Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/mb8gzXLU3hdA7Zi3LY3snsBUjtQ.roa
File: mb8gzXLU3hdA7Zi3LY3snsBUjtQ.roa (raw, json)
Hash identifier: wHoBrGQrVuh2/Jebf0wJiys+1Xx8h24j9nlmJHhNAHY=
Subject key identifier: 99:BF:20:CD:72:D4:DE:17:40:ED:98:B7:2D:8D:EC:9E:C0:54:8E:D4
Certificate issuer: /CN=d9e1019bbe11b55114874c961716eb238a11cd4e
Certificate serial: 018733C7A552FA9D75315D39353F6559089A
Authority key identifier: D9:E1:01:9B:BE:11:B5:51:14:87:4C:96:17:16:EB:23:8A:11:CD:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2eEBm74RtVEUh0yWFxbrI4oRzU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/mb8gzXLU3hdA7Zi3LY3snsBUjtQ.roa
Signing time: Thu 30 Mar 2023 18:28:54 +0000
ROA not before: Thu 30 Mar 2023 18:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201133
IP address blocks: 185.148.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:33:c7:a5:52:fa:9d:75:31:5d:39:35:3f:65:59:08:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9e1019bbe11b55114874c961716eb238a11cd4e
Validity
Not Before: Mar 30 18:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99bf20cd72d4de1740ed98b72d8dec9ec0548ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:01:35:88:3d:70:37:81:d8:46:ea:df:4e:6e:
46:e3:78:8f:99:d7:c6:c8:37:e8:45:fb:1d:37:f2:
34:32:26:b7:f9:73:8e:18:72:b9:62:08:be:44:ad:
f4:31:e3:21:87:e1:22:b3:c0:e6:b9:7c:c1:71:d1:
bd:1d:db:2d:68:36:7c:06:96:eb:a2:8b:ee:df:6d:
56:53:ef:4c:a8:94:ab:6b:2d:e9:c8:9a:c2:84:79:
67:4f:01:b9:ef:7c:e8:03:0e:48:e6:08:58:ca:60:
e0:0e:1c:b7:0a:43:c7:38:b0:e9:96:bb:05:b6:60:
c9:b3:10:92:c8:44:05:dd:4e:70:79:94:86:09:9a:
0b:02:db:97:8e:fa:80:64:57:dd:f8:eb:91:46:8a:
eb:50:1e:f4:5f:68:ba:36:da:29:87:a9:b7:a9:56:
a5:38:e1:16:36:98:8a:5b:fa:fe:38:c4:df:9f:e5:
59:fe:ed:86:42:67:11:cf:4a:ff:39:9d:b1:fe:4b:
a8:d5:52:0f:50:71:c8:81:e1:f8:74:2d:d2:3e:8f:
b4:88:58:6d:76:a3:91:1f:d0:e0:dc:63:90:e4:ee:
4f:04:f7:6a:36:cc:a0:74:c0:e7:94:59:1d:15:1e:
df:ea:b7:6a:2b:63:cf:2a:bf:b2:d6:7e:0f:c6:01:
4f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BF:20:CD:72:D4:DE:17:40:ED:98:B7:2D:8D:EC:9E:C0:54:8E:D4
X509v3 Authority Key Identifier:
keyid:D9:E1:01:9B:BE:11:B5:51:14:87:4C:96:17:16:EB:23:8A:11:CD:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2eEBm74RtVEUh0yWFxbrI4oRzU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/mb8gzXLU3hdA7Zi3LY3snsBUjtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/2eEBm74RtVEUh0yWFxbrI4oRzU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.144.0/24
