Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/3ynEydC-ZeLJKYykKfoOLjs6RG0.roa
File: 3ynEydC-ZeLJKYykKfoOLjs6RG0.roa (raw, json)
Hash identifier: JSlRiGTpPrUfPuTbbxE7fEEYrsIYuu0PMpxYvLSWNnE=
Subject key identifier: DF:29:C4:C9:D0:BE:65:E2:C9:29:8C:A4:29:FA:0E:2E:3B:3A:44:6D
Certificate issuer: /CN=5fcf5d25a3661a3e72d2729454f7ff804b43bdb9
Certificate serial: 018C624A1B14AD75BBDCD4CDAB94B6CA22E9
Authority key identifier: 5F:CF:5D:25:A3:66:1A:3E:72:D2:72:94:54:F7:FF:80:4B:43:BD:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X89dJaNmGj5y0nKUVPf_gEtDvbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/3ynEydC-ZeLJKYykKfoOLjs6RG0.roa
Signing time: Wed 13 Dec 2023 08:27:52 +0000
ROA not before: Wed 13 Dec 2023 08:27:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202422
IP address blocks: 185.105.0.0/24 maxlen: 24
185.105.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:4a:1b:14:ad:75:bb:dc:d4:cd:ab:94:b6:ca:22:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fcf5d25a3661a3e72d2729454f7ff804b43bdb9
Validity
Not Before: Dec 13 08:27:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df29c4c9d0be65e2c9298ca429fa0e2e3b3a446d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:42:ee:10:c5:40:36:46:e0:ae:15:cc:c1:33:
52:e7:8a:de:c7:ba:7e:ef:6c:05:46:99:62:eb:13:
d2:d8:d0:2a:1f:af:3e:df:f4:84:1c:cb:91:70:43:
2b:51:4d:ab:57:19:ba:e8:3e:b4:30:2d:fb:c4:6a:
87:d3:1b:d4:68:3f:ec:31:0a:c4:bc:95:5e:c2:16:
6a:09:75:af:90:a2:29:97:b7:94:f2:d8:0b:02:37:
a4:52:73:4d:f9:8c:89:66:f6:b0:ad:f7:c0:69:48:
89:86:fc:20:ba:68:4a:87:e7:68:64:f7:c2:fd:b6:
90:78:3b:d7:10:24:4c:7f:6a:9f:8c:e8:53:fb:9d:
89:77:da:a7:15:7b:a7:c0:88:11:68:e9:75:f2:72:
1c:bc:ac:36:e5:a0:7a:05:d9:0e:d1:9c:b7:72:39:
b8:55:3b:d5:60:eb:10:fe:39:0a:29:c3:10:06:04:
2e:d7:de:85:b5:5c:35:87:18:f1:83:bc:f5:09:a9:
c3:a2:d3:2f:ae:9c:03:ec:a4:97:4e:40:65:e4:d2:
98:23:a7:ff:e5:f4:ab:80:af:98:09:91:cf:6f:9e:
ff:22:ee:7a:fa:12:e1:c0:af:89:d2:51:3e:b2:e0:
91:5d:96:8d:49:7e:dc:a2:7d:fa:46:25:8e:90:a0:
76:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:29:C4:C9:D0:BE:65:E2:C9:29:8C:A4:29:FA:0E:2E:3B:3A:44:6D
X509v3 Authority Key Identifier:
keyid:5F:CF:5D:25:A3:66:1A:3E:72:D2:72:94:54:F7:FF:80:4B:43:BD:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X89dJaNmGj5y0nKUVPf_gEtDvbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/3ynEydC-ZeLJKYykKfoOLjs6RG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/X89dJaNmGj5y0nKUVPf_gEtDvbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.0.0/24
185.105.3.0/24
