Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/N_g5zU-Gnx2t7xevWNj-6MnreJ0.roa
File: N_g5zU-Gnx2t7xevWNj-6MnreJ0.roa (raw, json)
Hash identifier: 6DH5j2uPXqJZvP7W/n1ABqAxFCpHSLesyiFDAH4wk24=
Subject key identifier: 37:F8:39:CD:4F:86:9F:1D:AD:EF:17:AF:58:D8:FE:E8:C9:EB:78:9D
Certificate issuer: /CN=22d028f1ba3cefb0debd51be9dac68c9ce56c3d5
Certificate serial: 01856F5489C6D24E321A6FE739650CC5F7FD
Authority key identifier: 22:D0:28:F1:BA:3C:EF:B0:DE:BD:51:BE:9D:AC:68:C9:CE:56:C3:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItAo8bo877DevVG-naxoyc5Ww9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/N_g5zU-Gnx2t7xevWNj-6MnreJ0.roa
Signing time: Sun 01 Jan 2023 21:54:49 +0000
ROA not before: Sun 01 Jan 2023 21:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201901
IP address blocks: 185.204.184.0/24 maxlen: 24
2a0e:c940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:89:c6:d2:4e:32:1a:6f:e7:39:65:0c:c5:f7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22d028f1ba3cefb0debd51be9dac68c9ce56c3d5
Validity
Not Before: Jan 1 21:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37f839cd4f869f1dadef17af58d8fee8c9eb789d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fd:39:c3:9e:6d:49:0c:11:01:ab:9b:bc:f5:
b7:0a:62:13:af:24:47:ed:01:55:59:f4:de:ca:7d:
7e:33:1f:ef:9f:6a:f8:6a:ba:ed:53:56:a9:f7:87:
f9:92:43:e7:f8:8b:7a:e1:b3:a2:c4:2c:db:ea:06:
05:0a:d1:10:16:23:ec:91:50:4f:a0:cf:98:2c:87:
3a:4c:a8:f5:dc:8a:37:e9:a5:25:ef:73:2e:44:94:
2a:c0:78:97:12:4c:2b:45:fe:cc:e7:aa:e2:b5:0d:
b4:14:9d:51:35:aa:5e:90:94:6a:da:c0:04:29:b1:
91:91:38:f6:65:85:f7:e1:eb:53:e1:91:9e:90:37:
b7:af:01:95:e8:11:97:a9:0e:5b:bc:9a:c3:ea:4b:
53:a1:ce:66:5c:bc:ac:9e:28:0d:76:bc:5f:f1:1d:
0c:1e:ce:43:33:e1:bb:75:f7:36:84:02:6a:94:8f:
10:e6:e9:37:37:5f:8c:a5:33:88:df:9e:8e:56:ee:
26:0e:8e:1b:65:60:a2:3f:db:f1:6c:ff:06:2c:3e:
e1:85:7b:3b:64:c3:2a:bd:41:24:a0:9a:7b:d1:9a:
b9:65:c4:4f:2a:4c:a9:6f:7e:ae:2f:68:f3:63:73:
b1:9b:9e:38:96:76:d6:95:10:78:c9:82:45:ff:90:
a3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F8:39:CD:4F:86:9F:1D:AD:EF:17:AF:58:D8:FE:E8:C9:EB:78:9D
X509v3 Authority Key Identifier:
keyid:22:D0:28:F1:BA:3C:EF:B0:DE:BD:51:BE:9D:AC:68:C9:CE:56:C3:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItAo8bo877DevVG-naxoyc5Ww9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/N_g5zU-Gnx2t7xevWNj-6MnreJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/ItAo8bo877DevVG-naxoyc5Ww9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.184.0/24
IPv6:
2a0e:c940::/29