Signature Algorithm: sha256WithRSAEncryption
17:a4:45:48:cd:cc:48:6c:b8:31:e0:f7:09:9e:a5:a3:6d:f2:
70:c1:ae:1f:0f:9f:a6:59:b1:e8:f1:f3:3e:43:56:67:9a:c8:
5b:09:dc:12:59:cd:74:57:e4:22:26:43:15:bf:35:0d:07:2a:
25:f2:0b:d9:17:2d:4a:70:29:84:a1:3d:83:c3:9c:0a:dd:cf:
7f:fa:2e:b6:42:e6:ae:87:89:01:63:91:cc:fa:bd:18:17:82:
76:f0:27:c1:db:26:b0:a3:b6:81:37:bb:20:12:d6:10:fa:4f:
da:6b:73:cf:dc:ad:27:45:62:67:7f:92:d6:95:8f:45:ae:f6:
85:2c:77:04:37:e5:8b:9c:db:fd:78:04:55:84:0d:06:5d:24:
80:5f:fa:20:84:6e:6c:8e:2d:01:a2:fb:b6:86:0c:8b:c0:dc:
20:14:00:43:43:fa:52:60:3d:25:98:b5:a3:81:b2:c2:45:27:
9a:34:1d:94:e2:2a:6f:0b:52:a3:f8:3c:65:c6:17:ed:2c:6d:
67:06:3c:d4:9a:c3:50:62:a9:48:87:d6:21:35:47:65:12:10:
50:1c:cd:3f:4b:dd:d8:35:fc:0c:20:79:6f:ab:37:f1:10:5f:
ad:85:59:42:ac:46:d7:2c:cb:d2:dd:18:31:8e:88:de:13:66:
a0:6c:35:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYczx6VS+p11MV05NT9lWQiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZTEwMTliYmUxMWI1NTExNDg3NGM5NjE3MTZlYjIzOGEx
MWNkNGUwHhcNMjMwMzMwMTgyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWJmMjBjZDcyZDRkZTE3NDBlZDk4YjcyZDhkZWM5ZWMwNTQ4ZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwE1iD1wN4HYRurfTm5G43iPmdfG
yDfoRfsdN/I0Mia3+XOOGHK5Ygi+RK30MeMhh+Eis8DmuXzBcdG9HdstaDZ8Bpbr
oovu321WU+9MqJSray3pyJrChHlnTwG573zoAw5I5ghYymDgDhy3CkPHOLDplrsF
tmDJsxCSyEQF3U5weZSGCZoLAtuXjvqAZFfd+OuRRorrUB70X2i6Ntoph6m3qVal
OOEWNpiKW/r+OMTfn+VZ/u2GQmcRz0r/OZ2x/kuo1VIPUHHIgeH4dC3SPo+0iFht
dqORH9Dg3GOQ5O5PBPdqNsygdMDnlFkdFR7f6rdqK2PPKr+y1n4PxgFP/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJm/IM1y1N4XQO2Yty2N7J7AVI7UMB8GA1UdIwQY
MBaAFNnhAZu+EbVRFIdMlhcW6yOKEc1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVFQm03NFJ0VkVVaDB5V0Z4YnJJNG9SelU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wZTE5ZmUtMGFkOS00OGUwLTliN2It
NDUyNTYxOTM1MDMxLzEvbWI4Z3pYTFUzaGRBN1ppM0xZM3Nuc0JVanRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8wZTE5ZmUtMGFkOS00OGUwLTliN2ItNDUyNTYxOTM1MDMx
LzEvMmVFQm03NFJ0VkVVaDB5V0Z4YnJJNG9SelU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZSQMA0G
CSqGSIb3DQEBCwUAA4IBAQAXpEVIzcxIbLgx4PcJnqWjbfJwwa4fD5+mWbHo8fM+
Q1ZnmshbCdwSWc10V+QiJkMVvzUNByol8gvZFy1KcCmEoT2Dw5wK3c9/+i62Quau
h4kBY5HM+r0YF4J28CfB2yawo7aBN7sgEtYQ+k/aa3PP3K0nRWJnf5LWlY9FrvaF
LHcEN+WLnNv9eARVhA0GXSSAX/oghG5sji0Bovu2hgyLwNwgFABDQ/pSYD0lmLWj
gbLCRSeaNB2U4ipvC1Kj+DxlxhftLG1nBjzUmsNQYqlIh9YhNUdlEhBQHM0/S93Y
NfwMIHlvqzfxEF+thVlCrEbXLMvS3RgxjojeE2agbDU8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:10 2025 by rpki-client