Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/lN6i4OhXFII9MlgzTeSmjepC7fo.roa
File: lN6i4OhXFII9MlgzTeSmjepC7fo.roa (raw, json)
Hash identifier: DRYPu4dy9yqCm8HUxzyO9arPKTq/qqxls/mopn04l7g=
Subject key identifier: 94:DE:A2:E0:E8:57:14:82:3D:32:58:33:4D:E4:A6:8D:EA:42:ED:FA
Certificate issuer: /CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Certificate serial: 01898C907E1B691E8A45196614D69E33BECE
Authority key identifier: 5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/lN6i4OhXFII9MlgzTeSmjepC7fo.roa
Signing time: Tue 25 Jul 2023 10:20:26 +0000
ROA not before: Tue 25 Jul 2023 10:20:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.110.253.0/24 maxlen: 24
185.110.254.0/24 maxlen: 24
185.118.154.0/24 maxlen: 24
185.119.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:90:7e:1b:69:1e:8a:45:19:66:14:d6:9e:33:be:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Validity
Not Before: Jul 25 10:20:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94dea2e0e85714823d3258334de4a68dea42edfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7a:36:44:15:36:b5:38:8e:70:62:6f:57:5b:
2f:5c:41:b6:1c:dc:ba:c5:96:58:ac:8a:a3:95:41:
4d:c2:39:1b:e5:4a:91:fc:9f:82:1f:db:94:c2:06:
b1:4c:91:78:ee:f0:e3:5d:da:68:e7:1c:d5:b1:5a:
f6:ad:ba:95:73:b9:5f:aa:35:eb:44:f1:0e:8b:39:
3a:68:7d:65:e5:8a:66:98:a8:a7:72:79:6b:08:93:
46:89:95:e4:f8:ec:c9:e3:a6:32:73:48:78:c9:f3:
41:8c:d2:bc:9a:3b:48:68:08:20:14:5d:46:09:23:
20:5b:d7:a2:60:17:28:1c:89:00:ea:6f:46:09:84:
93:2c:08:3d:0f:3c:97:e3:84:ae:2b:4e:db:a7:cb:
b0:52:08:e6:70:6a:b9:bf:bd:32:a3:be:c6:7b:2b:
ca:b6:8a:3b:3e:65:86:1a:c5:4c:2f:ef:32:88:77:
a7:eb:c2:a9:bd:ff:c1:6b:f8:27:51:37:bb:ce:7b:
62:11:a2:07:25:ca:eb:13:07:cb:93:85:74:47:64:
96:3e:8e:5f:0f:28:29:02:0b:9a:a9:77:b2:c8:07:
3b:27:aa:e5:19:d3:c8:95:05:5a:e3:df:a9:c2:70:
ac:f1:20:e4:ae:d0:1d:f7:b9:05:7f:32:a7:97:63:
3b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DE:A2:E0:E8:57:14:82:3D:32:58:33:4D:E4:A6:8D:EA:42:ED:FA
X509v3 Authority Key Identifier:
keyid:5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/lN6i4OhXFII9MlgzTeSmjepC7fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.253.0-185.110.254.255
185.118.154.0/24
185.119.164.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:d5:0a:7a:d0:fe:d0:d8:7f:96:70:32:d2:7e:f2:3d:51:47:
20:ed:f1:84:e4:57:81:39:4e:00:ad:b1:23:99:14:f3:e9:13:
53:c5:50:cd:c0:13:2e:bc:a3:e1:fe:71:da:14:37:f0:17:4c:
2e:fa:27:c7:c7:9e:71:02:cc:f0:9a:21:03:0e:ca:c8:bf:2d:
ce:5b:37:8e:d4:cc:b1:15:10:dd:a6:00:0b:cb:61:9b:6a:aa:
32:07:47:0a:36:46:10:d9:22:7f:e1:2c:ef:85:2d:3f:8d:7f:
d6:cf:94:a0:fc:7f:89:38:7f:5d:d5:01:c2:bc:9b:f4:7a:ca:
69:90:fc:25:2a:a8:66:af:c2:b1:32:48:b6:ea:03:62:d2:22:
52:83:fc:67:66:08:61:f3:58:3a:1e:ff:22:ff:e5:6c:2b:c3:
10:1e:af:96:b8:b8:f1:1c:5b:55:6d:c0:d9:1d:15:14:c6:33:
6f:be:4a:f1:5c:f7:ab:5c:0a:27:d1:63:08:ea:f9:a1:06:b8:
91:0b:6a:59:02:29:ad:48:34:56:af:42:a1:95:96:38:1f:77:
cb:04:bc:27:90:50:a6:a4:08:51:b6:91:5c:d7:d1:9e:37:9b:
c5:23:77:87:80:c7:e3:a0:56:6f:44:25:26:9b:eb:b2:d6:0f:
69:18:61:b8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYmMkH4baR6KRRlmFNaeM77OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViN2E5MDVlMjVhNGQ1Y2NjYjJlZWJlNGUyZDVjMzkyMDgx
OTc1OGUwHhcNMjMwNzI1MTAyMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRlYTJlMGU4NTcxNDgyM2QzMjU4MzM0ZGU0YTY4ZGVhNDJlZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXo2RBU2tTiOcGJvV1svXEG2HNy6
xZZYrIqjlUFNwjkb5UqR/J+CH9uUwgaxTJF47vDjXdpo5xzVsVr2rbqVc7lfqjXr
RPEOizk6aH1l5YpmmKincnlrCJNGiZXk+OzJ46Yyc0h4yfNBjNK8mjtIaAggFF1G
CSMgW9eiYBcoHIkA6m9GCYSTLAg9DzyX44SuK07bp8uwUgjmcGq5v70yo77GeyvK
too7PmWGGsVML+8yiHen68Kpvf/Ba/gnUTe7zntiEaIHJcrrEwfLk4V0R2SWPo5f
DygpAguaqXeyyAc7J6rlGdPIlQVa49+pwnCs8SDkrtAd97kFfzKnl2M7EwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJTeouDoVxSCPTJYM03kpo3qQu36MB8GA1UdIwQY
MBaAFFt6kF4lpNXMyy7r5OLVw5IIGXWOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEt
NzNhM2QwN2QyYzMxLzEvbE42aTRPaFhGSUk5TWxnelRlU21qZXBDN2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEtNzNhM2QwN2QyYzMx
LzEvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC5bv0D
BAC5bv4DBAC5dpoDBAC5d6QwDQYJKoZIhvcNAQELBQADggEBAMHVCnrQ/tDYf5Zw
MtJ+8j1RRyDt8YTkV4E5TgCtsSOZFPPpE1PFUM3AEy68o+H+cdoUN/AXTC76J8fH
nnECzPCaIQMOysi/Lc5bN47UzLEVEN2mAAvLYZtqqjIHRwo2RhDZIn/hLO+FLT+N
f9bPlKD8f4k4f13VAcK8m/R6ymmQ/CUqqGavwrEySLbqA2LSIlKD/GdmCGHzWDoe
/yL/5WwrwxAer5a4uPEcW1VtwNkdFRTGM2++SvFc96tcCifRYwjq+aEGuJELalkC
Ka1INFavQqGVljgfd8sEvCeQUKakCFG2kVzX0Z43m8Ujd4eAx+OgVm9EJSab67LW
D2kYYbg=
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:43:52 2025 by rpki-client