Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/O-SQnNfFdP0b25Fk6bsiShH5pCI.roa
File: O-SQnNfFdP0b25Fk6bsiShH5pCI.roa (raw, json)
Hash identifier: kAMLMOaLlsw9a9BkmRtewhPRPqjreToClUq3qdYPJqE=
Subject key identifier: 3B:E4:90:9C:D7:C5:74:FD:1B:DB:91:64:E9:BB:22:4A:11:F9:A4:22
Certificate issuer: /CN=4d77ccd7a94415dfc68ccca874e94c2e8c22202d
Certificate serial: 12BE0A95
Authority key identifier: 4D:77:CC:D7:A9:44:15:DF:C6:8C:CC:A8:74:E9:4C:2E:8C:22:20:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/O-SQnNfFdP0b25Fk6bsiShH5pCI.roa
Signing time: Sat 01 Jan 2022 05:00:20 +0000
ROA not before: Sat 01 Jan 2022 05:00:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136557
IP address blocks: 185.184.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 314444437 (0x12be0a95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d77ccd7a94415dfc68ccca874e94c2e8c22202d
Validity
Not Before: Jan 1 05:00:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3be4909cd7c574fd1bdb9164e9bb224a11f9a422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:64:be:18:19:39:4a:8a:22:b6:99:9b:8d:f0:
3a:f9:93:9c:6d:b2:55:ca:dd:16:ba:62:b7:f0:b4:
28:74:95:ae:2e:fb:e6:7b:ce:f5:0e:b4:6e:09:27:
85:99:14:f6:a7:fb:2d:43:88:f3:ca:3b:07:a6:b2:
eb:1f:21:44:68:bc:60:c5:0a:53:fb:a2:7d:e7:fa:
68:32:3e:e6:55:c8:ee:40:da:17:fd:11:18:a8:0a:
b9:fa:10:10:17:f3:e0:54:3a:d5:21:a0:0f:69:c1:
24:ec:ae:0c:be:ca:af:c8:09:7d:af:96:73:06:06:
e4:18:d6:54:78:d6:78:d3:5d:5f:59:4b:ef:be:20:
32:0f:dc:09:be:7f:4b:54:0b:d2:c7:3f:89:59:9d:
45:a8:ec:df:f8:d9:9a:53:eb:8c:00:e6:96:9d:44:
60:66:91:25:48:0c:42:9b:9a:5e:46:08:8f:d9:be:
8d:53:46:8e:e0:f7:74:2c:bc:61:56:30:de:01:46:
45:dc:ea:a6:1b:c6:2a:ec:73:b1:62:62:8f:4b:fa:
95:75:c1:10:f1:aa:36:9e:85:4e:ea:e5:a0:f9:76:
0d:95:3b:59:e6:02:33:e3:84:20:10:36:e0:02:64:
e7:64:56:51:90:b0:2d:49:cb:f1:be:ae:cf:48:f6:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E4:90:9C:D7:C5:74:FD:1B:DB:91:64:E9:BB:22:4A:11:F9:A4:22
X509v3 Authority Key Identifier:
keyid:4D:77:CC:D7:A9:44:15:DF:C6:8C:CC:A8:74:E9:4C:2E:8C:22:20:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/O-SQnNfFdP0b25Fk6bsiShH5pCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/TXfM16lEFd_GjMyodOlMLowiIC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.152.0/24
Signature Algorithm: sha256WithRSAEncryption
80:21:f1:5d:da:c6:a3:3b:0b:b0:e8:8b:3c:7d:3e:32:df:2e:
