Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/SefUmXKZJdfbkgeRdSVnoumxKlM.roa
File: SefUmXKZJdfbkgeRdSVnoumxKlM.roa (raw, json)
Hash identifier: CFAhc/GVeiMyMiYZszqk/MdK3ALn1fdbEzWQIH9mnF8=
Subject key identifier: 49:E7:D4:99:72:99:25:D7:DB:92:07:91:75:25:67:A2:E9:B1:2A:53
Certificate issuer: /CN=324947c0aecefe87f9db96e5b45beb10aeb987a6
Certificate serial: 01839E0AFC6C4AC0C5890B9DB4B7342F38EA
Authority key identifier: 32:49:47:C0:AE:CE:FE:87:F9:DB:96:E5:B4:5B:EB:10:AE:B9:87:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MklHwK7O_of525bltFvrEK65h6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/SefUmXKZJdfbkgeRdSVnoumxKlM.roa
Signing time: Mon 03 Oct 2022 13:31:03 +0000
ROA not before: Mon 03 Oct 2022 13:31:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49627
IP address blocks: 185.68.160.0/24 maxlen: 24
2a03:2c60::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9e:0a:fc:6c:4a:c0:c5:89:0b:9d:b4:b7:34:2f:38:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324947c0aecefe87f9db96e5b45beb10aeb987a6
Validity
Not Before: Oct 3 13:31:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49e7d499729925d7db920791752567a2e9b12a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c3:f2:2b:ae:97:e5:6c:ef:29:fa:4b:82:43:
6a:7a:9c:6a:38:fc:99:a4:20:ea:58:68:8b:c2:41:
b4:0b:15:84:4d:aa:1f:0e:34:4b:36:33:db:c0:51:
b1:2d:e0:2f:66:13:2a:d5:68:b3:58:1d:9a:eb:bf:
d2:ab:72:2b:b9:f8:0b:b2:39:3b:fe:5d:64:0e:11:
a9:f4:aa:bc:11:08:17:5e:e9:19:99:f7:82:1d:00:
d4:74:81:ad:86:4d:ab:ea:07:16:3a:28:53:41:41:
d5:66:b5:ad:67:e7:f7:49:3b:96:4b:d4:87:de:52:
f2:8d:26:83:c1:86:88:d4:f4:85:04:06:53:d6:33:
a9:26:00:c8:7b:a1:6b:e9:b7:f0:a3:4c:af:2b:c3:
0d:9b:c6:34:af:91:36:85:10:ce:9c:a0:44:ac:d9:
82:30:72:65:42:24:4e:a1:34:ca:36:0d:6f:cc:48:
47:50:24:68:2b:7c:1b:16:ac:c7:3d:96:a5:d8:90:
dd:24:44:4e:0a:25:23:07:22:d2:2a:e9:98:16:1f:
bd:95:38:8e:e0:85:a9:ad:71:17:f2:f9:7b:3c:36:
61:e3:6f:16:ab:f9:1e:ed:5a:7a:24:77:a0:45:42:
46:fc:ac:e3:f4:a5:7f:08:8f:53:4e:df:b0:45:64:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E7:D4:99:72:99:25:D7:DB:92:07:91:75:25:67:A2:E9:B1:2A:53
X509v3 Authority Key Identifier:
keyid:32:49:47:C0:AE:CE:FE:87:F9:DB:96:E5:B4:5B:EB:10:AE:B9:87:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MklHwK7O_of525bltFvrEK65h6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/SefUmXKZJdfbkgeRdSVnoumxKlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/MklHwK7O_of525bltFvrEK65h6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.160.0/24
IPv6:
2a03:2c60::/32
