Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/uTrI8XTbggnxqHoczSdKewzQ6Uk.roa
File: uTrI8XTbggnxqHoczSdKewzQ6Uk.roa (raw, json)
Hash identifier: ivkXVfrS3D1sJXxEDcW8Nn2OVseRUCH4SxnMHcZrtwc=
Subject key identifier: B9:3A:C8:F1:74:DB:82:09:F1:A8:7A:1C:CD:27:4A:7B:0C:D0:E9:49
Certificate issuer: /CN=38728e9bd37399df9ffae587bd06884b350a65b7
Certificate serial: 01856EC1FAE2B1DB5EC3B1D0CDDC64BC62E5
Authority key identifier: 38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/uTrI8XTbggnxqHoczSdKewzQ6Uk.roa
Signing time: Sun 01 Jan 2023 19:14:44 +0000
ROA not before: Sun 01 Jan 2023 19:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20495
IP address blocks: 185.184.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:fa:e2:b1:db:5e:c3:b1:d0:cd:dc:64:bc:62:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38728e9bd37399df9ffae587bd06884b350a65b7
Validity
Not Before: Jan 1 19:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b93ac8f174db8209f1a87a1ccd274a7b0cd0e949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ce:1c:3f:6e:bf:ef:a6:eb:44:54:88:fb:df:
8a:f1:75:89:3b:59:8a:b6:19:c7:3e:e1:96:d4:f1:
5a:c4:f1:8e:40:fe:0e:52:ae:07:00:5e:59:cf:14:
cb:93:35:45:fa:14:82:f3:af:fd:38:42:f3:61:7d:
67:60:08:cc:ca:bf:3b:c7:68:9e:61:7c:29:4a:83:
73:6c:a0:97:8f:c1:84:d2:35:4d:da:e5:ef:ba:55:
c1:d7:c8:1e:68:96:f4:00:e4:d8:62:9a:82:ab:d1:
ee:cb:bb:21:90:8a:13:82:02:5c:87:9d:53:bb:9a:
ab:8a:f4:e9:45:59:50:87:b0:d1:1a:ed:9d:d4:1c:
d6:d0:d3:ed:d9:66:ed:56:ae:4b:1a:6e:6d:34:f4:
fe:70:88:2c:1f:dc:c5:4c:45:0e:37:2a:fa:46:42:
db:91:d9:2f:70:48:b5:15:47:66:f5:c3:d3:52:75:
94:a4:ab:9d:88:3a:cf:d0:9f:9f:a8:e9:dd:39:d5:
76:4a:dd:dc:88:c6:e6:cf:50:00:21:47:b5:d5:6a:
5e:39:e5:85:a0:aa:1b:47:1d:f4:17:00:23:e0:02:
51:5d:33:e9:4c:9f:43:48:71:30:e8:48:d4:1c:fb:
43:8c:6a:1a:05:73:70:a3:f7:df:0d:d9:bc:02:e3:
87:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3A:C8:F1:74:DB:82:09:F1:A8:7A:1C:CD:27:4A:7B:0C:D0:E9:49
X509v3 Authority Key Identifier:
keyid:38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/uTrI8XTbggnxqHoczSdKewzQ6Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.108.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:d6:83:ea:e3:ed:e1:17:f7:a9:bf:82:03:0d:0e:0c:2e:e1:
15:91:90:3b:4b:e1:ac:4d:c3:4f:f1:a6:ce:0a:9a:b4:64:02:
1b:4c:f0:e3:08:e9:e8:e1:e9:d7:37:0b:07:a0:2b:09:d2:9a:
ab:b3:38:ed:ec:be:43:54:7a:b9:19:24:7e:b8:90:1b:56:92:
6d:a6:2e:3a:25:6d:77:59:92:be:db:0d:14:a3:22:cc:13:19:
b0:98:f3:74:c6:d2:85:a3:c3:d1:58:2c:f4:12:ab:db:08:38:
bb:0c:bd:85:57:6a:45:3e:e5:48:50:80:d9:0c:f6:2b:8c:6b:
ba:6f:68:0f:e1:a2:bc:ad:ef:6a:a7:82:cf:18:85:0a:b7:fb:
48:7e:77:e6:d8:7c:59:b2:4b:e2:a4:d9:e3:0a:ed:0f:d6:39:
40:03:fc:7b:6c:b1:b7:eb:82:ef:b9:6f:0d:2e:1a:4f:1d:87:
ca:a8:dc:c1:29:b0:58:e1:94:83:19:cc:37:ff:1f:b2:71:b3:
34:f3:f1:56:52:d9:0f:eb:8a:09:fd:76:cf:fc:85:94:9e:e7:
b0:b9:8a:6f:2e:79:34:98:c7:52:0f:14:f3:c7:b4:c3:89:a8:
42:e4:92:ba:f5:e9:db:ee:fe:f0:3c:49:ff:a0:ca:87:b9:0b:
44:fb:67:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwfrisdtew7HQzdxkvGLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NzI4ZTliZDM3Mzk5ZGY5ZmZhZTU4N2JkMDY4ODRiMzUw
YTY1YjcwHhcNMjMwMTAxMTkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTNhYzhmMTc0ZGI4MjA5ZjFhODdhMWNjZDI3NGE3YjBjZDBlOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn84cP26/76brRFSI+9+K8XWJO1mK
thnHPuGW1PFaxPGOQP4OUq4HAF5ZzxTLkzVF+hSC86/9OELzYX1nYAjMyr87x2ie
YXwpSoNzbKCXj8GE0jVN2uXvulXB18geaJb0AOTYYpqCq9Huy7shkIoTggJch51T
u5qrivTpRVlQh7DRGu2d1BzW0NPt2WbtVq5LGm5tNPT+cIgsH9zFTEUONyr6RkLb
kdkvcEi1FUdm9cPTUnWUpKudiDrP0J+fqOndOdV2St3ciMbmz1AAIUe11WpeOeWF
oKobRx30FwAj4AJRXTPpTJ9DSHEw6EjUHPtDjGoaBXNwo/ffDdm8AuOHeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLk6yPF024IJ8ah6HM0nSnsM0OlJMB8GA1UdIwQY
MBaAFDhyjpvTc5nfn/rlh70GiEs1CmW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzIt
ZjhjZmEzM2Q2ODRlLzEvdVRySThYVGJnZ254cUhvY3pTZEtld3pRNlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzItZjhjZmEzM2Q2ODRl
LzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubhsMA0G
CSqGSIb3DQEBCwUAA4IBAQBt1oPq4+3hF/epv4IDDQ4MLuEVkZA7S+GsTcNP8abO
Cpq0ZAIbTPDjCOno4enXNwsHoCsJ0pqrszjt7L5DVHq5GSR+uJAbVpJtpi46JW13
WZK+2w0UoyLMExmwmPN0xtKFo8PRWCz0EqvbCDi7DL2FV2pFPuVIUIDZDPYrjGu6
b2gP4aK8re9qp4LPGIUKt/tIfnfm2HxZskvipNnjCu0P1jlAA/x7bLG364LvuW8N
LhpPHYfKqNzBKbBY4ZSDGcw3/x+ycbM08/FWUtkP64oJ/XbP/IWUnuewuYpvLnk0
mMdSDxTzx7TDiahC5JK69enb7v7wPEn/oMqHuQtE+2dp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:10 2025 by rpki-client