35:3b:85:e7:09:33:23:89:6d:fb:a0:bb:be:f9:a2:21:c6:1f:
23:d4:91:9d:52:4b:df:e8:e1:03:bf:0f:42:6f:7a:92:68:00:
81:2c:87:08:59:a0:61:98:5c:e2:dc:6c:fc:4e:14:02:b0:13:
6c:da:dc:a5:10:6d:a0:a9:7c:9f:07:f9:1a:da:71:b0:dc:77:
c5:ff:6a:e6:af:2c:4a:02:30:cf:23:9a:b7:6a:dd:a5:da:7f:
1f:87:3c:58:40:84:ca:34:fb:d0:dc:dd:bc:e7:3b:0a:bd:f3:
16:01:ee:6c:9c:ee:91:b5:57:3f:ce:f4:40:93:74:b4:84:7e:
20:a0:95:a5:6e:82:d5:81:0e:13:90:80:e7:c2:56:bc:9b:3d:
33:07:9e:1f:93:e8:44:ee:c8:ef:24:07:0f:75:66:e4:cd:5e:
92:43:5b:5b:3a:8f:f9:97:a0:17:20:e9:46:1e:07:0e:6e:87:
4f:72:62:98:a1:e7:f8:2d:6a:6a:94:be:a9:c5:3a:0e:76:5c:
54:60:49:62:78:dc:b6:62:ad:83:99:3b:6a:7d:c5:10:3f:80:
1f:31:d6:c3:1d:12:e4:ec:ae:f6:d0:3d:dd:61:a3:93:cf:15:
0c:60:e1:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEr4KlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDc3Y2NkN2E5NDQxNWRmYzY4Y2NjYTg3NGU5NGMyZThjMjIyMDJkMB4XDTIyMDEw
MTA1MDAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JlNDkwOWNkN2M1
NzRmZDFiZGI5MTY0ZTliYjIyNGExMWY5YTQyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1kvhgZOUqKIraZm43wOvmTnG2yVcrdFrpit/C0KHSVri77
5nvO9Q60bgknhZkU9qf7LUOI88o7B6ay6x8hRGi8YMUKU/uifef6aDI+5lXI7kDa
F/0RGKgKufoQEBfz4FQ61SGgD2nBJOyuDL7Kr8gJfa+WcwYG5BjWVHjWeNNdX1lL
774gMg/cCb5/S1QL0sc/iVmdRajs3/jZmlPrjADmlp1EYGaRJUgMQpuaXkYIj9m+
jVNGjuD3dCy8YVYw3gFGRdzqphvGKuxzsWJij0v6lXXBEPGqNp6FTurloPl2DZU7
WeYCM+OEIBA24AJk52RWUZCwLUnL8b6uz0j2pWkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ75JCc18V0/RvbkWTpuyJKEfmkIjAfBgNVHSMEGDAWgBRNd8zXqUQV38aM
zKh06UwujCIgLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RYZk0xNmxFRmRfR2pNeW9kT2xNTG93aUlDMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvZDYwOGI4LTUwMWYtNDkxZi1hMmYyLTEwZTU3ZjU2YTE3YS8x
L08tU1FuTmZGZFAwYjI1Rms2YnNpU2hINXBDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ZDYwOGI4LTUwMWYtNDkxZi1hMmYyLTEwZTU3ZjU2YTE3YS8xL1RYZk0xNmxFRmRf
R2pNeW9kT2xNTG93aUlDMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm4mDANBgkqhkiG9w0BAQsFAAOC
AQEAgCHxXdrGozsLsOiLPH0+Mt8uNTuF5wkzI4lt+6C7vvmiIcYfI9SRnVJL3+jh
A78PQm96kmgAgSyHCFmgYZhc4txs/E4UArATbNrcpRBtoKl8nwf5GtpxsNx3xf9q
5q8sSgIwzyOat2rdpdp/H4c8WECEyjT70NzdvOc7Cr3zFgHubJzukbVXP870QJN0
tIR+IKCVpW6C1YEOE5CA58JWvJs9MweeH5PoRO7I7yQHD3Vm5M1ekkNbWzqP+Zeg
FyDpRh4HDm6HT3JimKHn+C1qapS+qcU6DnZcVGBJYnjctmKtg5k7an3FED+AHzHW
wx0S5Oyu9tA93WGjk88VDGDhUg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:07:55 2025 by rpki-client