Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/rihZWmi7Y03LZaN5kUu9ymm1RGM.roa
File: rihZWmi7Y03LZaN5kUu9ymm1RGM.roa (raw, json)
Hash identifier: DcFfI77H/WQ5xrYpSfRiwbmhBgCbPGb73FyBGLdEHm4=
Subject key identifier: AE:28:59:5A:68:BB:63:4D:CB:65:A3:79:91:4B:BD:CA:69:B5:44:63
Certificate issuer: /CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Certificate serial: 35B66378
Authority key identifier: E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/rihZWmi7Y03LZaN5kUu9ymm1RGM.roa
Signing time: Sat 01 Jan 2022 16:06:28 +0000
ROA not before: Sat 01 Jan 2022 16:06:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200491
IP address blocks: 185.75.151.0/24 maxlen: 24
2a03:4b27:e000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901145464 (0x35b66378)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Validity
Not Before: Jan 1 16:06:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae28595a68bb634dcb65a379914bbdca69b54463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:91:d4:03:09:8b:4e:ca:79:44:35:82:51:8c:
24:5f:7e:91:87:46:ae:5e:06:c9:fc:95:83:a6:74:
cc:59:26:82:e6:16:e4:e7:72:b0:96:d5:12:cc:9a:
01:85:0e:0d:c0:3f:77:e9:a6:ad:24:76:34:21:5e:
b5:4a:1c:b7:22:99:80:eb:bc:be:2d:44:01:44:6a:
be:c3:56:65:88:c0:0b:81:4c:df:19:40:f9:f0:4b:
b9:ae:05:cb:3e:c0:60:32:4a:ee:38:7a:93:03:71:
fa:cb:54:17:08:20:75:6f:76:66:f2:99:9d:99:24:
c4:28:eb:fc:7d:9d:4a:0a:fa:ef:e9:af:00:6e:d9:
84:cb:02:c4:70:fc:25:64:1b:97:ff:e7:81:b2:c3:
63:1d:93:d3:04:d6:6c:1d:bc:9b:e4:66:b9:2a:20:
46:79:5f:41:a7:f1:a1:b3:6f:4f:26:86:2c:dc:ea:
11:3a:b1:0e:ee:ad:0f:dc:e0:69:47:6c:a5:bd:11:
42:1f:03:9a:06:13:91:1b:ed:04:40:da:d3:49:a0:
12:1d:78:29:a4:df:47:43:55:36:8b:a0:5d:ac:49:
c9:89:a5:e7:cc:36:43:8f:a8:5f:a0:a1:c6:e0:d0:
5d:db:94:c3:7b:9d:7e:4f:dc:45:92:b9:1f:60:28:
2b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:28:59:5A:68:BB:63:4D:CB:65:A3:79:91:4B:BD:CA:69:B5:44:63
X509v3 Authority Key Identifier:
keyid:E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/rihZWmi7Y03LZaN5kUu9ymm1RGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.151.0/24
IPv6:
2a03:4b27:e000::/36
Signature Algorithm: sha256WithRSAEncryption
49:b3:94:53:db:10:5a:fa:22:79:54:ec:bf:f6:b3:51:fa:79:
bb:f7:c6:09:00:17:32:10:12:f9:d0:c6:59:f1:e3:b1:3b:19:
14:15:10:57:ed:e9:44:8d:47:09:8a:fd:bc:f1:e6:4c:dd:40:
1b:6c:1c:ee:40:ab:aa:24:08:0e:2a:bc:17:07:fe:2b:95:42:
1a:a5:cc:c6:3d:ef:0f:c8:db:a2:4d:92:d9:62:07:78:54:97:
0c:9c:1a:70:e4:b8:ac:6d:cc:08:7e:76:ae:f0:12:86:24:e1:
2f:8f:86:aa:75:4e:68:d3:0d:46:9f:39:28:4f:56:42:ae:07:
9b:eb:2b:6e:fc:64:6f:37:ab:a8:39:09:dc:bc:89:7e:79:af:
60:d5:c7:af:54:8e:4e:4c:ae:8a:d1:72:53:65:e0:31:42:ea:
a3:27:3e:d7:4b:e8:19:86:0e:d7:97:dc:a1:34:7e:79:7d:24:
46:7e:b6:71:00:7f:a6:fb:90:84:2f:e8:d6:04:c3:36:3a:9a:
20:63:e4:62:7d:4d:7b:df:2b:e4:c0:fe:c3:f3:c9:3b:ec:85:
9f:04:df:13:30:39:0f:3c:81:6c:81:8b:79:03:18:1d:a8:bf:
e3:3d:61:dd:84:b7:a7:32:a9:d7:4c:66:92:72:7e:3f:45:f1:
33:1e:b7:36
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIENbZjeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzlmMWE2ZTg0YzAyNzdlZmNiNTZkOTQyYjBlYjVlNDU2NDcxMTI5MB4XDTIyMDEw
MTE2MDYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWUyODU5NWE2OGJi
NjM0ZGNiNjVhMzc5OTE0YmJkY2E2OWI1NDQ2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSR1AMJi07KeUQ1glGMJF9+kYdGrl4GyfyVg6Z0zFkmguYW
5OdysJbVEsyaAYUODcA/d+mmrSR2NCFetUoctyKZgOu8vi1EAURqvsNWZYjAC4FM
3xlA+fBLua4Fyz7AYDJK7jh6kwNx+stUFwggdW92ZvKZnZkkxCjr/H2dSgr67+mv
AG7ZhMsCxHD8JWQbl//ngbLDYx2T0wTWbB28m+RmuSogRnlfQafxobNvTyaGLNzq
ETqxDu6tD9zgaUdspb0RQh8DmgYTkRvtBEDa00mgEh14KaTfR0NVNougXaxJyYml
58w2Q4+oX6ChxuDQXduUw3udfk/cRZK5H2AoK3sCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBSuKFlaaLtjTctlo3mRS73KabVEYzAfBgNVHSMEGDAWgBTjnxpuhMAnfvy1
bZQrDrXkVkcRKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQ1OGFib1RBSjM3OHRXMlVLdzYxNUZaSEVTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvMTYwYTc3LTc1NmQtNDQxYS04NmMzLTBlNTM5Mjc1N2Y4Mi8x
L3JpaFpXbWk3WTAzTFphTjVrVXU5eW1tMVJHTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
MTYwYTc3LTc1NmQtNDQxYS04NmMzLTBlNTM5Mjc1N2Y4Mi8xLzQ1OGFib1RBSjM3
OHRXMlVLdzYxNUZaSEVTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEALlLlzAOBAIAAjAIAwYEKgNLJ+Aw
DQYJKoZIhvcNAQELBQADggEBAEmzlFPbEFr6InlU7L/2s1H6ebv3xgkAFzIQEvnQ
xlnx47E7GRQVEFft6USNRwmK/bzx5kzdQBtsHO5Aq6okCA4qvBcH/iuVQhqlzMY9
7w/I26JNktliB3hUlwycGnDkuKxtzAh+dq7wEoYk4S+Phqp1TmjTDUafOShPVkKu
B5vrK278ZG83q6g5Cdy8iX55r2DVx69Ujk5MrorRclNl4DFC6qMnPtdL6BmGDteX
3KE0fnl9JEZ+tnEAf6b7kIQv6NYEwzY6miBj5GJ9TXvfK+TA/sPzyTvshZ8E3xMw
OQ88gWyBi3kDGB2ov+M9Yd2Et6cyqddMZpJyfj9F8TMetzY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:13:06 2025 by rpki-client