Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/S9xyYojMtz3eiUHusa6ol3MDl_I.roa
File: S9xyYojMtz3eiUHusa6ol3MDl_I.roa (raw, json)
Hash identifier: suBYiiioW6VXITSs44/GrAogrEqmCuDRT+JSNAmHGYA=
Subject key identifier: 4B:DC:72:62:88:CC:B7:3D:DE:89:41:EE:B1:AE:A8:97:73:03:97:F2
Certificate issuer: /CN=4978d328bcde5294f372765c11aeef28155b0f02
Certificate serial: 0185703047BA0CBA9E85E3A35F3ED0A4C3A2
Authority key identifier: 49:78:D3:28:BC:DE:52:94:F3:72:76:5C:11:AE:EF:28:15:5B:0F:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SXjTKLzeUpTzcnZcEa7vKBVbDwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/S9xyYojMtz3eiUHusa6ol3MDl_I.roa
Signing time: Mon 02 Jan 2023 01:54:50 +0000
ROA not before: Mon 02 Jan 2023 01:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47745
IP address blocks: 85.187.1.0/24 maxlen: 24
185.255.59.0/24 maxlen: 24
151.237.61.0/24 maxlen: 24
151.237.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:47:ba:0c:ba:9e:85:e3:a3:5f:3e:d0:a4:c3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4978d328bcde5294f372765c11aeef28155b0f02
Validity
Not Before: Jan 2 01:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bdc726288ccb73dde8941eeb1aea897730397f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e7:a9:4c:db:c7:8c:64:b6:e5:89:bc:0c:3c:
c5:79:ce:c9:0b:a2:9b:2c:c1:c0:b4:e6:f4:a7:f9:
64:ad:71:1d:69:34:ad:3d:59:27:12:24:df:01:cc:
41:cf:32:97:da:7c:f3:48:08:97:19:b3:18:71:59:
26:69:78:ba:57:90:ef:f9:cc:26:e4:10:33:f8:dc:
bc:51:b2:e8:da:1b:3d:d3:ee:9d:6a:8d:85:34:5c:
11:d8:f8:35:2b:3b:4d:87:a0:7f:36:94:e2:ea:f1:
30:7c:ff:59:1a:11:74:37:bb:fe:3c:c1:e1:e5:b8:
79:2a:96:b1:ef:d3:9f:76:18:85:1e:b1:87:6d:c9:
f4:51:8b:3d:13:b9:d5:4e:d3:d4:ed:10:29:ce:25:
e5:d5:15:f2:89:30:e1:a5:d1:a2:c1:8f:88:34:03:
34:a9:85:06:d3:d0:d5:46:46:52:10:7b:a7:6c:c9:
cd:8c:91:26:49:f5:72:aa:39:92:83:af:a1:a6:1c:
3c:71:61:92:30:86:91:1e:8e:b4:f0:28:24:f9:4d:
68:f8:de:e0:e7:33:b3:0b:7e:3b:56:aa:e1:0c:1a:
48:41:0a:5b:e5:1a:79:5b:b7:67:c0:dd:ce:61:68:
cf:b3:2b:a7:d1:6a:bc:82:7d:86:cf:75:62:f0:73:
9f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DC:72:62:88:CC:B7:3D:DE:89:41:EE:B1:AE:A8:97:73:03:97:F2
X509v3 Authority Key Identifier:
keyid:49:78:D3:28:BC:DE:52:94:F3:72:76:5C:11:AE:EF:28:15:5B:0F:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SXjTKLzeUpTzcnZcEa7vKBVbDwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/S9xyYojMtz3eiUHusa6ol3MDl_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/SXjTKLzeUpTzcnZcEa7vKBVbDwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.1.0/24
151.237.60.0/23
