Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/366Kp-vsHo27-yPCplLnwMsqKrc.roa
File: 366Kp-vsHo27-yPCplLnwMsqKrc.roa (raw, json)
Hash identifier: BL0+HE8RBhRqq1kK+nU04gshrLXq4zzEQtHUjHQwJDM=
Subject key identifier: DF:AE:8A:A7:EB:EC:1E:8D:BB:FB:23:C2:A6:52:E7:C0:CB:2A:2A:B7
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 01856D4ABC843C263222FA1AA7AC097F384C
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/366Kp-vsHo27-yPCplLnwMsqKrc.roa
Signing time: Sun 01 Jan 2023 12:24:52 +0000
ROA not before: Sun 01 Jan 2023 12:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210531
IP address blocks: 185.217.136.0/24 maxlen: 24
185.217.137.0/24 maxlen: 24
45.148.146.0/24 maxlen: 24
45.148.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:bc:84:3c:26:32:22:fa:1a:a7:ac:09:7f:38:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 1 12:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfae8aa7ebec1e8dbbfb23c2a652e7c0cb2a2ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:00:48:f5:c3:42:b5:bc:53:ee:60:da:d0:e3:
71:7a:b9:42:f6:05:d7:1b:aa:51:c9:68:8c:97:73:
f3:8e:e2:cf:86:13:d8:51:7d:ad:18:e8:fd:09:21:
8b:c1:03:11:eb:75:d7:9a:ad:41:fe:c2:b0:a4:a2:
8c:86:7c:df:31:c3:3d:f4:2f:fd:f1:87:00:fb:2a:
89:fe:02:7a:86:09:c2:49:b6:c7:c7:20:fa:58:63:
72:02:f9:8f:c7:be:9d:ec:64:06:f7:10:cb:a7:3f:
e8:a2:d7:c1:ca:1b:eb:e9:93:5a:9a:44:c6:c8:b2:
c5:72:92:b9:18:bc:85:fb:d8:80:5f:b5:cb:3a:81:
41:25:d4:ae:fa:ad:dc:8a:c1:af:ec:fe:58:ec:b8:
20:f6:e7:13:30:24:2c:db:4f:64:5d:00:1e:bb:26:
00:bc:29:22:06:f5:f8:b9:9c:af:33:de:d8:e1:37:
b3:d6:f8:28:3c:5a:3d:f8:23:ac:ce:a0:e2:ad:7f:
9c:51:20:80:c6:b4:00:a7:74:ac:a4:4a:11:42:47:
49:3a:39:52:10:84:5a:96:4f:3a:9e:40:3e:e4:b5:
7b:91:d2:73:1b:e2:bc:3a:e4:5f:bf:cb:ab:7b:06:
a8:99:39:81:fb:62:fc:e6:11:78:13:9f:c7:79:40:
3c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:AE:8A:A7:EB:EC:1E:8D:BB:FB:23:C2:A6:52:E7:C0:CB:2A:2A:B7
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/366Kp-vsHo27-yPCplLnwMsqKrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.146.0/23
185.217.136.0/23
Signature Algorithm: sha256WithRSAEncryption
99:d7:bd:1b:12:d5:7e:ee:e0:46:e9:d4:41:b2:8a:cb:78:e4:
02:e6:68:4f:fa:fc:c7:72:f5:8c:82:80:c1:83:a3:8b:a1:fe:
bc:bd:1c:78:28:52:25:5f:7c:da:04:56:b6:1b:b6:25:ca:1c:
73:8a:2b:08:76:9d:99:51:5a:f1:d6:cc:cb:5e:d6:7c:13:0c:
89:1a:37:e6:61:4b:7a:57:bf:7d:cb:40:1c:9f:ed:78:a5:62:
e5:15:d1:c7:84:4b:a1:86:d7:2f:f8:dc:5b:b3:74:37:43:4d:
9e:bd:b8:dd:0c:7c:56:88:5a:5d:f5:fa:2b:fc:75:51:15:b2:
d1:34:b3:25:a8:18:0a:fa:d2:67:7f:9b:21:c5:94:5e:05:a3:
15:cc:c6:a7:a3:92:2b:62:5c:42:7f:c1:a3:ee:67:54:50:44:
8e:69:d4:67:46:bc:c1:e2:b9:28:12:5f:90:75:c8:d4:eb:9d:
e5:cf:31:61:3a:36:b1:0a:48:99:ec:53:02:a3:95:17:48:69:
37:b9:94:aa:50:6a:32:6f:0f:48:44:11:dc:31:fc:10:e6:a0:
ef:5a:16:0d:5e:19:f6:38:3b:16:41:c2:31:7f:81:fd:3e:09:
e7:9d:5a:e7:e9:7a:80:bb:cb:da:c2:c3:12:34:88:9e:73:d0:
9c:49:71:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtSryEPCYyIvoap6wJfzhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwMTAxMTIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmFlOGFhN2ViZWMxZThkYmJmYjIzYzJhNjUyZTdjMGNiMmEyYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkABI9cNCtbxT7mDa0ONxerlC9gXX
G6pRyWiMl3PzjuLPhhPYUX2tGOj9CSGLwQMR63XXmq1B/sKwpKKMhnzfMcM99C/9
8YcA+yqJ/gJ6hgnCSbbHxyD6WGNyAvmPx76d7GQG9xDLpz/ootfByhvr6ZNamkTG
yLLFcpK5GLyF+9iAX7XLOoFBJdSu+q3cisGv7P5Y7Lgg9ucTMCQs209kXQAeuyYA
vCkiBvX4uZyvM97Y4Tez1vgoPFo9+COszqDirX+cUSCAxrQAp3SspEoRQkdJOjlS
EIRalk86nkA+5LV7kdJzG+K8OuRfv8urewaomTmB+2L85hF4E5/HeUA8xQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN+uiqfr7B6Nu/sjwqZS58DLKiq3MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvMzY2S3AtdnNIbzI3LXlQQ3BsTG53TXNxS3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZSSAwQB
udmIMA0GCSqGSIb3DQEBCwUAA4IBAQCZ170bEtV+7uBG6dRBsorLeOQC5mhP+vzH
cvWMgoDBg6OLof68vRx4KFIlX3zaBFa2G7YlyhxziisIdp2ZUVrx1szLXtZ8EwyJ
GjfmYUt6V799y0Acn+14pWLlFdHHhEuhhtcv+Nxbs3Q3Q02evbjdDHxWiFpd9for
/HVRFbLRNLMlqBgK+tJnf5shxZReBaMVzMano5IrYlxCf8Gj7mdUUESOadRnRrzB
4rkoEl+QdcjU653lzzFhOjaxCkiZ7FMCo5UXSGk3uZSqUGoybw9IRBHcMfwQ5qDv
WhYNXhn2ODsWQcIxf4H9PgnnnVrn6XqAu8vawsMSNIiec9CcSXEy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:22 2025 by rpki-client