Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/D-8OsMbMzb3c80q9HnTzQQ-MUks.roa
File: D-8OsMbMzb3c80q9HnTzQQ-MUks.roa (raw, json)
Hash identifier: yilO5cZrgi7v2z4E7Zbh1iXo9/gtCmxcVHrowXypD64=
Subject key identifier: 0F:EF:0E:B0:C6:CC:CD:BD:DC:F3:4A:BD:1E:74:F3:41:0F:8C:52:4B
Certificate issuer: /CN=4020199044c54c237903f656f83b2640c2d1df45
Certificate serial: 0184E1EB5BCE0C3E002B42666ED15BB1A3F0
Authority key identifier: 40:20:19:90:44:C5:4C:23:79:03:F6:56:F8:3B:26:40:C2:D1:DF:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCAZkETFTCN5A_ZW-DsmQMLR30U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/D-8OsMbMzb3c80q9HnTzQQ-MUks.roa
Signing time: Mon 05 Dec 2022 10:53:28 +0000
ROA not before: Mon 05 Dec 2022 10:53:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49175
IP address blocks: 185.138.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:eb:5b:ce:0c:3e:00:2b:42:66:6e:d1:5b:b1:a3:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4020199044c54c237903f656f83b2640c2d1df45
Validity
Not Before: Dec 5 10:53:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fef0eb0c6cccdbddcf34abd1e74f3410f8c524b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b8:85:3d:a8:c3:c1:c2:6f:c7:a3:34:76:83:
4d:e0:31:ef:c8:10:fe:e4:2f:12:53:05:7e:c0:2e:
b2:d3:eb:92:2d:6f:0b:82:4f:cf:7d:1a:f9:65:df:
96:09:a4:b8:46:93:08:d7:a6:2a:ba:ba:71:90:a8:
a5:ef:d7:61:10:47:05:b1:78:3b:f5:7f:af:e6:35:
47:e6:42:c8:cd:bb:0d:ac:2f:38:1f:e6:95:da:e6:
1b:d4:43:bd:c4:7d:3b:c1:ba:ff:de:89:5b:f0:57:
9a:2e:72:f7:bc:97:0a:78:97:3e:16:e7:ad:06:10:
76:23:9a:dd:07:82:06:78:2f:13:19:2f:21:41:20:
95:f9:53:51:1f:33:d6:a8:04:46:34:15:b7:31:58:
15:57:13:ca:09:04:f7:f0:1c:32:37:0c:4c:62:67:
8c:7c:c6:ee:d3:52:68:8d:28:ed:8b:6b:03:2f:6a:
01:3f:4e:e0:a4:18:54:3f:b1:bc:3b:b2:2a:ef:fb:
b6:a9:1a:9d:ad:42:9e:c7:02:5c:ca:a9:48:c5:e3:
89:8a:0d:25:a1:b9:1d:26:f9:24:93:fc:d7:52:64:
01:cd:c7:ba:d5:63:89:50:8a:c8:a0:85:2e:48:4c:
46:29:aa:30:1e:62:4c:f4:0e:88:36:83:21:0e:5a:
b7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EF:0E:B0:C6:CC:CD:BD:DC:F3:4A:BD:1E:74:F3:41:0F:8C:52:4B
X509v3 Authority Key Identifier:
keyid:40:20:19:90:44:C5:4C:23:79:03:F6:56:F8:3B:26:40:C2:D1:DF:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCAZkETFTCN5A_ZW-DsmQMLR30U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/D-8OsMbMzb3c80q9HnTzQQ-MUks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/QCAZkETFTCN5A_ZW-DsmQMLR30U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.84.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b6:4f:ce:26:ab:96:c0:88:0e:5a:c9:ae:9e:73:db:a5:0f:
e1:41:b1:67:58:9c:44:6d:93:52:2e:f2:cb:d9:fe:53:98:55:
d1:a4:41:1a:aa:16:29:d1:7f:80:00:61:19:91:4c:65:ef:ab:
0a:14:c9:45:06:84:46:8c:c4:d6:5d:3c:f5:12:e7:fd:5f:56:
32:1e:59:c9:ce:61:3d:66:1a:a3:7f:d8:57:5f:92:7c:71:d1:
27:7f:70:f1:33:96:46:7e:e8:8c:b2:4e:b1:95:63:01:9a:f0:
3a:90:00:d6:0b:79:7c:0d:cf:b7:7f:25:31:e0:5d:17:81:03:
10:b6:c7:31:a5:76:02:83:88:b1:74:ba:40:22:31:16:03:ab:
a1:eb:42:62:c0:e6:a9:23:9a:a0:e9:3b:ba:bc:10:7c:73:0b:
ec:82:6a:c5:a8:08:fb:8c:72:2e:bb:4c:b1:6f:0e:44:ac:0d:
5d:41:fa:06:89:b5:85:4d:f2:da:8f:47:fc:77:14:75:0e:65:
7d:8e:64:b3:ca:24:ba:d8:a1:94:b2:8a:38:12:79:c5:5e:42:
c4:68:95:0a:e0:be:99:87:92:ec:50:72:a7:dc:3c:87:c3:1a:
26:6f:0a:23:a6:50:17:0d:ab:8e:fe:19:96:b8:b0:88:42:24:
42:2c:a9:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTh61vODD4AK0JmbtFbsaPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjAxOTkwNDRjNTRjMjM3OTAzZjY1NmY4M2IyNjQwYzJk
MWRmNDUwHhcNMjIxMjA1MTA1MzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVmMGViMGM2Y2NjZGJkZGNmMzRhYmQxZTc0ZjM0MTBmOGM1MjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLiFPajDwcJvx6M0doNN4DHvyBD+
5C8SUwV+wC6y0+uSLW8Lgk/PfRr5Zd+WCaS4RpMI16YqurpxkKil79dhEEcFsXg7
9X+v5jVH5kLIzbsNrC84H+aV2uYb1EO9xH07wbr/3olb8FeaLnL3vJcKeJc+Fuet
BhB2I5rdB4IGeC8TGS8hQSCV+VNRHzPWqARGNBW3MVgVVxPKCQT38BwyNwxMYmeM
fMbu01JojSjti2sDL2oBP07gpBhUP7G8O7Iq7/u2qRqdrUKexwJcyqlIxeOJig0l
obkdJvkkk/zXUmQBzce61WOJUIrIoIUuSExGKaowHmJM9A6INoMhDlq3owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/vDrDGzM293PNKvR5080EPjFJLMB8GA1UdIwQY
MBaAFEAgGZBExUwjeQP2Vvg7JkDC0d9FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNBWmtFVEZUQ041QV9aVy1Ec21RTUxSMzBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80YmEwZGMtNDcwMi00N2MxLWJhOWUt
NGI3NTBiYmM2MTY3LzEvRC04T3NNYk16YjNjODBxOUhuVHpRUS1NVWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80YmEwZGMtNDcwMi00N2MxLWJhOWUtNGI3NTBiYmM2MTY3
LzEvUUNBWmtFVEZUQ041QV9aVy1Ec21RTUxSMzBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYpUMA0G
CSqGSIb3DQEBCwUAA4IBAQAetk/OJquWwIgOWsmunnPbpQ/hQbFnWJxEbZNSLvLL
2f5TmFXRpEEaqhYp0X+AAGEZkUxl76sKFMlFBoRGjMTWXTz1Euf9X1YyHlnJzmE9
Zhqjf9hXX5J8cdEnf3DxM5ZGfuiMsk6xlWMBmvA6kADWC3l8Dc+3fyUx4F0XgQMQ
tscxpXYCg4ixdLpAIjEWA6uh60JiwOapI5qg6Tu6vBB8cwvsgmrFqAj7jHIuu0yx
bw5ErA1dQfoGibWFTfLaj0f8dxR1DmV9jmSzyiS62KGUsoo4EnnFXkLEaJUK4L6Z
h5LsUHKn3DyHwxombwojplAXDauO/hmWuLCIQiRCLKkF
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:35:39 2025 by rpki-client