Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/DIdjj8WF5Cop1k-3RHG3QdJANwQ.roa
File: DIdjj8WF5Cop1k-3RHG3QdJANwQ.roa (raw, json)
Hash identifier: qPZ9UDcGsI5+v3GOZKioXjkN6C4KwLP6sxBOzFvRtv0=
Subject key identifier: 0C:87:63:8F:C5:85:E4:2A:29:D6:4F:B7:44:71:B7:41:D2:40:37:04
Certificate issuer: /CN=420387c94134d9a08ffd32630967703adc582b6c
Certificate serial: 018570DE445E1C3E88424BD39BD50BD36B36
Authority key identifier: 42:03:87:C9:41:34:D9:A0:8F:FD:32:63:09:67:70:3A:DC:58:2B:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgOHyUE02aCP_TJjCWdwOtxYK2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/DIdjj8WF5Cop1k-3RHG3QdJANwQ.roa
Signing time: Mon 02 Jan 2023 05:04:52 +0000
ROA not before: Mon 02 Jan 2023 05:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207101
IP address blocks: 185.186.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:44:5e:1c:3e:88:42:4b:d3:9b:d5:0b:d3:6b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=420387c94134d9a08ffd32630967703adc582b6c
Validity
Not Before: Jan 2 05:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c87638fc585e42a29d64fb74471b741d2403704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:22:a8:da:32:28:b4:e0:f8:10:e9:5d:0b:ea:
83:37:75:87:37:63:d8:f8:21:52:ee:d9:38:01:8e:
f2:1c:58:59:ec:2e:33:a1:03:7a:2b:83:e3:65:41:
14:41:70:1f:1f:76:5c:8e:17:8c:c9:02:c7:50:84:
42:fa:e2:14:17:19:66:bc:6e:5d:37:22:2d:d2:ff:
72:7f:a1:a7:69:f3:11:5b:78:9b:20:6b:01:cf:33:
e0:a9:81:30:b3:54:58:cf:fd:97:57:86:60:b6:a0:
ba:27:d3:36:16:9f:d3:94:b0:7c:a1:00:00:b0:5e:
03:0b:bf:1c:de:81:70:4d:35:b9:e5:9b:e2:02:6e:
e9:ee:d3:72:9d:8f:54:dd:dc:db:dd:a6:29:55:d1:
3e:e4:36:e3:e9:41:ec:8a:e9:4e:99:bb:99:cf:6c:
3a:1e:10:98:e8:5f:7f:bb:7f:c5:94:ea:6f:f1:80:
2c:53:ed:26:22:9b:9b:22:6e:9b:d4:c6:d7:22:92:
6d:c6:b2:a5:17:e5:6b:1d:8a:84:6d:29:41:0e:a5:
61:89:59:54:c1:61:bc:34:83:80:2d:0d:df:a9:6d:
15:75:c7:29:50:1a:4a:1f:3d:9a:a3:a3:22:f5:cc:
2b:6e:18:b1:36:18:a1:19:59:9b:6e:48:22:b6:2b:
cf:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:87:63:8F:C5:85:E4:2A:29:D6:4F:B7:44:71:B7:41:D2:40:37:04
X509v3 Authority Key Identifier:
keyid:42:03:87:C9:41:34:D9:A0:8F:FD:32:63:09:67:70:3A:DC:58:2B:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgOHyUE02aCP_TJjCWdwOtxYK2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/DIdjj8WF5Cop1k-3RHG3QdJANwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a38a87-0159-490e-b69c-376f4b4d9da6/1/QgOHyUE02aCP_TJjCWdwOtxYK2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.39.0/24
