Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/sS1VBbFR5U_JT4Vgj5gmFOiq4t8.roa
File: sS1VBbFR5U_JT4Vgj5gmFOiq4t8.roa (raw, json)
Hash identifier: MaJVUvBxOQh9DkUkcppY4oEji5oT/AlXeL14c3oK39M=
Subject key identifier: B1:2D:55:05:B1:51:E5:4F:C9:4F:85:60:8F:98:26:14:E8:AA:E2:DF
Certificate issuer: /CN=e964d2705a9b26fd482a9c10e926eae7bda41e9b
Certificate serial: 0187480930E714561B4FDACC23C6F2BA0280
Authority key identifier: E9:64:D2:70:5A:9B:26:FD:48:2A:9C:10:E9:26:EA:E7:BD:A4:1E:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6WTScFqbJv1IKpwQ6Sbq572kHps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/sS1VBbFR5U_JT4Vgj5gmFOiq4t8.roa
Signing time: Mon 03 Apr 2023 16:52:54 +0000
ROA not before: Mon 03 Apr 2023 16:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200976
IP address blocks: 185.198.114.0/24 maxlen: 24
185.198.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:48:09:30:e7:14:56:1b:4f:da:cc:23:c6:f2:ba:02:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e964d2705a9b26fd482a9c10e926eae7bda41e9b
Validity
Not Before: Apr 3 16:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b12d5505b151e54fc94f85608f982614e8aae2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7e:50:ed:71:ee:62:ec:68:cf:88:eb:c5:f2:
7d:e9:78:85:57:35:10:fa:a8:04:a7:db:e3:73:dc:
f3:92:48:21:95:d9:5d:b6:8f:cf:58:76:43:ba:8d:
69:83:e4:5e:e9:e7:c5:ed:d2:fb:b1:a5:18:49:91:
cb:db:58:26:5c:5b:51:5e:d7:82:85:4c:24:4b:a8:
b8:37:c9:b8:ab:78:8d:54:09:2f:d4:c2:22:90:5c:
23:bf:7d:03:d0:62:55:81:18:40:16:db:9c:23:25:
b9:02:4d:9c:fb:56:05:44:88:bd:15:cd:c7:31:ac:
af:a9:e4:af:60:57:74:19:cc:8a:34:1a:2e:e2:54:
45:66:98:0f:61:82:5c:e9:b9:7b:42:a8:70:9f:f7:
b8:00:59:f2:d3:37:ee:ee:83:40:32:60:59:12:ee:
5d:fb:06:b8:5a:d9:8a:d2:59:6b:a4:47:63:4b:8f:
de:13:66:d2:f3:34:74:20:ad:7e:8f:0f:48:ad:29:
bf:b9:f0:d9:d1:1a:d8:9f:8b:7a:27:ed:13:d8:db:
7a:41:80:0f:f1:17:88:fa:42:d9:8f:06:c7:53:dd:
21:bc:16:63:2f:9c:ee:40:bf:8e:7a:7f:6b:fc:83:
0d:9b:79:ff:dc:3a:a3:f7:58:06:5b:02:cf:12:87:
6c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:2D:55:05:B1:51:E5:4F:C9:4F:85:60:8F:98:26:14:E8:AA:E2:DF
X509v3 Authority Key Identifier:
keyid:E9:64:D2:70:5A:9B:26:FD:48:2A:9C:10:E9:26:EA:E7:BD:A4:1E:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6WTScFqbJv1IKpwQ6Sbq572kHps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/sS1VBbFR5U_JT4Vgj5gmFOiq4t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/6WTScFqbJv1IKpwQ6Sbq572kHps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.113.0-185.198.114.255
