Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/66Um9LY2pxMqbUzM6rrQLKtn1Fc.roa
File: 66Um9LY2pxMqbUzM6rrQLKtn1Fc.roa (raw, json)
Hash identifier: QktUFdN/DOp7I5B+2+jCwl9IbFeGqHNiE2GnY9yngps=
Subject key identifier: EB:A5:26:F4:B6:36:A7:13:2A:6D:4C:CC:EA:BA:D0:2C:AB:67:D4:57
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018B808537F92AE02DECA858FD817E0C35FC
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/66Um9LY2pxMqbUzM6rrQLKtn1Fc.roa
Signing time: Mon 30 Oct 2023 12:18:16 +0000
ROA not before: Mon 30 Oct 2023 12:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.87.218.0/24 maxlen: 28
185.87.219.0/24 maxlen: 24
2a13:85c0::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:85:37:f9:2a:e0:2d:ec:a8:58:fd:81:7e:0c:35:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Oct 30 12:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eba526f4b636a7132a6d4ccceabad02cab67d457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:eb:47:bf:0d:f9:47:4a:6d:d1:65:be:19:fe:
09:79:97:0b:1b:87:c2:71:ac:4e:8b:b5:11:b1:02:
b8:27:2f:6c:c6:a6:30:80:d6:4d:bd:9c:b6:3d:e8:
8c:3a:9a:e8:c0:a4:bc:ae:de:1a:63:b2:25:1f:e8:
6f:90:f2:2b:ee:23:c9:4a:f6:89:52:38:a2:68:07:
58:e4:64:bc:8c:ed:47:48:1f:2e:8a:14:09:38:79:
1b:be:75:b0:51:94:00:0a:72:80:ad:9f:58:f5:e5:
48:0f:4d:d7:40:23:47:21:b5:3d:09:83:26:7e:2d:
d8:2e:d2:50:3d:05:aa:19:ba:11:8f:67:4d:42:2b:
44:6e:86:a8:97:04:be:97:67:af:64:bc:07:cb:18:
fa:eb:51:f7:12:c2:ea:c7:62:f9:01:d0:13:86:42:
2b:1f:f7:64:73:47:0c:fd:1e:a2:28:d3:c7:31:d2:
86:21:6d:a8:02:cb:68:77:81:cb:4c:6d:99:c9:3c:
a9:0e:08:e2:2a:8e:40:23:6d:b9:ae:35:cf:a4:a4:
5d:b3:a2:85:81:46:21:a5:90:d3:17:0e:a8:f9:4b:
e8:5d:a0:a7:8c:26:88:3d:7f:87:f3:ad:9d:4c:c5:
73:41:e4:b2:16:17:7e:cd:b9:81:57:d0:d9:15:22:
fb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A5:26:F4:B6:36:A7:13:2A:6D:4C:CC:EA:BA:D0:2C:AB:67:D4:57
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/66Um9LY2pxMqbUzM6rrQLKtn1Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.218.0/23
IPv6:
2a13:85c0::/40
Signature Algorithm: sha256WithRSAEncryption
10:bf:9b:fc:3a:b8:6e:68:06:3e:4e:13:f7:f4:f5:3c:f0:3c:
98:85:ad:b7:45:d4:61:3a:cb:d0:d9:bd:65:d0:33:95:ed:20:
e4:30:99:fa:2f:65:cc:f9:1e:c1:c8:d1:8e:f4:ca:f9:cd:e7:
34:23:ec:f2:87:fc:1a:ba:58:f8:c9:52:de:9e:fc:ba:54:49:
cd:ce:61:38:91:19:19:3e:71:14:45:89:d5:a7:4c:31:f9:dc:
c7:4f:5b:21:0f:3d:b1:cd:fb:67:88:ff:42:a8:50:c9:14:df:
46:44:35:9b:68:0e:2b:96:0f:12:65:01:03:07:aa:57:41:f0:
7c:b6:99:0c:89:3e:7f:46:01:d3:40:30:23:c5:9d:4a:d4:cc:
dd:b2:4d:aa:51:bb:2b:7f:4f:bd:2b:e4:c8:24:a8:08:70:e8:
71:01:5a:62:75:02:bf:b0:cb:f6:46:f6:96:22:8f:e0:19:b4:
b2:f5:9b:54:ab:e8:ce:3c:1c:3c:97:f5:7b:e9:c4:6d:9d:7a:
e8:14:c1:7e:e8:14:13:92:7d:59:f6:ba:90:34:97:0c:26:6a:
72:85:e4:68:e4:94:13:2f:53:aa:6a:74:94:86:5d:d2:7d:f6:
64:8a:5f:6a:81:3a:0c:07:c0:c0:e2:99:79:4e:de:c8:76:bc:
6c:ce:f6:4f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYuAhTf5KuAt7KhY/YF+DDX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMxMDMwMTIxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmE1MjZmNGI2MzZhNzEzMmE2ZDRjY2NlYWJhZDAyY2FiNjdkNDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+tHvw35R0pt0WW+Gf4JeZcLG4fC
caxOi7URsQK4Jy9sxqYwgNZNvZy2PeiMOprowKS8rt4aY7IlH+hvkPIr7iPJSvaJ
UjiiaAdY5GS8jO1HSB8uihQJOHkbvnWwUZQACnKArZ9Y9eVID03XQCNHIbU9CYMm
fi3YLtJQPQWqGboRj2dNQitEboaolwS+l2evZLwHyxj661H3EsLqx2L5AdAThkIr
H/dkc0cM/R6iKNPHMdKGIW2oAstod4HLTG2ZyTypDgjiKo5AI225rjXPpKRds6KF
gUYhpZDTFw6o+UvoXaCnjCaIPX+H862dTMVzQeSyFhd+zbmBV9DZFSL7YwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOulJvS2NqcTKm1MzOq60CyrZ9RXMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvNjZVbTlMWTJweE1xYlV6TTZyclFMS3RuMUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuVfaMA4E
AgACMAgDBgAqE4XAADANBgkqhkiG9w0BAQsFAAOCAQEAEL+b/Dq4bmgGPk4T9/T1
PPA8mIWtt0XUYTrL0Nm9ZdAzle0g5DCZ+i9lzPkewcjRjvTK+c3nNCPs8of8GrpY
+MlS3p78ulRJzc5hOJEZGT5xFEWJ1adMMfncx09bIQ89sc37Z4j/QqhQyRTfRkQ1
m2gOK5YPEmUBAweqV0HwfLaZDIk+f0YB00AwI8WdStTM3bJNqlG7K39PvSvkyCSo
CHDocQFaYnUCv7DL9kb2liKP4Bm0svWbVKvozjwcPJf1e+nEbZ166BTBfugUE5J9
Wfa6kDSXDCZqcoXkaOSUEy9Tqmp0lIZd0n32ZIpfaoE6DAfAwOKZeU7eyHa8bM72
Tw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:08 2025 by rpki-client