Signature Algorithm: sha256WithRSAEncryption
44:01:c5:5b:97:24:ef:06:25:24:27:27:44:a9:ee:18:b7:42:
3d:93:cb:6c:68:2b:bc:af:a3:34:65:f1:6b:af:b5:74:4e:69:
57:70:26:97:50:a3:71:94:16:95:23:b8:72:ed:07:93:a7:aa:
7a:7a:a2:5f:7c:5b:09:25:52:f0:df:70:c4:b3:15:2b:f3:ee:
84:7e:d9:26:df:51:80:a2:9a:87:0c:10:49:1d:04:5a:d7:e9:
59:3b:07:a4:21:96:5d:0e:a5:c2:2e:6c:51:58:db:a0:92:5f:
3c:0a:2b:6a:45:68:f1:7c:81:6a:ac:d2:42:4d:90:de:fd:b8:
43:80:5c:c5:3b:40:c6:79:e9:64:cd:67:4b:e1:36:43:0c:12:
98:5d:c2:3b:8b:c7:c6:fe:03:b4:83:aa:84:d5:77:07:c0:09:
33:1a:c6:aa:e9:bb:4e:82:d5:ff:33:49:53:4b:7b:a1:5e:b3:
3f:85:d2:bf:58:bb:9c:ec:16:b2:e5:39:27:37:a5:b8:64:d4:
8f:56:ea:06:51:1e:d6:86:a5:b1:f2:ea:33:af:7f:e3:3a:76:
d5:c0:01:d8:2d:12:18:2c:04:c4:8f:43:57:b1:fd:e7:78:f8:
5f:e4:85:0b:60:da:48:ed:28:08:ce:ec:50:57:21:10:29:da:
06:90:5e:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3kReHD6IQkvTm9UL02s2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDM4N2M5NDEzNGQ5YTA4ZmZkMzI2MzA5Njc3MDNhZGM1
ODJiNmMwHhcNMjMwMTAyMDUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg3NjM4ZmM1ODVlNDJhMjlkNjRmYjc0NDcxYjc0MWQyNDAzNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSKo2jIotOD4EOldC+qDN3WHN2PY
+CFS7tk4AY7yHFhZ7C4zoQN6K4PjZUEUQXAfH3ZcjheMyQLHUIRC+uIUFxlmvG5d
NyIt0v9yf6GnafMRW3ibIGsBzzPgqYEws1RYz/2XV4ZgtqC6J9M2Fp/TlLB8oQAA
sF4DC78c3oFwTTW55ZviAm7p7tNynY9U3dzb3aYpVdE+5Dbj6UHsiulOmbuZz2w6
HhCY6F9/u3/FlOpv8YAsU+0mIpubIm6b1MbXIpJtxrKlF+VrHYqEbSlBDqVhiVlU
wWG8NIOALQ3fqW0VdccpUBpKHz2ao6Mi9cwrbhixNhihGVmbbkgitivPbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyHY4/FheQqKdZPt0Rxt0HSQDcEMB8GA1UdIwQY
MBaAFEIDh8lBNNmgj/0yYwlncDrcWCtsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdPSHlVRTAyYUNQX1RKakNXZHdPdHhZSzJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hMzhhODctMDE1OS00OTBlLWI2OWMt
Mzc2ZjRiNGQ5ZGE2LzEvRElkamo4V0Y1Q29wMWstM1JIRzNRZEpBTndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hMzhhODctMDE1OS00OTBlLWI2OWMtMzc2ZjRiNGQ5ZGE2
LzEvUWdPSHlVRTAyYUNQX1RKakNXZHdPdHhZSzJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubonMA0G
CSqGSIb3DQEBCwUAA4IBAQBEAcVblyTvBiUkJydEqe4Yt0I9k8tsaCu8r6M0ZfFr
r7V0TmlXcCaXUKNxlBaVI7hy7QeTp6p6eqJffFsJJVLw33DEsxUr8+6Eftkm31GA
opqHDBBJHQRa1+lZOwekIZZdDqXCLmxRWNugkl88CitqRWjxfIFqrNJCTZDe/bhD
gFzFO0DGeelkzWdL4TZDDBKYXcI7i8fG/gO0g6qE1XcHwAkzGsaq6btOgtX/M0lT
S3uhXrM/hdK/WLuc7Bay5TknN6W4ZNSPVuoGUR7WhqWx8uozr3/jOnbVwAHYLRIY
LATEj0NXsf3nePhf5IULYNpI7SgIzuxQVyEQKdoGkF7Z
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:34 2025 by rpki-client