185.255.59.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:15:fc:d6:ed:61:53:ee:81:51:21:bc:49:5e:92:5a:dd:02:
a3:52:a9:8c:f1:f4:36:d1:74:1f:68:53:8f:23:59:5b:40:fe:
6d:56:9c:20:8a:cc:6d:04:1b:36:98:8c:df:54:37:3c:e9:84:
8b:b0:2d:0a:9f:94:65:5d:db:f5:6d:28:f8:c7:6d:39:7e:e7:
db:61:b9:8a:f1:f7:49:f6:14:1c:db:6d:7d:a3:9e:76:75:19:
18:6e:6c:10:43:ac:7a:49:4e:93:ed:01:e4:69:82:7c:ed:b7:
b3:53:9b:e9:05:92:24:3d:7b:25:d9:c3:52:e4:f9:af:8b:e2:
4d:7a:fc:bc:e7:17:be:e9:a2:a1:2e:4e:2c:c4:b1:d1:80:43:
e1:86:81:8b:d9:4b:4b:58:43:5d:2b:9d:2d:b4:0b:15:cf:c1:
c5:64:00:12:1c:3b:b7:e4:64:bf:d5:06:5e:4c:97:e8:f3:b6:
72:ed:73:73:ae:9a:21:0f:7d:e2:7e:2c:11:8f:aa:24:34:85:
cd:82:6c:8f:3b:71:26:78:e8:a9:10:2a:57:16:6c:fb:95:5a:
21:2a:ae:68:18:43:37:b2:bf:db:56:0d:5b:51:00:50:84:1d:
d9:09:e6:86:5e:cc:01:86:e3:c6:31:f1:20:6d:04:3a:d9:ae:
91:cd:be:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwMEe6DLqeheOjXz7QpMOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NzhkMzI4YmNkZTUyOTRmMzcyNzY1YzExYWVlZjI4MTU1
YjBmMDIwHhcNMjMwMTAyMDE1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRjNzI2Mjg4Y2NiNzNkZGU4OTQxZWViMWFlYTg5NzczMDM5N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeepTNvHjGS25Ym8DDzFec7JC6Kb
LMHAtOb0p/lkrXEdaTStPVknEiTfAcxBzzKX2nzzSAiXGbMYcVkmaXi6V5Dv+cwm
5BAz+Ny8UbLo2hs90+6dao2FNFwR2Pg1KztNh6B/NpTi6vEwfP9ZGhF0N7v+PMHh
5bh5Kpax79OfdhiFHrGHbcn0UYs9E7nVTtPU7RApziXl1RXyiTDhpdGiwY+INAM0
qYUG09DVRkZSEHunbMnNjJEmSfVyqjmSg6+hphw8cWGSMIaRHo608Cgk+U1o+N7g
5zOzC347VqrhDBpIQQpb5Rp5W7dnwN3OYWjPsyun0Wq8gn2Gz3Vi8HOfkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEvccmKIzLc93olB7rGuqJdzA5fyMB8GA1UdIwQY
MBaAFEl40yi83lKU83J2XBGu7ygVWw8CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1hqVEtMemVVcFR6Y25aY0VhN3ZLQlZiRHdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9mZTE3M2ItZjg3Zi00NjRmLWIxYjkt
OGM3ZDIwOTIzYjA4LzEvUzl4eVlvak10ejNlaVVIdXNhNm9sM01EbF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9mZTE3M2ItZjg3Zi00NjRmLWIxYjktOGM3ZDIwOTIzYjA4
LzEvU1hqVEtMemVVcFR6Y25aY0VhN3ZLQlZiRHdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVbsBAwQB
l+08AwQAuf87MA0GCSqGSIb3DQEBCwUAA4IBAQCiFfzW7WFT7oFRIbxJXpJa3QKj
UqmM8fQ20XQfaFOPI1lbQP5tVpwgisxtBBs2mIzfVDc86YSLsC0Kn5RlXdv1bSj4
x205fufbYbmK8fdJ9hQc2219o552dRkYbmwQQ6x6SU6T7QHkaYJ87bezU5vpBZIk
PXsl2cNS5Pmvi+JNevy85xe+6aKhLk4sxLHRgEPhhoGL2UtLWENdK50ttAsVz8HF
ZAASHDu35GS/1QZeTJfo87Zy7XNzrpohD33ifiwRj6okNIXNgmyPO3EmeOipECpX
Fmz7lVohKq5oGEM3sr/bVg1bUQBQhB3ZCeaGXswBhuPGMfEgbQQ62a6Rzb44
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:22 2025 by rpki-client