Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1335d6-b4d6-4c83-8b0e-8f215c09ae72/1/lMN20ddK1x5JBG8wF8JrxRETM08.roa
File: lMN20ddK1x5JBG8wF8JrxRETM08.roa (raw, json)
Hash identifier: i1o8fXiojp5ns0Wz93AIhvHg/84IyMBd53rO+hR0k6E=
Subject key identifier: 94:C3:76:D1:D7:4A:D7:1E:49:04:6F:30:17:C2:6B:C5:11:13:33:4F
Certificate issuer: /CN=7450810f13df8d9019f157c36fbd0f6db9862992
Certificate serial: 114E2849
Authority key identifier: 74:50:81:0F:13:DF:8D:90:19:F1:57:C3:6F:BD:0F:6D:B9:86:29:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dFCBDxPfjZAZ8VfDb70PbbmGKZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1335d6-b4d6-4c83-8b0e-8f215c09ae72/1/lMN20ddK1x5JBG8wF8JrxRETM08.roa
Signing time: Sat 01 Jan 2022 12:02:13 +0000
ROA not before: Sat 01 Jan 2022 12:02:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47455
IP address blocks: 185.144.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 290334793 (0x114e2849)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7450810f13df8d9019f157c36fbd0f6db9862992
Validity
Not Before: Jan 1 12:02:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94c376d1d74ad71e49046f3017c26bc51113334f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:66:db:c4:5e:99:d0:e9:44:86:f9:b0:d5:4a:
9d:17:4c:11:a2:a2:5d:ac:16:51:78:27:de:b7:36:
a4:31:91:f0:6f:f7:33:67:97:bf:59:2c:b7:0a:b5:
c8:b6:7d:33:13:b6:3b:b6:47:96:f3:ce:5d:b9:0e:
0c:04:99:30:ca:df:9e:39:49:af:b4:50:35:99:f4:
5a:bb:6b:41:ba:63:fd:a3:03:dd:06:3c:aa:f8:96:
8c:80:13:01:84:26:fe:dc:a1:cc:9c:ac:5a:ca:93:
8a:77:86:dd:86:53:e8:98:91:24:d2:53:e8:b3:ac:
3b:17:04:67:00:5c:d4:cd:73:4a:d7:aa:98:f1:0f:
6d:bc:f4:27:2c:c3:3e:6f:8a:51:80:bf:1c:ce:ea:
77:ca:98:0a:75:d5:c8:5f:6c:cd:0b:3f:b9:55:29:
53:3c:66:5e:b5:fa:d4:4f:b1:f8:63:55:c7:00:77:
83:e0:96:b5:83:c8:17:02:f7:fd:6f:31:19:b4:61:
8f:be:e6:3c:68:73:13:5b:e9:1f:37:d0:b7:b6:7d:
75:76:c0:ef:ba:39:94:1c:04:e1:2e:4c:36:f3:12:
2f:f4:8d:52:7a:9b:74:d4:ad:5f:2c:9d:43:a7:45:
ea:0d:a9:ad:c7:03:32:4c:7c:08:4f:af:67:1a:33:
98:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C3:76:D1:D7:4A:D7:1E:49:04:6F:30:17:C2:6B:C5:11:13:33:4F
X509v3 Authority Key Identifier:
keyid:74:50:81:0F:13:DF:8D:90:19:F1:57:C3:6F:BD:0F:6D:B9:86:29:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dFCBDxPfjZAZ8VfDb70PbbmGKZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1335d6-b4d6-4c83-8b0e-8f215c09ae72/1/lMN20ddK1x5JBG8wF8JrxRETM08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1335d6-b4d6-4c83-8b0e-8f215c09ae72/1/dFCBDxPfjZAZ8VfDb70PbbmGKZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:e8:d1:70:0e:9f:07:bc:9d:aa:a8:ca:2d:7f:cd:54:11:55:
ce:11:0c:2f:96:12:f5:54:59:89:f9:c0:ed:f0:9a:a0:1e:69:
37:f2:e3:39:b7:14:74:c0:9b:f9:bc:69:11:27:aa:e7:6c:b7:
65:a5:20:04:7f:ac:6a:20:5b:e0:09:77:b6:69:d9:e4:0e:23:
fa:6a:ad:8b:f4:97:b9:68:2a:d9:1c:8c:08:3b:00:3f:a7:22:
87:3a:d3:78:05:0e:f1:da:c0:83:ae:e3:ce:34:c6:e0:a0:e5:
5b:a7:37:94:5d:3a:e7:14:63:48:18:76:df:47:14:07:01:7a:
22:a6:b0:ac:76:64:c6:c0:3e:ba:1c:38:ba:c9:a1:64:56:6d:
b2:3c:bd:1c:48:16:ca:27:b3:8f:77:07:cf:d7:e0:2b:22:a7:
7c:df:a0:06:4d:8a:a8:b3:5a:42:63:91:9e:af:b4:fa:12:99:
6a:d0:f9:01:70:e0:a3:24:67:61:6b:97:d2:02:a6:5f:d6:d2:
dd:19:d9:2c:2e:ee:e1:ce:90:ed:17:cc:e7:b5:4f:a0:4b:4f:
bf:06:59:59:46:5b:df:2a:33:5e:d0:1d:39:66:f7:c9:35:73:
52:1d:a6:76:b7:a6:59:c5:35:19:77:6d:08:46:17:f8:52:b9:
60:4a:59:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEU4oSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDUwODEwZjEzZGY4ZDkwMTlmMTU3YzM2ZmJkMGY2ZGI5ODYyOTkyMB4XDTIyMDEw
MTEyMDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRjMzc2ZDFkNzRh
ZDcxZTQ5MDQ2ZjMwMTdjMjZiYzUxMTEzMzM0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJm28RemdDpRIb5sNVKnRdMEaKiXawWUXgn3rc2pDGR8G/3
M2eXv1kstwq1yLZ9MxO2O7ZHlvPOXbkODASZMMrfnjlJr7RQNZn0WrtrQbpj/aMD
3QY8qviWjIATAYQm/tyhzJysWsqTineG3YZT6JiRJNJT6LOsOxcEZwBc1M1zSteq
mPEPbbz0JyzDPm+KUYC/HM7qd8qYCnXVyF9szQs/uVUpUzxmXrX61E+x+GNVxwB3
g+CWtYPIFwL3/W8xGbRhj77mPGhzE1vpHzfQt7Z9dXbA77o5lBwE4S5MNvMSL/SN
UnqbdNStXyydQ6dF6g2prccDMkx8CE+vZxozmDECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSUw3bR10rXHkkEbzAXwmvFERMzTzAfBgNVHSMEGDAWgBR0UIEPE9+NkBnx
V8NvvQ9tuYYpkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RGQ0JEeFBmalpBWjhWZkRiNzBQYmJtR0taSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvMTMzNWQ2LWI0ZDYtNGM4My04YjBlLThmMjE1YzA5YWU3Mi8x
L2xNTjIwZGRLMXg1SkJHOHdGOEpyeFJFVE0wOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
MTMzNWQ2LWI0ZDYtNGM4My04YjBlLThmMjE1YzA5YWU3Mi8xL2RGQ0JEeFBmalpB
WjhWZkRiNzBQYmJtR0taSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmQ/DANBgkqhkiG9w0BAQsFAAOC
AQEAo+jRcA6fB7ydqqjKLX/NVBFVzhEML5YS9VRZifnA7fCaoB5pN/LjObcUdMCb
+bxpESeq52y3ZaUgBH+saiBb4Al3tmnZ5A4j+mqti/SXuWgq2RyMCDsAP6cihzrT
eAUO8drAg67jzjTG4KDlW6c3lF065xRjSBh230cUBwF6IqawrHZkxsA+uhw4usmh
ZFZtsjy9HEgWyiezj3cHz9fgKyKnfN+gBk2KqLNaQmORnq+0+hKZatD5AXDgoyRn
YWuX0gKmX9bS3RnZLC7u4c6Q7RfM57VPoEtPvwZZWUZb3yozXtAdOWb3yTVzUh2m
dremWcU1GXdtCEYX+FK5YEpZJg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:47 2025 by rpki-client