Signature Algorithm: sha256WithRSAEncryption
27:af:41:b3:23:5c:5a:6b:70:41:87:ca:02:78:6c:b2:7d:68:
37:50:45:dc:f2:71:6c:88:44:21:a0:1f:6c:b6:3e:a2:7d:99:
dc:f5:97:ec:ce:19:7c:2c:93:ae:0c:f4:c0:06:28:e9:8d:83:
c8:da:00:be:ae:e9:15:96:9e:81:36:a0:48:3b:56:cd:fc:c7:
bf:78:25:7a:7d:69:ee:2f:19:7b:a5:3d:d2:45:90:8c:e5:ac:
68:be:f6:60:91:82:2b:f7:8c:23:75:04:85:0f:9d:85:51:cd:
0d:90:97:22:26:3b:29:b6:f7:54:21:36:01:dd:e3:98:2a:34:
58:a9:37:57:80:c4:3e:f2:86:ec:11:be:25:8f:e1:42:01:78:
41:47:c5:e6:73:f2:b1:4e:b1:ff:45:77:53:61:ab:c6:29:a0:
9e:02:91:32:d1:08:2a:04:9c:fa:21:47:28:31:91:f8:76:85:
b1:81:5f:79:88:d3:60:ae:e5:9a:ba:02:6b:a8:c9:07:17:fd:
cb:85:a8:46:bb:64:85:89:fc:20:87:04:16:87:4a:62:7e:e1:
a5:b3:82:1f:0d:48:30:7b:68:a6:34:76:b3:de:32:d2:20:18:
fc:49:f5:cb:09:f7:59:a9:8a:64:52:df:e7:a1:1e:af:49:ca:
f5:96:b8:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOeCvxsSsDFiQudtLc0LzjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDk0N2MwYWVjZWZlODdmOWRiOTZlNWI0NWJlYjEwYWVi
OTg3YTYwHhcNMjIxMDAzMTMzMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWU3ZDQ5OTcyOTkyNWQ3ZGI5MjA3OTE3NTI1NjdhMmU5YjEyYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsPyK66X5WzvKfpLgkNqepxqOPyZ
pCDqWGiLwkG0CxWETaofDjRLNjPbwFGxLeAvZhMq1WizWB2a67/Sq3IrufgLsjk7
/l1kDhGp9Kq8EQgXXukZmfeCHQDUdIGthk2r6gcWOihTQUHVZrWtZ+f3STuWS9SH
3lLyjSaDwYaI1PSFBAZT1jOpJgDIe6Fr6bfwo0yvK8MNm8Y0r5E2hRDOnKBErNmC
MHJlQiROoTTKNg1vzEhHUCRoK3wbFqzHPZal2JDdJEROCiUjByLSKumYFh+9lTiO
4IWprXEX8vl7PDZh428Wq/ke7Vp6JHegRUJG/Kzj9KV/CI9TTt+wRWSx0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEnn1JlymSXX25IHkXUlZ6LpsSpTMB8GA1UdIwQY
MBaAFDJJR8Cuzv6H+duW5bRb6xCuuYemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtsSHdLN09fb2Y1MjVibHRGdnJFSzY1aDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9hOGQzOGItMzE3Ni00Y2M1LWJiNGYt
YzM2MmQyYTllMTIxLzEvU2VmVW1YS1pKZGZia2dlUmRTVm5vdW14S2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9hOGQzOGItMzE3Ni00Y2M1LWJiNGYtYzM2MmQyYTllMTIx
LzEvTWtsSHdLN09fb2Y1MjVibHRGdnJFSzY1aDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUSgMA0E
AgACMAcDBQAqAyxgMA0GCSqGSIb3DQEBCwUAA4IBAQAnr0GzI1xaa3BBh8oCeGyy
fWg3UEXc8nFsiEQhoB9stj6ifZnc9Zfszhl8LJOuDPTABijpjYPI2gC+rukVlp6B
NqBIO1bN/Me/eCV6fWnuLxl7pT3SRZCM5axovvZgkYIr94wjdQSFD52FUc0NkJci
JjsptvdUITYB3eOYKjRYqTdXgMQ+8obsEb4lj+FCAXhBR8Xmc/KxTrH/RXdTYavG
KaCeApEy0QgqBJz6IUcoMZH4doWxgV95iNNgruWaugJrqMkHF/3LhahGu2SFifwg
hwQWh0pifuGls4IfDUgwe2imNHaz3jLSIBj8SfXLCfdZqYpkUt/noR6vScr1lrj6
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:53:46 2025 by rpki-client