Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/U4SQpq1R7bUvr1OGFpEKDCIbMFE.roa
File: U4SQpq1R7bUvr1OGFpEKDCIbMFE.roa (raw, json)
Hash identifier: DytxgRaFLUdKzzGe4HGTbtmZCXuF+6l2+tVxwU++cMM=
Subject key identifier: 53:84:90:A6:AD:51:ED:B5:2F:AF:53:86:16:91:0A:0C:22:1B:30:51
Certificate issuer: /CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Certificate serial: 0186A76A346FD11E0240CE4266D2D036A73E
Authority key identifier: 32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/U4SQpq1R7bUvr1OGFpEKDCIbMFE.roa
Signing time: Fri 03 Mar 2023 12:20:00 +0000
ROA not before: Fri 03 Mar 2023 12:20:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212538
IP address blocks: 185.180.30.0/24 maxlen: 24
185.180.31.0/24 maxlen: 24
185.180.28.0/24 maxlen: 24
185.180.29.0/24 maxlen: 24
185.34.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:6a:34:6f:d1:1e:02:40:ce:42:66:d2:d0:36:a7:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Validity
Not Before: Mar 3 12:20:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=538490a6ad51edb52faf538616910a0c221b3051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:36:3e:05:c0:18:fd:01:86:71:cf:1f:ed:7a:
1a:48:20:47:ae:c3:50:84:b6:55:73:40:e1:33:ef:
06:b4:df:dc:51:c4:b4:9e:47:5d:ba:91:8d:8d:45:
36:34:8d:59:be:9c:e4:05:1b:41:bd:4c:85:d3:93:
37:aa:c3:5a:8a:92:2f:73:64:ce:f1:68:c3:69:db:
f1:8d:11:63:6c:04:b1:41:19:33:ce:b7:93:04:5e:
3c:db:e5:e7:8f:98:c3:ef:d3:ff:a7:ff:21:a3:74:
81:05:f5:41:00:d6:60:e1:5b:d8:0d:ae:5d:69:f4:
61:4b:12:8e:d4:17:82:5d:c7:65:6f:10:4d:c9:2b:
5e:75:2b:0e:eb:8c:24:b5:dd:fb:a7:0a:a8:cf:9a:
99:95:9e:7b:78:05:2b:c2:43:19:ee:ed:48:44:8d:
cb:9e:98:a3:6a:8d:90:0b:ed:55:cd:04:c0:be:51:
a0:c7:e9:d3:9b:9d:c7:cd:d7:76:46:23:49:a8:99:
46:5e:ac:e2:02:87:e4:f2:ad:6b:1f:bd:4e:98:79:
61:b0:32:75:e8:e2:f4:b6:d2:0a:be:76:a8:ff:6c:
37:a3:1e:5b:fd:e5:e3:50:44:ca:a8:7a:f3:6d:f9:
44:7a:1d:0f:2c:b5:5b:47:04:f2:05:db:fb:38:7f:
ed:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:84:90:A6:AD:51:ED:B5:2F:AF:53:86:16:91:0A:0C:22:1B:30:51
X509v3 Authority Key Identifier:
keyid:32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/U4SQpq1R7bUvr1OGFpEKDCIbMFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.128.0/24
185.180.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:19:46:cd:54:e4:a8:8f:cb:17:3e:d5:a3:ad:5f:95:08:d8:
36:f0:d0:22:2f:e3:0f:e1:54:4c:fe:3f:80:c7:f3:95:b5:ad:
73:19:46:8f:3a:9d:a5:a4:d7:8a:00:cf:be:06:fa:12:e6:24:
b9:f2:ca:d1:ed:7a:d9:1a:ce:bf:7e:73:eb:53:80:8c:d2:f2:
94:34:48:ac:7d:6d:d1:19:95:44:bc:ac:ea:b3:a1:c0:a8:9a:
19:9a:69:b3:23:5e:82:cf:92:ba:c4:1e:c2:99:60:01:68:0c:
9b:e0:f1:c7:8b:42:b1:9a:96:ca:1b:36:c1:6c:ac:65:ee:d7:
b9:dc:51:0a:9c:3e:8c:83:98:c4:22:3c:76:23:c6:01:2b:55:
f4:d1:00:f1:ca:64:f3:92:87:d2:5a:6f:fe:5f:b9:38:56:c1:
26:9d:6c:00:1f:a8:d3:42:0a:dd:9d:ba:26:68:59:8c:bc:9f:
2e:13:c1:d1:e8:38:51:f2:18:1a:b9:4f:4a:e3:f1:e2:a2:43:
50:e8:14:3d:b8:3f:d6:95:d5:ed:36:6d:40:79:fd:80:94:09:
aa:68:c5:b2:3b:5b:84:a9:f1:dd:f4:fc:01:d7:41:86:0e:cf:
75:c6:7d:c4:ef:f6:25:34:08:56:80:da:f0:cb:97:4f:57:87:
63:9d:d3:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYanajRv0R4CQM5CZtLQNqc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWQ2NzAwMmRjNzMwN2U4NTYzYjZlNDkzNGNjZDU3MjNh
NDRmM2UwHhcNMjMwMzAzMTIyMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzg0OTBhNmFkNTFlZGI1MmZhZjUzODYxNjkxMGEwYzIyMWIzMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDY+BcAY/QGGcc8f7XoaSCBHrsNQ
hLZVc0DhM+8GtN/cUcS0nkddupGNjUU2NI1ZvpzkBRtBvUyF05M3qsNaipIvc2TO
8WjDadvxjRFjbASxQRkzzreTBF482+Xnj5jD79P/p/8ho3SBBfVBANZg4VvYDa5d
afRhSxKO1BeCXcdlbxBNyStedSsO64wktd37pwqoz5qZlZ57eAUrwkMZ7u1IRI3L
npijao2QC+1VzQTAvlGgx+nTm53Hzdd2RiNJqJlGXqziAofk8q1rH71OmHlhsDJ1
6OL0ttIKvnao/2w3ox5b/eXjUETKqHrzbflEeh0PLLVbRwTyBdv7OH/txwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFOEkKatUe21L69ThhaRCgwiGzBRMB8GA1UdIwQY
MBaAFDLtZwAtxzB+hWO25JNMzVcjpE8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMt
ZjFlOWJjNDFkOTJmLzEvVTRTUXBxMVI3YlV2cjFPR0ZwRUtEQ0liTUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMtZjFlOWJjNDFkOTJm
LzEvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSKAAwQC
ubQcMA0GCSqGSIb3DQEBCwUAA4IBAQAqGUbNVOSoj8sXPtWjrV+VCNg28NAiL+MP
4VRM/j+Ax/OVta1zGUaPOp2lpNeKAM++BvoS5iS58srR7XrZGs6/fnPrU4CM0vKU
NEisfW3RGZVEvKzqs6HAqJoZmmmzI16Cz5K6xB7CmWABaAyb4PHHi0KxmpbKGzbB
bKxl7te53FEKnD6Mg5jEIjx2I8YBK1X00QDxymTzkofSWm/+X7k4VsEmnWwAH6jT
QgrdnbomaFmMvJ8uE8HR6DhR8hgauU9K4/HiokNQ6BQ9uD/WldXtNm1Aef2AlAmq
aMWyO1uEqfHd9PwB10GGDs91xn3E7/YlNAhWgNrwy5dPV4djndO4
-----END CERTIFICATE-----
Generated at Thu May 8 13:51:09 2025 by rpki-client