Signature Algorithm: sha256WithRSAEncryption
94:81:f9:81:ac:d6:74:f9:e8:9c:fd:99:5e:df:37:e0:76:43:
77:4c:e8:70:4f:1c:17:ba:32:17:b5:78:d7:dc:0a:95:db:0b:
37:ed:78:53:c2:8d:ef:dc:9e:3c:6b:33:c1:a0:a5:98:2e:e9:
f2:1a:6b:b5:29:f0:9e:4b:0a:e5:d1:f2:33:7c:67:5a:a1:bd:
c2:0b:c1:8b:06:82:eb:c8:52:9b:07:d5:2a:75:3e:b0:2b:8f:
87:34:f4:78:65:a6:07:18:82:37:8f:0d:eb:8c:4e:20:21:3c:
2a:47:8e:e0:00:b5:2b:1d:ff:96:ea:37:76:28:d6:ee:29:f7:
81:8c:c0:40:6c:24:d1:ed:e5:d2:b4:f4:10:39:e7:e5:df:ed:
c5:91:be:ca:b4:16:f6:d3:92:9b:33:81:d1:7a:fe:ad:15:f0:
48:38:90:49:ca:5a:8b:fd:00:d1:cd:89:e8:fe:96:17:78:9d:
14:d5:8a:34:11:10:0b:c1:86:04:33:1d:01:39:02:7c:da:ea:
b6:61:18:ce:00:87:7c:5b:07:e4:93:64:aa:0e:d3:b5:5a:70:
e2:55:82:9c:ba:29:0e:3c:07:50:5d:77:d7:c4:1a:7a:ff:ff:
ae:a7:b8:2a:59:2b:b2:04:4a:d8:00:ae:7b:ac:26:ac:5e:c5:
9e:30:f6:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxiShsUrXW73NTNq5S2yiLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmY2Y1ZDI1YTM2NjFhM2U3MmQyNzI5NDU0ZjdmZjgwNGI0
M2JkYjkwHhcNMjMxMjEzMDgyNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjI5YzRjOWQwYmU2NWUyYzkyOThjYTQyOWZhMGUyZTNiM2E0NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ELuEMVANkbgrhXMwTNS54rex7p+
72wFRpli6xPS2NAqH68+3/SEHMuRcEMrUU2rVxm66D60MC37xGqH0xvUaD/sMQrE
vJVewhZqCXWvkKIpl7eU8tgLAjekUnNN+YyJZvawrffAaUiJhvwgumhKh+doZPfC
/baQeDvXECRMf2qfjOhT+52Jd9qnFXunwIgRaOl18nIcvKw25aB6BdkO0Zy3cjm4
VTvVYOsQ/jkKKcMQBgQu196FtVw1hxjxg7z1CanDotMvrpwD7KSXTkBl5NKYI6f/
5fSrgK+YCZHPb57/Iu56+hLhwK+J0lE+suCRXZaNSX7con36RiWOkKB2CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN8pxMnQvmXiySmMpCn6Di47OkRtMB8GA1UdIwQY
MBaAFF/PXSWjZho+ctJylFT3/4BLQ725MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDg5ZEphTm1HajV5MG5LVVZQZl9nRXREdmJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yNTFmNGEtODJkNy00NmE1LWExMzAt
MGE5YjA2ZTE2ZGRjLzEvM3luRXlkQy1aZUxKS1l5a0tmb09ManM2UkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yNTFmNGEtODJkNy00NmE1LWExMzAtMGE5YjA2ZTE2ZGRj
LzEvWDg5ZEphTm1HajV5MG5LVVZQZl9nRXREdmJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWkAAwQA
uWkDMA0GCSqGSIb3DQEBCwUAA4IBAQCUgfmBrNZ0+eic/Zle3zfgdkN3TOhwTxwX
ujIXtXjX3AqV2ws37XhTwo3v3J48azPBoKWYLunyGmu1KfCeSwrl0fIzfGdaob3C
C8GLBoLryFKbB9UqdT6wK4+HNPR4ZaYHGII3jw3rjE4gITwqR47gALUrHf+W6jd2
KNbuKfeBjMBAbCTR7eXStPQQOefl3+3Fkb7KtBb205KbM4HRev6tFfBIOJBJylqL
/QDRzYno/pYXeJ0U1Yo0ERALwYYEMx0BOQJ82uq2YRjOAId8Wwfkk2SqDtO1WnDi
VYKcuikOPAdQXXfXxBp6//+up7gqWSuyBErYAK57rCasXsWeMPbN
-----END CERTIFICATE-----
Generated at Mon May 5 23:57:24 2025 by rpki-client