Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/hS-AmEM5P2asYzL4qA5STRBdQwQ.roa
File: hS-AmEM5P2asYzL4qA5STRBdQwQ.roa (raw, json)
Hash identifier: yBqEwJwVmIg+nAPtVpfDmrFjj8hpoG1puaw5zm0IuEI=
Subject key identifier: 85:2F:80:98:43:39:3F:66:AC:63:32:F8:A8:0E:52:4D:10:5D:43:04
Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4
Certificate serial: 018C5FAC24A4465AEB73A85999A29BC8D377
Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/hS-AmEM5P2asYzL4qA5STRBdQwQ.roa
Signing time: Tue 12 Dec 2023 20:16:06 +0000
ROA not before: Tue 12 Dec 2023 20:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 185.225.200.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5f:ac:24:a4:46:5a:eb:73:a8:59:99:a2:9b:c8:d3:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4
Validity
Not Before: Dec 12 20:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=852f809843393f66ac6332f8a80e524d105d4304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c9:e8:26:18:67:a6:c1:51:ea:ca:20:f2:47:
23:34:c6:29:18:85:7b:6c:82:43:c0:f8:fa:27:29:
fe:37:3c:5a:b5:1c:65:b7:6d:8c:39:26:b4:c1:b5:
0b:a5:57:95:98:ef:70:68:c3:1a:44:e5:bb:e3:0e:
14:05:e6:eb:25:d0:1d:42:3a:ae:0b:6f:23:b8:c8:
7d:3b:24:c9:0a:c3:71:57:13:cf:13:39:79:7c:19:
d5:94:62:e8:4b:af:b8:c5:98:64:50:c6:b3:6d:8d:
a7:b7:27:1a:db:f1:fb:c9:8d:bf:eb:50:b9:da:1e:
eb:06:1d:5e:cd:6d:51:da:7a:27:f6:33:d3:a5:bf:
25:ed:49:07:6f:9b:c2:4f:06:ca:2d:c0:0c:0d:44:
10:5a:ae:36:99:51:f7:a9:b3:46:24:35:76:55:ac:
ba:48:93:76:96:65:9f:3a:43:cb:ea:54:76:b7:ad:
6b:0b:9d:c4:25:58:8d:99:41:2d:3a:d8:cc:e7:42:
6f:52:d7:41:e4:b1:18:21:d8:74:7d:20:68:37:3d:
e1:fe:f6:fa:f8:bf:64:1e:c8:1d:a6:5f:c2:8a:d8:
17:73:bc:00:b0:e5:b3:21:7e:29:d4:aa:5a:e3:21:
84:3d:4a:2f:74:87:6c:df:ba:d4:06:72:e6:69:96:
83:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2F:80:98:43:39:3F:66:AC:63:32:F8:A8:0E:52:4D:10:5D:43:04
X509v3 Authority Key Identifier:
keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/hS-AmEM5P2asYzL4qA5STRBdQwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.200.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:bc:9f:2d:e1:a4:c1:b5:f0:90:ca:d7:8e:2b:c3:ad:cd:fb:
d8:ff:ec:4b:20:80:16:e0:4d:73:b3:e8:c1:f1:84:26:4e:2c:
02:ae:40:13:21:61:a0:a1:fb:5b:7b:4b:c3:57:84:b5:cc:b3:
18:94:bc:9e:c5:98:47:12:4c:07:f4:43:e7:85:06:c1:25:6a:
5b:9e:19:0e:cf:48:48:b8:2f:9c:32:dd:3d:0b:96:fa:e0:03:
e6:08:28:06:46:c9:b4:7f:4e:97:3f:e7:a3:a8:9a:62:ba:2b:
0b:c2:e2:e3:0e:d2:53:81:a9:c3:6a:b0:ad:cc:8b:89:74:f8:
f4:8e:cd:41:0f:e7:d4:1d:27:75:d6:b8:6a:e2:b8:c6:63:1a:
25:0e:fc:7c:d2:3b:44:8e:c8:7f:bc:40:9e:4f:91:0d:9e:3d:
32:97:80:54:fe:a5:05:c5:b6:14:c2:79:6d:dc:16:04:1a:ad:
bf:77:43:df:6d:7f:34:5c:9b:21:25:49:38:ca:ea:32:d7:6d:
85:26:71:c6:d7:b3:67:bc:36:b1:84:d1:76:a2:32:1b:dd:84:
8c:ef:82:a2:0f:aa:1f:33:31:55:3e:ca:02:b5:af:ae:7c:2c:
73:b1:37:e9:47:64:bb:ff:18:9a:e3:37:38:7b:5e:44:d5:ed:
ed:fb:ca:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxfrCSkRlrrc6hZmaKbyNN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw
MGM5YTQwHhcNMjMxMjEyMjAxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJmODA5ODQzMzkzZjY2YWM2MzMyZjhhODBlNTI0ZDEwNWQ0MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsnoJhhnpsFR6sog8kcjNMYpGIV7
bIJDwPj6Jyn+NzxatRxlt22MOSa0wbULpVeVmO9waMMaROW74w4UBebrJdAdQjqu
C28juMh9OyTJCsNxVxPPEzl5fBnVlGLoS6+4xZhkUMazbY2ntyca2/H7yY2/61C5
2h7rBh1ezW1R2non9jPTpb8l7UkHb5vCTwbKLcAMDUQQWq42mVH3qbNGJDV2Vay6
SJN2lmWfOkPL6lR2t61rC53EJViNmUEtOtjM50JvUtdB5LEYIdh0fSBoNz3h/vb6
+L9kHsgdpl/CitgXc7wAsOWzIX4p1Kpa4yGEPUovdIds37rUBnLmaZaDdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUvgJhDOT9mrGMy+KgOUk0QXUMEMB8GA1UdIwQY
MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt
MTVmYzBiNjhmODQ0LzEvaFMtQW1FTTVQMmFzWXpMNHFBNVNUUkJkUXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0
LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueHIMA0G
CSqGSIb3DQEBCwUAA4IBAQBLvJ8t4aTBtfCQyteOK8OtzfvY/+xLIIAW4E1zs+jB
8YQmTiwCrkATIWGgoftbe0vDV4S1zLMYlLyexZhHEkwH9EPnhQbBJWpbnhkOz0hI
uC+cMt09C5b64APmCCgGRsm0f06XP+ejqJpiuisLwuLjDtJTganDarCtzIuJdPj0
js1BD+fUHSd11rhq4rjGYxolDvx80jtEjsh/vECeT5ENnj0yl4BU/qUFxbYUwnlt
3BYEGq2/d0PfbX80XJshJUk4yuoy122FJnHG17NnvDaxhNF2ojIb3YSM74KiD6of
MzFVPsoCta+ufCxzsTfpR2S7/xia4zc4e15E1e3t+8pD
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:54:26 2025 by rpki-client