Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/c0e6a2-8b20-4480-a8ab-b388c5770e04/1/DyB9ojimg-hs6OK5wIK-ABUSMzg.roa
File: DyB9ojimg-hs6OK5wIK-ABUSMzg.roa (raw, json)
Hash identifier: x1M7Wb1pHtV4QM/h2wSCzgT2v3CjJTjlaYZQ/sahB1k=
Subject key identifier: 0F:20:7D:A2:38:A6:83:E8:6C:E8:E2:B9:C0:82:BE:00:15:12:33:38
Certificate issuer: /CN=4e644e2983c5c504d800f2d0582b182ebabf2487
Certificate serial: 0187B34DA6688A44144D0901772329E16C32
Authority key identifier: 4E:64:4E:29:83:C5:C5:04:D8:00:F2:D0:58:2B:18:2E:BA:BF:24:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TmROKYPFxQTYAPLQWCsYLrq_JIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/c0e6a2-8b20-4480-a8ab-b388c5770e04/1/DyB9ojimg-hs6OK5wIK-ABUSMzg.roa
Signing time: Mon 24 Apr 2023 12:47:03 +0000
ROA not before: Mon 24 Apr 2023 12:47:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 185.135.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:4d:a6:68:8a:44:14:4d:09:01:77:23:29:e1:6c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e644e2983c5c504d800f2d0582b182ebabf2487
Validity
Not Before: Apr 24 12:47:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f207da238a683e86ce8e2b9c082be0015123338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:02:22:ae:7f:1b:18:d9:c2:6b:5b:60:56:
dd:fe:7e:b1:4b:2c:34:9e:0f:52:81:6e:35:bb:20:
85:ba:2e:58:7c:0f:5a:18:fb:fd:3b:ac:6d:e4:7d:
27:04:a8:52:b1:c0:0f:6b:8b:c4:4b:67:90:4b:fc:
25:9c:db:92:b9:ee:4e:8d:74:f4:2a:06:31:7e:73:
d9:8f:e5:6b:69:f4:69:6e:dc:66:8f:3e:0b:e4:7a:
3a:ce:9b:af:d5:d0:d2:7f:d9:f6:65:87:49:0d:90:
83:2c:fb:35:65:69:8d:3b:f2:77:ab:0b:f7:8d:ee:
af:8c:65:db:48:93:d9:07:ac:5a:0d:ea:da:27:aa:
d0:f2:65:a5:8d:46:2f:4f:bc:59:8e:80:a3:d7:50:
2c:1d:a4:55:2f:55:15:ad:b7:28:c5:c8:d2:dd:d5:
51:69:5e:dd:64:ae:f7:28:bc:b3:cf:9c:89:38:2b:
d5:19:fa:8c:dc:ad:03:38:ee:88:25:63:8c:0e:20:
10:44:d5:9b:d7:3c:fe:c0:b9:d7:e9:f5:c4:31:66:
65:46:ea:9b:26:d9:7f:c1:00:d2:ec:4c:19:90:71:
dd:f4:2b:68:9d:39:45:2f:96:01:91:c2:b3:bd:28:
bd:11:65:bb:6c:6d:a1:fd:86:22:48:d0:27:3f:7d:
27:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:20:7D:A2:38:A6:83:E8:6C:E8:E2:B9:C0:82:BE:00:15:12:33:38
X509v3 Authority Key Identifier:
keyid:4E:64:4E:29:83:C5:C5:04:D8:00:F2:D0:58:2B:18:2E:BA:BF:24:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TmROKYPFxQTYAPLQWCsYLrq_JIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c0e6a2-8b20-4480-a8ab-b388c5770e04/1/DyB9ojimg-hs6OK5wIK-ABUSMzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c0e6a2-8b20-4480-a8ab-b388c5770e04/1/TmROKYPFxQTYAPLQWCsYLrq_JIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.190.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a4:17:24:cf:c1:95:5d:ae:18:19:68:bb:c8:26:9f:89:04:
72:b1:e8:4e:01:31:22:73:48:89:ec:d1:64:2f:69:67:0b:37:
8e:ce:c8:d5:31:13:2d:d4:94:5e:9a:f5:75:89:7d:16:d0:11:
3e:f7:15:4f:3d:d2:c5:97:88:2d:3d:aa:2f:4b:08:de:3b:9c:
f8:91:1a:da:33:61:ff:0e:f0:58:97:4d:33:0b:fd:9b:ed:c5:
96:f3:2a:e0:22:18:27:68:85:9e:cc:84:e0:f1:80:5c:49:9c:
a4:74:0a:11:8c:bc:f0:e3:d4:e7:f8:a6:89:e0:b5:12:c0:13:
79:b8:9a:0d:fc:2e:5b:57:e5:43:07:14:d4:44:c6:75:00:d4:
c7:7b:be:86:47:b6:3b:4d:67:ed:c7:c6:fd:d0:32:20:c1:21:
c2:39:2c:a5:28:83:ae:22:e4:92:98:f5:c9:72:84:b1:93:b3:
01:3e:a5:a7:46:a7:51:ae:b1:97:ff:f7:0d:b1:04:2d:c1:3a:
49:52:e2:c0:2b:40:a6:09:4e:fa:bd:4b:31:f1:f1:cc:c9:bd:
62:15:ff:b7:4a:e8:84:59:9a:b1:96:61:5b:72:28:74:fd:f3:
4c:49:f6:07:7e:31:76:b5:cf:83:05:39:7b:c0:44:3c:5e:da:
14:bf:d1:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYezTaZoikQUTQkBdyMp4WwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNjQ0ZTI5ODNjNWM1MDRkODAwZjJkMDU4MmIxODJlYmFi
ZjI0ODcwHhcNMjMwNDI0MTI0NzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIwN2RhMjM4YTY4M2U4NmNlOGUyYjljMDgyYmUwMDE1MTIzMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVsCIq5/GxjZwmtbYFbd/n6xSyw0
ng9SgW41uyCFui5YfA9aGPv9O6xt5H0nBKhSscAPa4vES2eQS/wlnNuSue5OjXT0
KgYxfnPZj+VrafRpbtxmjz4L5Ho6zpuv1dDSf9n2ZYdJDZCDLPs1ZWmNO/J3qwv3
je6vjGXbSJPZB6xaDeraJ6rQ8mWljUYvT7xZjoCj11AsHaRVL1UVrbcoxcjS3dVR
aV7dZK73KLyzz5yJOCvVGfqM3K0DOO6IJWOMDiAQRNWb1zz+wLnX6fXEMWZlRuqb
Jtl/wQDS7EwZkHHd9CtonTlFL5YBkcKzvSi9EWW7bG2h/YYiSNAnP30n4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8gfaI4poPobOjiucCCvgAVEjM4MB8GA1UdIwQY
MBaAFE5kTimDxcUE2ADy0FgrGC66vySHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG1ST0tZUEZ4UVRZQVBMUVdDc1lMcnFfSkljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9jMGU2YTItOGIyMC00NDgwLWE4YWIt
YjM4OGM1NzcwZTA0LzEvRHlCOW9qaW1nLWhzNk9LNXdJSy1BQlVTTXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9jMGU2YTItOGIyMC00NDgwLWE4YWItYjM4OGM1NzcwZTA0
LzEvVG1ST0tZUEZ4UVRZQVBMUVdDc1lMcnFfSkljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYe+MA0G
CSqGSIb3DQEBCwUAA4IBAQAhpBckz8GVXa4YGWi7yCafiQRysehOATEic0iJ7NFk
L2lnCzeOzsjVMRMt1JRemvV1iX0W0BE+9xVPPdLFl4gtPaovSwjeO5z4kRraM2H/
DvBYl00zC/2b7cWW8yrgIhgnaIWezITg8YBcSZykdAoRjLzw49Tn+KaJ4LUSwBN5
uJoN/C5bV+VDBxTURMZ1ANTHe76GR7Y7TWftx8b90DIgwSHCOSylKIOuIuSSmPXJ
coSxk7MBPqWnRqdRrrGX//cNsQQtwTpJUuLAK0CmCU76vUsx8fHMyb1iFf+3SuiE
WZqxlmFbcih0/fNMSfYHfjF2tc+DBTl7wEQ8XtoUv9FW
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:28:20 2025 by rpki-client