Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/3UtSHT9xSg2PSsd4dkqZ1qF7zUU.roa
File: 3UtSHT9xSg2PSsd4dkqZ1qF7zUU.roa (raw, json)
Hash identifier: /fXMa+YYIAezI6IRAJx6abxjmlG+DFvBYZII1V4sRGk=
Subject key identifier: DD:4B:52:1D:3F:71:4A:0D:8F:4A:C7:78:76:4A:99:D6:A1:7B:CD:45
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 01856EC2200D3736CF9AA04F7B17F6B18463
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/3UtSHT9xSg2PSsd4dkqZ1qF7zUU.roa
Signing time: Sun 01 Jan 2023 19:14:53 +0000
ROA not before: Sun 01 Jan 2023 19:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.117.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:20:0d:37:36:cf:9a:a0:4f:7b:17:f6:b1:84:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Jan 1 19:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd4b521d3f714a0d8f4ac778764a99d6a17bcd45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:19:ae:ef:a8:53:fa:1d:41:03:21:32:82:db:
ad:52:25:3e:14:ca:05:c6:6d:0a:90:56:aa:6c:c0:
f1:7a:a4:2f:b0:5a:7e:eb:97:b8:ac:1f:65:7a:61:
fc:5c:3e:b1:54:33:30:81:f2:22:e4:6d:8c:47:7d:
c3:5d:0a:9b:71:1e:b5:85:1b:b6:05:96:93:9a:be:
52:89:65:74:db:94:3b:90:9e:7b:18:2d:57:fd:ab:
5f:6e:77:33:5d:4d:9b:84:6e:71:1c:8f:2b:d3:f4:
2d:9b:7c:be:ef:ae:52:fb:a7:e0:aa:15:f5:09:04:
bc:37:33:68:5a:a4:a9:df:a0:1b:75:f2:6f:40:6b:
15:6f:01:c7:6e:50:f9:a6:08:c0:d7:f9:3d:4a:60:
ad:e8:09:1b:b9:95:5a:cf:ff:af:d2:08:dc:01:43:
13:f6:ce:13:75:09:9d:11:c2:4b:87:b8:91:1b:a8:
5b:74:99:e9:a1:2f:b4:d8:11:56:13:e6:cd:41:b5:
7a:0e:1f:6d:d2:74:16:82:52:c7:91:0b:f9:05:9a:
62:84:9c:35:c4:ad:2c:83:a9:4c:af:21:8b:15:80:
3d:b2:45:18:7e:eb:79:e4:35:a7:7b:38:ca:bc:58:
2d:8d:82:eb:c6:64:32:4b:56:60:30:65:f6:72:84:
05:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4B:52:1D:3F:71:4A:0D:8F:4A:C7:78:76:4A:99:D6:A1:7B:CD:45
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/3UtSHT9xSg2PSsd4dkqZ1qF7zUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.225.0/24
Signature Algorithm: sha256WithRSAEncryption
28:0a:1d:98:16:0c:0c:3d:5c:95:bd:1e:08:12:71:de:61:9c:
e8:48:5f:4e:3a:1c:44:8e:97:58:95:8e:88:cc:97:f3:8e:48:
60:9b:5f:76:77:c1:12:4e:53:f9:b5:d1:9f:19:a5:7a:35:73:
92:03:40:7d:d9:9b:e1:b6:56:3d:69:de:93:07:2d:48:df:e6:
0a:ef:95:b0:b1:83:76:81:22:81:13:79:54:bd:2d:6f:7b:ab:
d8:d6:4b:d7:58:df:10:c9:84:df:db:82:20:6e:4e:ea:d6:31:
da:33:c0:d3:12:8c:ff:be:c0:d0:d5:e5:1b:d4:a8:dc:37:13:
75:d8:7e:e4:b9:02:f1:d2:5d:54:fb:d2:86:1d:3c:99:87:10:
ff:8f:11:63:8c:17:24:f9:95:bc:c1:80:1a:fa:15:e0:74:af:
c7:f5:cb:c2:a4:9f:b6:6f:b8:5a:c2:4e:58:55:0c:15:a1:61:
e0:f4:96:15:7a:16:f6:fa:3e:47:37:f1:5a:9f:fa:ca:22:c4:
5d:d4:02:e3:9b:5f:32:fc:5e:ec:82:de:2b:4c:3a:fe:ef:a7:
3a:64:5c:56:78:2d:1e:fc:94:64:9e:2e:61:4f:3d:8f:e1:11:
af:4e:f4:9c:d1:10:11:20:1f:e7:84:1f:87:13:a6:25:07:b9:
85:b1:88:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwiANNzbPmqBPexf2sYRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjMwMTAxMTkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDRiNTIxZDNmNzE0YTBkOGY0YWM3Nzg3NjRhOTlkNmExN2JjZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBmu76hT+h1BAyEygtutUiU+FMoF
xm0KkFaqbMDxeqQvsFp+65e4rB9lemH8XD6xVDMwgfIi5G2MR33DXQqbcR61hRu2
BZaTmr5SiWV025Q7kJ57GC1X/atfbnczXU2bhG5xHI8r0/Qtm3y+765S+6fgqhX1
CQS8NzNoWqSp36AbdfJvQGsVbwHHblD5pgjA1/k9SmCt6AkbuZVaz/+v0gjcAUMT
9s4TdQmdEcJLh7iRG6hbdJnpoS+02BFWE+bNQbV6Dh9t0nQWglLHkQv5BZpihJw1
xK0sg6lMryGLFYA9skUYfut55DWnezjKvFgtjYLrxmQyS1ZgMGX2coQFVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1LUh0/cUoNj0rHeHZKmdahe81FMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvM1V0U0hUOXhTZzJQU3NkNGRrcVoxcUY3elVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXXhMA0G
CSqGSIb3DQEBCwUAA4IBAQAoCh2YFgwMPVyVvR4IEnHeYZzoSF9OOhxEjpdYlY6I
zJfzjkhgm192d8ESTlP5tdGfGaV6NXOSA0B92ZvhtlY9ad6TBy1I3+YK75WwsYN2
gSKBE3lUvS1ve6vY1kvXWN8QyYTf24Igbk7q1jHaM8DTEoz/vsDQ1eUb1KjcNxN1
2H7kuQLx0l1U+9KGHTyZhxD/jxFjjBck+ZW8wYAa+hXgdK/H9cvCpJ+2b7hawk5Y
VQwVoWHg9JYVehb2+j5HN/Fan/rKIsRd1ALjm18y/F7sgt4rTDr+76c6ZFxWeC0e
/JRkni5hTz2P4RGvTvSc0RARIB/nhB+HE6YlB7mFsYin
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:17 2025 by rpki-client