Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/ce0b21-d65c-42e6-874b-f4cb867f90d8/1/1TvgeVKVh_PmraJ6BbTRy2sYjzs.roa
File: 1TvgeVKVh_PmraJ6BbTRy2sYjzs.roa (raw, json)
Hash identifier: 5O5iOujPmL74Oslgf1Fy1myFxZJ7U8I0PgnKqXrZ7S8=
Subject key identifier: D5:3B:E0:79:52:95:87:F3:E6:AD:A2:7A:05:B4:D1:CB:6B:18:8F:3B
Certificate issuer: /CN=b06f4040491a656ff7526d2f17611b0d68acbd0c
Certificate serial: 109F0550
Authority key identifier: B0:6F:40:40:49:1A:65:6F:F7:52:6D:2F:17:61:1B:0D:68:AC:BD:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sG9AQEkaZW_3Um0vF2EbDWisvQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/ce0b21-d65c-42e6-874b-f4cb867f90d8/1/1TvgeVKVh_PmraJ6BbTRy2sYjzs.roa
Signing time: Sat 01 Jan 2022 04:04:00 +0000
ROA not before: Sat 01 Jan 2022 04:04:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204996
IP address blocks: 185.170.248.0/22 maxlen: 24
185.170.248.0/23 maxlen: 23
185.170.248.0/24 maxlen: 24
185.170.251.0/24 maxlen: 24
185.170.249.0/24 maxlen: 24
185.170.250.0/24 maxlen: 24
185.170.250.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278857040 (0x109f0550)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b06f4040491a656ff7526d2f17611b0d68acbd0c
Validity
Not Before: Jan 1 04:04:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d53be079529587f3e6ada27a05b4d1cb6b188f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:aa:17:31:10:42:1f:6b:21:92:8e:f6:e6:aa:
09:3a:85:5f:70:95:31:f4:8c:0e:cd:07:ca:40:92:
60:65:46:59:0c:e7:2b:5e:86:10:d2:af:5f:a3:78:
65:0a:a6:ec:97:8a:d8:b4:5d:30:8d:34:f5:7a:f1:
77:5d:20:b5:e0:8b:23:1a:0a:ad:d1:c6:f8:03:f6:
a0:0b:7d:de:77:f2:af:b7:10:ff:bf:7c:af:c9:11:
d9:9c:c3:fe:aa:8e:24:5e:06:03:6d:6c:4c:ba:ce:
e7:26:4d:1f:bf:54:ce:62:d2:4f:33:f3:61:6c:49:
1d:e0:84:a6:54:7a:5a:38:8f:b1:78:08:0f:2b:a9:
df:3b:3b:2c:8e:14:c4:ed:16:86:36:12:49:52:12:
ed:19:d2:70:66:1b:5c:c1:b3:33:d3:d9:85:f9:b2:
e4:ad:36:6e:46:e7:94:0e:6d:55:5b:84:05:ee:04:
e9:4b:67:6e:7e:57:86:8f:31:96:39:d3:0d:dd:8d:
75:4e:a4:37:49:3b:14:0b:46:5f:a8:c2:b1:db:3f:
1a:73:8c:84:eb:ac:0b:3d:4a:b5:d7:ce:28:12:ab:
98:4f:55:72:9d:72:cf:bd:66:75:bc:72:9d:cb:32:
37:34:a9:48:d4:46:c1:5a:8c:26:a1:3b:dd:0a:99:
1a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3B:E0:79:52:95:87:F3:E6:AD:A2:7A:05:B4:D1:CB:6B:18:8F:3B
X509v3 Authority Key Identifier:
keyid:B0:6F:40:40:49:1A:65:6F:F7:52:6D:2F:17:61:1B:0D:68:AC:BD:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sG9AQEkaZW_3Um0vF2EbDWisvQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ce0b21-d65c-42e6-874b-f4cb867f90d8/1/1TvgeVKVh_PmraJ6BbTRy2sYjzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ce0b21-d65c-42e6-874b-f4cb867f90d8/1/sG9AQEkaZW_3Um0vF2EbDWisvQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.248.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:ec:29:b2:ad:cb:3b:6e:22:c7:63:e2:71:9b:3e:0c:c4:8d:
af:10:b2:ca:8c:0e:61:f9:4b:fc:61:23:50:a9:e5:ee:37:49:
71:01:59:e4:89:5c:e3:00:f3:9b:20:29:88:47:15:69:f7:d8:
96:34:1d:0f:aa:2a:49:54:8c:b2:32:78:07:d9:f8:f6:be:d1:
ef:00:3e:3c:ad:a7:8a:e0:de:0f:81:4c:d0:e2:3f:bf:72:93:
a9:e0:ce:96:46:be:e1:4b:83:e4:9b:0f:7a:b4:a3:3f:c2:19:
f6:17:f5:15:85:f7:7f:c6:e4:d6:0a:c1:88:51:9b:b5:8f:9f:
1b:53:b5:02:85:5b:38:f5:55:19:57:14:7b:6f:31:89:2c:0f:
0f:d6:84:53:90:26:85:08:2e:b8:be:70:9a:25:b1:75:1c:d1:
ee:19:c9:4e:cc:fc:73:96:c5:1f:15:5e:c9:3b:ea:f0:28:9d:
1b:2d:61:7c:48:85:f9:b2:94:26:7b:d1:1b:96:1a:08:06:c4:
61:5a:a0:05:7c:64:9f:bc:2b:7a:12:be:39:c9:b7:3e:c8:b2:
db:c3:9b:e3:f2:10:cf:e8:9b:91:4d:02:a2:6b:8c:86:cf:8d:
83:c2:2c:dc:88:a4:32:09:28:28:3f:b7:ac:38:42:35:93:a7:
e2:96:36:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEJ8FUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDZmNDA0MDQ5MWE2NTZmZjc1MjZkMmYxNzYxMWIwZDY4YWNiZDBjMB4XDTIyMDEw
MTA0MDQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUzYmUwNzk1Mjk1
ODdmM2U2YWRhMjdhMDViNGQxY2I2YjE4OGYzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiqFzEQQh9rIZKO9uaqCTqFX3CVMfSMDs0HykCSYGVGWQzn
K16GENKvX6N4ZQqm7JeK2LRdMI009Xrxd10gteCLIxoKrdHG+AP2oAt93nfyr7cQ
/798r8kR2ZzD/qqOJF4GA21sTLrO5yZNH79UzmLSTzPzYWxJHeCEplR6WjiPsXgI
Dyup3zs7LI4UxO0WhjYSSVIS7RnScGYbXMGzM9PZhfmy5K02bkbnlA5tVVuEBe4E
6Utnbn5Xho8xljnTDd2NdU6kN0k7FAtGX6jCsds/GnOMhOusCz1KtdfOKBKrmE9V
cp1yz71mdbxyncsyNzSpSNRGwVqMJqE73QqZGlsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVO+B5UpWH8+atonoFtNHLaxiPOzAfBgNVHSMEGDAWgBSwb0BASRplb/dS
bS8XYRsNaKy9DDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NHOUFRRWthWldfM1VtMHZGMkViRFdpc3ZRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvY2UwYjIxLWQ2NWMtNDJlNi04NzRiLWY0Y2I4NjdmOTBkOC8x
LzFUdmdlVktWaF9QbXJhSjZCYlRSeTJzWWp6cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
Y2UwYjIxLWQ2NWMtNDJlNi04NzRiLWY0Y2I4NjdmOTBkOC8xL3NHOUFRRWthWldf
M1VtMHZGMkViRFdpc3ZRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmq+DANBgkqhkiG9w0BAQsFAAOC
AQEAPewpsq3LO24ix2PicZs+DMSNrxCyyowOYflL/GEjUKnl7jdJcQFZ5Ilc4wDz
myApiEcVaffYljQdD6oqSVSMsjJ4B9n49r7R7wA+PK2niuDeD4FM0OI/v3KTqeDO
lka+4UuD5JsPerSjP8IZ9hf1FYX3f8bk1grBiFGbtY+fG1O1AoVbOPVVGVcUe28x
iSwPD9aEU5AmhQguuL5wmiWxdRzR7hnJTsz8c5bFHxVeyTvq8CidGy1hfEiF+bKU
JnvRG5YaCAbEYVqgBXxkn7wrehK+Ocm3Psiy28Ob4/IQz+ibkU0ComuMhs+Ng8Is
3IikMgkoKD+3rDhCNZOn4pY2pA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:34 2025 by rpki-client