Signature Algorithm: sha256WithRSAEncryption
35:65:00:e4:25:7e:f0:7a:34:b1:98:95:c8:f5:e1:27:f6:25:
ed:70:54:39:54:00:84:fe:30:f4:66:54:f4:b9:2f:be:2f:1a:
d3:ec:f9:d5:a5:c2:62:6c:46:9a:d6:c3:94:b4:06:a6:58:53:
88:bc:5f:ad:70:65:0c:2e:fc:11:4a:c2:87:22:d6:90:76:d0:
31:81:52:fb:24:a7:4e:84:d9:26:05:7e:a3:09:1a:be:92:4e:
44:00:22:0d:3f:08:9e:a9:7c:9d:45:af:09:bb:cc:be:40:aa:
cf:ab:5b:cd:d8:c9:11:36:18:99:ab:55:5e:0c:7f:5b:fc:e6:
0f:f0:29:af:ae:57:57:bd:97:45:bf:88:03:22:4f:bd:58:78:
2f:73:7a:42:67:94:44:10:0f:b5:9d:f5:4f:f3:61:b4:e2:87:
14:8d:b4:09:72:a9:2b:f4:bb:31:ed:79:64:0a:2d:ad:47:6b:
23:95:98:1d:1c:b4:98:8f:bf:70:27:7d:d0:9a:a7:d5:b3:66:
16:9d:b7:72:b5:f1:73:fa:8e:de:a7:51:92:5d:d0:9a:4b:0b:
25:5a:2f:75:39:ab:b0:42:d9:3b:55:27:92:56:5b:d4:c1:b1:
d1:f2:1e:78:5e:1c:3c:90:1f:b3:34:7d:29:00:56:bf:45:20:
f8:0a:0a:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYdICTDnFFYbT9rMI8byugKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NjRkMjcwNWE5YjI2ZmQ0ODJhOWMxMGU5MjZlYWU3YmRh
NDFlOWIwHhcNMjMwNDAzMTY1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTJkNTUwNWIxNTFlNTRmYzk0Zjg1NjA4Zjk4MjYxNGU4YWFlMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgn5Q7XHuYuxoz4jrxfJ96XiFVzUQ
+qgEp9vjc9zzkkghldldto/PWHZDuo1pg+Re6efF7dL7saUYSZHL21gmXFtRXteC
hUwkS6i4N8m4q3iNVAkv1MIikFwjv30D0GJVgRhAFtucIyW5Ak2c+1YFRIi9Fc3H
MayvqeSvYFd0GcyKNBou4lRFZpgPYYJc6bl7Qqhwn/e4AFny0zfu7oNAMmBZEu5d
+wa4WtmK0llrpEdjS4/eE2bS8zR0IK1+jw9IrSm/ufDZ0RrYn4t6J+0T2Nt6QYAP
8ReI+kLZjwbHU90hvBZjL5zuQL+Oen9r/IMNm3n/3Dqj91gGWwLPEodsiQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLEtVQWxUeVPyU+FYI+YJhToquLfMB8GA1UdIwQY
MBaAFOlk0nBamyb9SCqcEOkm6ue9pB6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNldUU2NGcWJKdjFJS3B3UTZTYnE1NzJrSHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hNjYzNmQtY2M1My00Y2VlLTg0Y2Mt
ZjRlMzYxZTRkYTJkLzEvc1MxVkJiRlI1VV9KVDRWZ2o1Z21GT2lxNHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hNjYzNmQtY2M1My00Y2VlLTg0Y2MtZjRlMzYxZTRkYTJk
LzEvNldUU2NGcWJKdjFJS3B3UTZTYnE1NzJrSHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5xnED
BAC5xnIwDQYJKoZIhvcNAQELBQADggEBADVlAOQlfvB6NLGYlcj14Sf2Je1wVDlU
AIT+MPRmVPS5L74vGtPs+dWlwmJsRprWw5S0BqZYU4i8X61wZQwu/BFKwoci1pB2
0DGBUvskp06E2SYFfqMJGr6STkQAIg0/CJ6pfJ1Frwm7zL5Aqs+rW83YyRE2GJmr
VV4Mf1v85g/wKa+uV1e9l0W/iAMiT71YeC9zekJnlEQQD7Wd9U/zYbTihxSNtAly
qSv0uzHteWQKLa1HayOVmB0ctJiPv3AnfdCap9WzZhadt3K18XP6jt6nUZJd0JpL
CyVaL3U5q7BC2TtVJ5JWW9TBsdHyHnheHDyQH7M0fSkAVr9FIPgKCqM=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:53:27 2025 by rpki-client