Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/d0-qlIxhUDPWtxfSI6RoN8r2Yb4.roa
File: d0-qlIxhUDPWtxfSI6RoN8r2Yb4.roa (raw, json)
Hash identifier: rBv5u+EIljRbJG46W0gcvMbzoykY/bEtjhR8QADB/7w=
Subject key identifier: 77:4F:AA:94:8C:61:50:33:D6:B7:17:D2:23:A4:68:37:CA:F6:61:BE
Certificate issuer: /CN=a49f6266f61a1eccd4dee094cc71c6db86bbb37b
Certificate serial: 069D24
Authority key identifier: A4:9F:62:66:F6:1A:1E:CC:D4:DE:E0:94:CC:71:C6:DB:86:BB:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJ9iZvYaHszU3uCUzHHG24a7s3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/d0-qlIxhUDPWtxfSI6RoN8r2Yb4.roa
Signing time: Fri 07 Jan 2022 00:54:06 +0000
ROA not before: Fri 07 Jan 2022 00:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6939
IP address blocks: 185.149.69.0/24 maxlen: 24
185.149.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433444 (0x69d24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a49f6266f61a1eccd4dee094cc71c6db86bbb37b
Validity
Not Before: Jan 7 00:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=774faa948c615033d6b717d223a46837caf661be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:44:9a:d7:04:12:3b:2e:50:11:56:78:07:d9:
a7:81:84:b5:2e:67:2a:c5:25:c0:f1:d6:14:71:e1:
3f:c7:80:0b:cb:33:91:02:dc:f3:8d:27:f6:80:db:
5f:6e:bb:5a:b7:3c:5d:a7:b7:53:a8:ab:46:72:de:
ca:07:13:17:49:3a:e9:62:44:10:70:3a:59:3e:78:
73:12:b4:56:c1:24:33:e4:5f:c7:20:92:c0:e2:d8:
3b:1b:74:68:6c:23:b2:de:bc:4a:41:7f:25:a0:bf:
f3:26:11:87:da:ff:57:22:67:05:7c:68:03:74:1a:
ea:81:39:c4:79:32:74:9b:69:32:d7:60:e3:28:13:
61:a8:ee:cc:b3:d8:09:1f:6c:af:33:a3:8b:76:86:
eb:b1:4e:89:9e:29:05:3b:ef:36:96:39:57:fd:38:
1b:c9:e3:ea:ed:e6:39:d7:d6:e3:5a:71:8e:d8:c1:
a3:85:07:87:a1:42:6b:a4:32:82:16:54:4b:d1:f7:
54:79:99:79:07:6c:75:55:77:6a:4f:2b:aa:a0:d5:
1c:bd:9c:4d:dd:86:1f:71:2a:fe:df:ce:37:5e:6c:
3b:3a:86:1c:ef:39:89:61:11:0b:30:b7:31:5b:7f:
20:d1:e9:3e:96:0d:a6:52:ac:95:46:fd:43:8e:14:
1a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:4F:AA:94:8C:61:50:33:D6:B7:17:D2:23:A4:68:37:CA:F6:61:BE
X509v3 Authority Key Identifier:
keyid:A4:9F:62:66:F6:1A:1E:CC:D4:DE:E0:94:CC:71:C6:DB:86:BB:B3:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJ9iZvYaHszU3uCUzHHG24a7s3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/d0-qlIxhUDPWtxfSI6RoN8r2Yb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/pJ9iZvYaHszU3uCUzHHG24a7s3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.69.0-185.149.70.255
Signature Algorithm: sha256WithRSAEncryption
