Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f3891f-4dc7-4f4c-b519-6107eb7c48d2/1/9fs010p6GklrJ9Wa96Qif9BNkrg.roa
File: 9fs010p6GklrJ9Wa96Qif9BNkrg.roa (raw, json)
Hash identifier: KDA3iWWcMmUHZfJNH0RH8Wr20mXeq7X4szpS60851iI=
Subject key identifier: F5:FB:34:D7:4A:7A:1A:49:6B:27:D5:9A:F7:A4:22:7F:D0:4D:92:B8
Certificate issuer: /CN=bc36b4cae090d0f49c5483f7b2f93fb92fd0ff87
Certificate serial: 018571FA37797C68B83BBAFD172CFB9AE896
Authority key identifier: BC:36:B4:CA:E0:90:D0:F4:9C:54:83:F7:B2:F9:3F:B9:2F:D0:FF:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDa0yuCQ0PScVIP3svk_uS_Q_4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f3891f-4dc7-4f4c-b519-6107eb7c48d2/1/9fs010p6GklrJ9Wa96Qif9BNkrg.roa
Signing time: Mon 02 Jan 2023 10:15:01 +0000
ROA not before: Mon 02 Jan 2023 10:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60631
IP address blocks: 185.204.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:37:79:7c:68:b8:3b:ba:fd:17:2c:fb:9a:e8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc36b4cae090d0f49c5483f7b2f93fb92fd0ff87
Validity
Not Before: Jan 2 10:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5fb34d74a7a1a496b27d59af7a4227fd04d92b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fc:6c:ca:3e:96:8e:b5:31:6d:e4:fe:b9:34:
61:0e:e2:1b:f3:5a:55:9a:6b:f7:3e:b7:7f:39:a3:
11:fd:46:99:e7:4b:03:12:f0:09:df:b9:2e:65:78:
1f:f5:ea:fa:e0:3c:ee:9d:95:48:a8:23:b6:57:84:
82:47:b4:40:fd:27:bf:15:c1:56:68:85:97:53:f7:
51:d2:ee:17:10:f6:c8:40:d9:61:13:b2:01:68:bb:
ef:4b:68:2f:e6:f8:4e:e9:6f:4b:a1:4b:8b:a4:59:
74:6e:e0:c5:cd:bf:43:c8:25:38:a8:ff:94:30:c8:
ae:e7:5e:77:02:23:6f:02:4d:b0:cf:d4:25:d5:1d:
4d:51:52:6b:23:88:33:2e:95:8b:4f:eb:ad:15:bd:
9e:20:c1:b0:e8:84:e4:29:fe:fa:67:50:0f:16:7a:
55:94:6d:ca:93:9d:cc:03:93:a7:05:bb:40:a5:63:
f3:f5:23:31:72:90:1c:90:02:67:68:1e:25:0e:a5:
65:9c:f7:06:28:01:3d:02:7f:62:8f:24:24:87:16:
89:7c:16:b5:be:59:44:40:7c:36:9a:43:20:92:62:
5e:7a:1e:a2:d0:cf:b8:8e:f7:72:32:0b:1f:b1:ba:
dc:6b:44:d6:3b:c6:9b:94:98:e4:a0:f9:85:09:d5:
ce:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FB:34:D7:4A:7A:1A:49:6B:27:D5:9A:F7:A4:22:7F:D0:4D:92:B8
X509v3 Authority Key Identifier:
keyid:BC:36:B4:CA:E0:90:D0:F4:9C:54:83:F7:B2:F9:3F:B9:2F:D0:FF:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDa0yuCQ0PScVIP3svk_uS_Q_4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f3891f-4dc7-4f4c-b519-6107eb7c48d2/1/9fs010p6GklrJ9Wa96Qif9BNkrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f3891f-4dc7-4f4c-b519-6107eb7c48d2/1/vDa0yuCQ0PScVIP3svk_uS_Q_4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.197.0/24
