Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ImVqGd0DRc_nKRmOd9LTtNWpqYU.roa
File: ImVqGd0DRc_nKRmOd9LTtNWpqYU.roa (raw, json)
Hash identifier: vAD87dKWWuksimyzSYIzST0R01rSJiZN5icRY84879k=
Subject key identifier: 22:65:6A:19:DD:03:45:CF:E7:29:19:8E:77:D2:D3:B4:D5:A9:A9:85
Certificate issuer: /CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Certificate serial: 018977B8CE8BAEAFC28BD50A1F684E8DEB68
Authority key identifier: C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ImVqGd0DRc_nKRmOd9LTtNWpqYU.roa
Signing time: Fri 21 Jul 2023 09:12:27 +0000
ROA not before: Fri 21 Jul 2023 09:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42083
IP address blocks: 185.208.100.0/24 maxlen: 24
185.208.101.0/24 maxlen: 24
185.208.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:b8:ce:8b:ae:af:c2:8b:d5:0a:1f:68:4e:8d:eb:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Validity
Not Before: Jul 21 09:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22656a19dd0345cfe729198e77d2d3b4d5a9a985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fc:ca:2e:f1:f7:b5:51:29:97:e7:04:10:48:
4f:2c:e6:ca:45:dc:d9:72:89:f5:0a:61:98:f8:79:
50:d4:dc:19:92:b6:b5:e1:86:2a:53:bd:ca:98:ec:
e2:80:79:ef:d1:76:46:7c:3e:fc:53:f1:3d:bf:18:
08:2d:02:02:d3:25:90:26:39:54:0d:66:a2:ea:ca:
d7:70:29:76:e6:6b:16:07:0e:bd:68:2c:54:77:fb:
4b:d9:38:b4:e3:f2:43:e2:c1:43:15:27:66:0c:d8:
db:d0:99:10:6f:e5:67:09:c9:12:ad:3f:18:ba:d9:
a4:1c:7e:b8:e8:be:d4:01:ba:e2:40:6d:c5:b9:71:
06:ce:fe:77:94:7b:c4:db:3d:79:60:80:88:ac:55:
2c:96:4b:f3:e8:c2:e8:0f:31:97:27:71:2f:2d:cd:
56:a7:c9:b0:e1:f8:bc:4b:7e:79:45:e8:6d:a1:59:
fc:ea:5b:78:2f:12:f2:7d:e8:d2:d1:01:38:57:f9:
d6:a2:cd:da:db:4f:e6:b5:a7:d5:ef:1a:0a:b2:b4:
51:db:d0:ef:db:a0:be:7e:48:09:5a:42:1e:f3:b1:
8f:00:3b:86:e7:76:35:57:0b:c1:dc:0e:88:fb:c9:
af:48:fb:5b:c0:b0:fb:72:69:e0:1a:f2:74:16:4e:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:65:6A:19:DD:03:45:CF:E7:29:19:8E:77:D2:D3:B4:D5:A9:A9:85
X509v3 Authority Key Identifier:
keyid:C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ImVqGd0DRc_nKRmOd9LTtNWpqYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.100.0/23
185.208.103.0/24
Signature Algorithm: sha256WithRSAEncryption
66:88:85:e0:a7:0e:16:4b:ab:c5:54:91:5d:74:8e:cc:48:7d:
a1:6f:a6:b3:a4:93:47:41:0b:7a:7e:b9:ea:82:11:56:31:aa:
04:4e:3c:0d:28:74:f6:dd:39:e0:17:0c:21:39:7c:26:87:4e:
9a:b1:d4:ff:ce:18:87:44:3f:90:49:d3:96:5b:64:91:40:5f:
76:58:4d:b1:66:2a:9f:00:2e:8a:bf:fe:41:d5:04:d7:6a:ac:
a1:fc:4f:53:44:0e:ee:8b:ea:5e:3f:10:b6:30:2f:3e:12:7f:
f6:5e:bd:ec:f0:1f:1e:ec:76:b8:dd:5c:07:9f:16:35:91:dd:
1d:b8:e6:b1:37:ed:9a:3f:9c:e3:a0:c8:ee:8e:6e:40:d9:cd:
09:50:c0:11:6f:2e:ee:d0:d5:7e:5a:40:7d:ad:b5:55:e1:ba:
7b:47:f1:c7:77:9c:99:44:e5:73:8c:f8:08:d8:70:34:1c:ab:
9e:31:bc:e3:11:1d:89:85:30:f5:3e:7f:e4:a4:d6:68:3f:1d:
a9:d9:9a:3d:70:0f:9c:d0:6a:c5:b4:0b:fe:22:34:99:ef:ed:
13:b8:33:0b:2a:cf:da:d9:90:0f:2d:c5:16:02:c2:36:74:62:
bc:2f:78:2f:7c:96:05:b6:e3:ca:bb:ce:c7:c3:cb:9d:c5:64:
9c:f9:45:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYl3uM6Lrq/Ci9UKH2hOjetoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODhhMDc5ZTRjZWI2YmIyNGMyM2M1MjcxZTQ1ODNlMWNm
MmY5YTkwHhcNMjMwNzIxMDkxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjY1NmExOWRkMDM0NWNmZTcyOTE5OGU3N2QyZDNiNGQ1YTlhOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvzKLvH3tVEpl+cEEEhPLObKRdzZ
con1CmGY+HlQ1NwZkra14YYqU73KmOzigHnv0XZGfD78U/E9vxgILQIC0yWQJjlU
DWai6srXcCl25msWBw69aCxUd/tL2Ti04/JD4sFDFSdmDNjb0JkQb+VnCckSrT8Y
utmkHH646L7UAbriQG3FuXEGzv53lHvE2z15YICIrFUslkvz6MLoDzGXJ3EvLc1W
p8mw4fi8S355RehtoVn86lt4LxLyfejS0QE4V/nWos3a20/mtafV7xoKsrRR29Dv
26C+fkgJWkIe87GPADuG53Y1VwvB3A6I+8mvSPtbwLD7cmngGvJ0Fk6x0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCJlahndA0XP5ykZjnfS07TVqamFMB8GA1UdIwQY
MBaAFMWIoHnkzra7JMI8UnHkWD4c8vmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTIt
MTdlZGI5OGJiYjA4LzEvSW1WcUdkMERSY19uS1JtT2Q5TFR0TldwcVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTItMTdlZGI5OGJiYjA4
LzEveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudBkAwQA
udBnMA0GCSqGSIb3DQEBCwUAA4IBAQBmiIXgpw4WS6vFVJFddI7MSH2hb6azpJNH
QQt6frnqghFWMaoETjwNKHT23TngFwwhOXwmh06asdT/zhiHRD+QSdOWW2SRQF92
WE2xZiqfAC6Kv/5B1QTXaqyh/E9TRA7ui+pePxC2MC8+En/2Xr3s8B8e7Ha43VwH
nxY1kd0duOaxN+2aP5zjoMjujm5A2c0JUMARby7u0NV+WkB9rbVV4bp7R/HHd5yZ
ROVzjPgI2HA0HKueMbzjER2JhTD1Pn/kpNZoPx2p2Zo9cA+c0GrFtAv+IjSZ7+0T
uDMLKs/a2ZAPLcUWAsI2dGK8L3gvfJYFtuPKu87Hw8udxWSc+UVx
-----END CERTIFICATE-----
Generated at Tue May 13 23:41:51 2025 by rpki-client