43:53:98:6a:1c:06:80:63:e5:0d:b2:63:7d:39:41:27:96:ad:
38:4b:90:f0:72:b3:1e:7a:f7:12:5f:39:de:a2:d5:8c:01:66:
bb:b0:5a:f4:45:b6:78:6d:d0:04:92:bf:cd:64:0f:e9:42:1e:
91:56:3e:da:04:04:df:c0:9d:18:5b:9d:9d:ed:71:09:d0:74:
80:54:ec:0e:59:ad:eb:5a:d7:f2:87:f7:2c:53:60:14:57:31:
29:b2:83:ce:b7:db:71:9f:5f:49:5e:b1:0d:a3:a0:5e:06:14:
16:6e:74:3f:d0:2b:be:19:e4:c4:31:0f:1d:7a:b5:1c:ac:01:
fe:47:77:af:1b:91:3c:c8:b8:7e:f4:e5:46:88:ee:af:ee:a5:
9a:49:28:00:ec:f0:98:71:85:e8:e5:8c:a9:7e:c1:89:da:68:
3d:3f:15:cd:8b:97:35:cf:07:e2:5e:b1:f2:f4:35:60:1c:99:
a3:97:29:89:18:1c:d5:1c:f7:c4:4d:0d:4d:70:5b:34:cb:b8:
52:7c:1c:94:a6:84:70:ba:be:71:b4:7f:06:97:93:ed:62:ff:
69:be:2d:77:d6:b9:e6:be:3c:1d:fa:e9:8f:12:ff:af:48:d5:
ef:b5:e9:f0:9c:36:63:53:c0:7d:89:f5:01:3c:f5:4a:ad:f2:
67:52:5c:35
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIDBp0kMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE0
OWY2MjY2ZjYxYTFlY2NkNGRlZTA5NGNjNzFjNmRiODZiYmIzN2IwHhcNMjIwMTA3
MDA1NDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3NzRmYWE5NDhjNjE1
MDMzZDZiNzE3ZDIyM2E0NjgzN2NhZjY2MWJlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0kSa1wQSOy5QEVZ4B9mngYS1LmcqxSXA8dYUceE/x4ALyzOR
AtzzjSf2gNtfbrtatzxdp7dTqKtGct7KBxMXSTrpYkQQcDpZPnhzErRWwSQz5F/H
IJLA4tg7G3RobCOy3rxKQX8loL/zJhGH2v9XImcFfGgDdBrqgTnEeTJ0m2ky12Dj
KBNhqO7Ms9gJH2yvM6OLdobrsU6JnikFO+82ljlX/TgbyePq7eY519bjWnGO2MGj
hQeHoUJrpDKCFlRL0fdUeZl5B2x1VXdqTyuqoNUcvZxN3YYfcSr+3843Xmw7OoYc
7zmJYRELMLcxW38g0ek+lg2mUqyVRv1DjhQamwIDAQABo4ICETCCAg0wHQYDVR0O
BBYEFHdPqpSMYVAz1rcX0iOkaDfK9mG+MB8GA1UdIwQYMBaAFKSfYmb2Gh7M1N7g
lMxxxtuGu7N7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cEo5aVp2WWFIc3pVM3VDVXpISEcyNGE3czNzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wYS80NzYyNTMtMjc4OC00NTE5LWJlYmEtOThiZTMzNWYzYzU0LzEv
ZDAtcWxJeGhVRFBXdHhmU0k2Um9OOHIyWWI0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80
NzYyNTMtMjc4OC00NTE5LWJlYmEtOThiZTMzNWYzYzU0LzEvcEo5aVp2WWFIc3pV
M3VDVXpISEcyNGE3czNzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcG
CCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5lUUDBAC5lUYwDQYJKoZIhvcN
AQELBQADggEBAENTmGocBoBj5Q2yY305QSeWrThLkPBysx569xJfOd6i1YwBZruw
WvRFtnht0ASSv81kD+lCHpFWPtoEBN/AnRhbnZ3tcQnQdIBU7A5Zreta1/KH9yxT
YBRXMSmyg86323GfX0lesQ2joF4GFBZudD/QK74Z5MQxDx16tRysAf5Hd68bkTzI
uH705UaI7q/upZpJKADs8JhxhejljKl+wYnaaD0/Fc2LlzXPB+JesfL0NWAcmaOX
KYkYHNUc98RNDU1wWzTLuFJ8HJSmhHC6vnG0fwaXk+1i/2m+LXfWuea+PB366Y8S
/69I1e+16fCcNmNTwH2J9QE89Uqt8mdSXDU=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:28:00 2025 by rpki-client