Signature Algorithm: sha256WithRSAEncryption
72:21:c1:b5:e4:1a:95:4b:bb:96:90:77:fb:d5:d1:61:6e:f5:
ad:03:d2:34:eb:cd:c1:1a:56:39:1f:56:26:b1:34:9b:0c:85:
5a:41:aa:81:3b:5d:25:66:c9:0c:d3:ec:e9:aa:90:73:a8:a4:
14:df:0a:49:da:07:83:1d:68:57:00:9d:b6:38:0c:b9:23:63:
a6:b8:d8:56:1b:08:11:1b:b5:6b:ae:cf:0d:27:d3:06:f5:32:
d0:dc:ed:46:84:3b:c0:3f:08:04:20:b3:a9:56:e9:ac:b5:9c:
b9:14:d5:6a:f0:bd:2e:96:06:18:7c:31:b2:7c:97:b8:80:e7:
73:de:fe:91:9e:5a:21:23:0d:db:15:c9:33:ae:c0:ba:19:ef:
c1:59:c3:02:ce:14:bb:a7:22:a3:11:de:46:ae:80:1a:36:a7:
4c:43:6c:30:74:64:6d:ed:58:31:70:87:15:e5:2d:92:6b:98:
7c:b2:d4:20:11:dd:ac:fe:9a:c1:af:6a:53:4e:c5:d1:2d:1f:
cd:46:27:34:18:ee:bb:a7:73:8a:1b:ff:45:bb:8e:9a:62:4b:
b5:b6:75:6b:9a:f6:92:db:3c:40:16:c8:4c:1d:63:17:9a:d5:
51:7a:b9:8e:bf:28:6c:1a:27:ec:e1:bc:d6:bd:ad:6f:1b:a1:
da:7f:4e:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+jd5fGi4O7r9Fyz7muiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzZiNGNhZTA5MGQwZjQ5YzU0ODNmN2IyZjkzZmI5MmZk
MGZmODcwHhcNMjMwMTAyMTAxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWZiMzRkNzRhN2ExYTQ5NmIyN2Q1OWFmN2E0MjI3ZmQwNGQ5MmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/xsyj6WjrUxbeT+uTRhDuIb81pV
mmv3Prd/OaMR/UaZ50sDEvAJ37kuZXgf9er64DzunZVIqCO2V4SCR7RA/Se/FcFW
aIWXU/dR0u4XEPbIQNlhE7IBaLvvS2gv5vhO6W9LoUuLpFl0buDFzb9DyCU4qP+U
MMiu5153AiNvAk2wz9Ql1R1NUVJrI4gzLpWLT+utFb2eIMGw6ITkKf76Z1APFnpV
lG3Kk53MA5OnBbtApWPz9SMxcpAckAJnaB4lDqVlnPcGKAE9An9ijyQkhxaJfBa1
vllEQHw2mkMgkmJeeh6i0M+4jvdyMgsfsbrca0TWO8ablJjkoPmFCdXONQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPX7NNdKehpJayfVmvekIn/QTZK4MB8GA1UdIwQY
MBaAFLw2tMrgkND0nFSD97L5P7kv0P+HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRhMHl1Q1EwUFNjVklQM3N2a191U19RXzRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mMzg5MWYtNGRjNy00ZjRjLWI1MTkt
NjEwN2ViN2M0OGQyLzEvOWZzMDEwcDZHa2xySjlXYTk2UWlmOUJOa3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mMzg5MWYtNGRjNy00ZjRjLWI1MTktNjEwN2ViN2M0OGQy
LzEvdkRhMHl1Q1EwUFNjVklQM3N2a191U19RXzRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuczFMA0G
CSqGSIb3DQEBCwUAA4IBAQByIcG15BqVS7uWkHf71dFhbvWtA9I0683BGlY5H1Ym
sTSbDIVaQaqBO10lZskM0+zpqpBzqKQU3wpJ2geDHWhXAJ22OAy5I2OmuNhWGwgR
G7Vrrs8NJ9MG9TLQ3O1GhDvAPwgEILOpVumstZy5FNVq8L0ulgYYfDGyfJe4gOdz
3v6RnlohIw3bFckzrsC6Ge/BWcMCzhS7pyKjEd5GroAaNqdMQ2wwdGRt7VgxcIcV
5S2Sa5h8stQgEd2s/prBr2pTTsXRLR/NRic0GO67p3OKG/9Fu46aYku1tnVrmvaS
2zxAFshMHWMXmtVRermOvyhsGifs4bzWva1vG6Haf07G
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:53:44 2025 by rpki-client