b8:ad:5e:82:e6:af:8c:72:79:b3:f1:
e1:e0:17:a1:5b:15:b5:7d:c9:e1:13:96:a0:ce:0c:59:c3:33:
51:11:3d:76:75:4c:44:a4:b5:d4:2d:9e:72:b2:86:a2:22:81:
0c:b2:b9:a4:f1:7f:e8:6e:7c:b6:4e:4e:81:93:a7:28:81:9c:
91:07:a3:f8:8f:c6:2e:63:52:ec:fa:a4:11:28:f6:33:4f:f3:
8d:9d:07:49:36:44:0e:a8:74:53:0d:b6:e7:15:be:4a:59:b8:
5b:ec:17:f9:1b:97:12:97:c0:4c:a3:ae:3e:87:ec:dc:21:89:
ad:64:8c:e2:fe:cc:8d:29:4f:00:2f:59:33:75:bb:85:42:b9:
00:2a:bb:86:43:ff:c3:9c:d9:96:22:24:dd:0a:78:79:6b:2a:
83:5e:7e:ee:0c:c9:b6:b5:b2:56:5c:b3:f4:bc:c3:60:3c:ca:
4f:f2:91:5c:4e:2b:ee:f0:53:54:e6:3b:6e:a2:51:fa:6f:c7:
39:58:da:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtU8T+t7WF7w4bVOdY8TvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDU2MjkyZDg1YTBiODZjNGUyNTM0YjI3ZDI2YjQ3YmZl
MDQzMTcwHhcNMjMwMTAxMTIzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdmMjhmM2I3ZjAzMzk5NjIzYjQwZTAzY2MwZGZjNzQ1MGRmMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuOrTdfGyY8+M3VIm/h3DPrCJ5Jh
vCQOB9KSwYh+fwlx6DtJnwI9QHX50LVgQx9YKzTy49z3YSYLPazlRqrRJWJxrCVp
+RMteCVnDMRBp7KhRioKUrRn5sPDZupz9VKJqlVz5saIMGwgknRKx9RCW5R/MB+o
2Iua16fIN8Sy65VwMGQ83YUyo0UN4/6P1F2UoY4f/7xjywcdPy3YCUK0ylI6WjpN
ymtQhyE1+Lsmy5q1I6kMfAu4lK7mGnInivxHUO999JnuqT/+vXJcMQNfLT4bJWPQ
bXSwOq+fpMLYGFKskbEvxaY8Q5Cg9l0p9G9DTOyQ5JawwovJdOYUqAYYFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGh/KPO38DOZYjtA4DzA38dFDfGPMB8GA1UdIwQY
MBaAFPhFYpLYWguGxOJTSyfSa0e/4EMXMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FVmlrdGhhQzRiRTRsTkxKOUpyUjdfZ1F4Yy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUvNzQ2NzY3LWVmNWYtNDM2Yy1iZDVk
LThlOGI3OTkyNmFhMy8xL2FIOG84N2Z3TTVsaU8wRGdQTURmeDBVTjhZOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvNzQ2NzY3LWVmNWYtNDM2Yy1iZDVkLThlOGI3OTkyNmFh
My8xLzEtRVZpa3RoYUM0YkU0bE5MSjlKclI3X2dReGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAC5xvEw
DQQCAAIwBwMFAyoTRwAwDQYJKoZIhvcNAQELBQADggEBAJFTLndI4eqGwYTiLFFv
Mr+G9slkFFDB926sI/9bI6exGt6uQnwYmGi1dK95AsSj6h4sbOP55GKHMDOW/5S4
rV6C5q+Mcnmz8eHgF6FbFbV9yeETlqDODFnDM1ERPXZ1TESktdQtnnKyhqIigQyy
uaTxf+hufLZOToGTpyiBnJEHo/iPxi5jUuz6pBEo9jNP842dB0k2RA6odFMNtucV
vkpZuFvsF/kblxKXwEyjrj6H7Nwhia1kjOL+zI0pTwAvWTN1u4VCuQAqu4ZD/8Oc
2ZYiJN0KeHlrKoNefu4Myba1slZcs/S8w2A8yk/ykVxOK+7wU1TmO26iUfpvxzlY
2iY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:05 2025 by rpki-client