Signature Algorithm: sha256WithRSAEncryption
af:db:8c:02:97:93:46:12:17:7b:8c:eb:f0:15:98:f1:27:71:
ad:04:01:02:78:61:be:b3:a8:27:f0:47:d5:fd:55:89:ce:4f:
2b:e7:ed:50:c4:f9:93:f1:6c:c4:3e:aa:8f:98:be:c7:2a:db:
b0:48:22:f7:be:80:bb:a0:1c:fe:6c:7a:68:56:63:23:59:83:
c1:fc:9e:db:f8:de:94:b8:59:d2:a5:70:ee:25:0a:ec:2e:aa:
44:36:4c:9f:b0:0b:63:66:8f:2c:0b:b6:4b:11:88:d4:d4:5a:
45:4f:30:15:e4:bd:3e:ed:fa:0f:2a:36:ee:06:56:b4:e7:12:
10:42:66:51:ab:68:61:e5:b8:23:3c:5b:27:37:e5:7f:27:fe:
b3:f0:4e:f7:5e:3f:07:ea:b0:08:25:f2:54:a1:f1:a6:19:db:
cd:c8:aa:14:57:36:e7:c8:0c:f4:2d:58:64:5d:07:65:5f:e4:
53:2b:ad:bc:27:8d:3b:20:06:bb:63:1d:82:87:e8:08:d3:84:
5b:c2:f3:ea:2f:37:ab:07:74:52:f6:0c:a9:74:5f:c1:72:e3:
da:ba:bb:79:2c:07:7d:04:95:2a:27:2c:71:28:34:ff:d5:46:
1e:ff:96:a6:a2:02:99:02:59:ed:03:7f:37:50:10:ef:ef:e7:
37:92:26:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvVInG0k4yGm/nOWUMxff9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZDAyOGYxYmEzY2VmYjBkZWJkNTFiZTlkYWM2OGM5Y2U1
NmMzZDUwHhcNMjMwMTAxMjE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y4MzljZDRmODY5ZjFkYWRlZjE3YWY1OGQ4ZmVlOGM5ZWI3ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv05w55tSQwRAaubvPW3CmITryRH
7QFVWfTeyn1+Mx/vn2r4arrtU1ap94f5kkPn+It64bOixCzb6gYFCtEQFiPskVBP
oM+YLIc6TKj13Io36aUl73MuRJQqwHiXEkwrRf7M56ritQ20FJ1RNapekJRq2sAE
KbGRkTj2ZYX34etT4ZGekDe3rwGV6BGXqQ5bvJrD6ktToc5mXLysnigNdrxf8R0M
Hs5DM+G7dfc2hAJqlI8Q5uk3N1+MpTOI356OVu4mDo4bZWCiP9vxbP8GLD7hhXs7
ZMMqvUEkoJp70Zq5ZcRPKkypb36uL2jzY3Oxm544lnbWlRB4yYJF/5CjMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDf4Oc1Php8dre8Xr1jY/ujJ63idMB8GA1UdIwQY
MBaAFCLQKPG6PO+w3r1Rvp2saMnOVsPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXRBbzhibzg3N0RldlZHLW5heG95YzVXdzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82M2E0MDItYTU2YS00YTg5LWE3NDUt
OTQ2ODE3YjU5MTQ4LzEvTl9nNXpVLUdueDJ0N3hldldOai02TW5yZUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS82M2E0MDItYTU2YS00YTg5LWE3NDUtOTQ2ODE3YjU5MTQ4
LzEvSXRBbzhibzg3N0RldlZHLW5heG95YzVXdzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucy4MA0E
AgACMAcDBQMqDslAMA0GCSqGSIb3DQEBCwUAA4IBAQCv24wCl5NGEhd7jOvwFZjx
J3GtBAECeGG+s6gn8EfV/VWJzk8r5+1QxPmT8WzEPqqPmL7HKtuwSCL3voC7oBz+
bHpoVmMjWYPB/J7b+N6UuFnSpXDuJQrsLqpENkyfsAtjZo8sC7ZLEYjU1FpFTzAV
5L0+7foPKjbuBla05xIQQmZRq2hh5bgjPFsnN+V/J/6z8E73Xj8H6rAIJfJUofGm
GdvNyKoUVzbnyAz0LVhkXQdlX+RTK628J407IAa7Yx2Ch+gI04RbwvPqLzerB3RS
9gypdF/BcuPaurt5LAd9BJUqJyxxKDT/1UYe/5amogKZAlntA383UBDv7+c3kiZv
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:43:54 2025 by rpki-client