Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/9rSP5ZgK03N2tR3HqLoD5lhoSjQ.roa
File: 9rSP5ZgK03N2tR3HqLoD5lhoSjQ.roa (raw, json)
Hash identifier: 9op54jOcICNtwAg76Zir2hopi6k1JMyDq3/RrZ8NyZo=
Subject key identifier: F6:B4:8F:E5:98:0A:D3:73:76:B5:1D:C7:A8:BA:03:E6:58:68:4A:34
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 01856CF8720240F4CED463BB305A1366F92D
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/9rSP5ZgK03N2tR3HqLoD5lhoSjQ.roa
Signing time: Sun 01 Jan 2023 10:54:59 +0000
ROA not before: Sun 01 Jan 2023 10:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49349
IP address blocks: 185.61.139.0/24 maxlen: 24
185.61.137.0/24 maxlen: 24
185.61.136.0/24 maxlen: 24
185.61.138.0/24 maxlen: 24
2a02:7a60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:72:02:40:f4:ce:d4:63:bb:30:5a:13:66:f9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 1 10:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6b48fe5980ad37376b51dc7a8ba03e658684a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:12:a5:93:02:f8:7b:cd:ff:70:1d:b8:dc:06:
a4:0b:fc:94:86:ad:b8:2c:ba:70:e3:78:a4:44:8d:
ec:cb:9c:be:25:23:fe:af:11:50:ab:6a:3b:e5:fc:
ec:84:c6:cd:5e:52:0d:38:6b:bf:c4:fe:be:0a:c4:
44:26:10:35:e2:8f:1c:9e:10:33:9d:9e:67:37:d6:
94:ec:4a:5f:46:4b:49:c5:ba:df:1c:89:b4:5b:e7:
3e:e0:01:fb:65:04:05:87:55:9e:7d:1c:44:17:09:
76:48:f8:fb:a9:ee:c3:12:26:3c:c2:64:92:92:29:
46:e8:b9:7d:12:07:1e:61:73:dc:a3:b5:68:aa:52:
5a:ab:f9:2f:f7:90:02:4d:ba:99:cb:d6:56:c1:d8:
ed:5b:55:a8:fe:9f:7e:19:62:dc:67:fd:53:76:c3:
1f:30:b7:4d:c2:fb:4c:32:d0:3d:9e:31:75:fd:9f:
41:98:ef:27:b2:02:f3:0f:fa:c2:de:86:19:5b:fe:
7d:ab:c1:59:bd:60:62:c5:0a:d8:e6:53:fd:a3:bd:
99:38:f4:9d:aa:68:c0:89:ff:7d:d9:0a:47:1a:61:
0c:4b:37:5a:6a:f5:05:61:28:1c:87:71:e7:10:9f:
c8:e0:23:24:49:81:b5:fe:34:51:a4:ed:c0:4f:54:
cb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B4:8F:E5:98:0A:D3:73:76:B5:1D:C7:A8:BA:03:E6:58:68:4A:34
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/9rSP5ZgK03N2tR3HqLoD5lhoSjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
20:9c:3a:c1:72:0e:d1:aa:62:6c:49:0e:a4:64:71:08:55:e8:
04:36:cd:83:ce:48:ed:38:28:10:5f:73:51:f1:f7:90:b0:cc:
62:e7:d9:c3:80:8f:87:a1:d3:c6:8a:fc:da:0d:52:28:b9:83:
e2:2d:6e:58:01:66:31:ac:23:50:ea:f6:f3:90:89:4a:8c:b9:
f3:51:6f:ae:3b:e0:4b:a4:4c:bc:64:16:c3:f3:de:c4:d5:0f:
7e:a4:ec:db:64:23:70:fc:fc:65:5f:90:b9:90:71:4d:ef:8f:
87:4f:e9:8e:e0:3b:b2:7e:68:4a:cb:0b:05:4f:38:03:e3:0a:
59:07:bb:59:d5:7f:d9:6c:dc:96:16:b3:6f:e1:88:98:cb:25:
d9:85:be:ee:4c:55:9d:ee:95:44:6b:1c:a1:34:f5:18:5d:88:
ab:65:1e:fb:00:bf:43:e3:54:a2:a3:58:f4:6f:a4:44:03:58:
49:75:20:9a:de:a9:6d:e4:82:53:ab:a1:20:af:aa:89:a9:be:
40:93:57:ff:a9:d4:a0:ed:45:9a:95:3f:43:a5:37:97:c6:7c:
3a:d1:f3:d8:99:21:06:be:46:ec:74:f3:36:a6:a7:46:55:e8:
ce:69:69:f3:37:b5:ad:75:5c:b5:e4:88:a0:e6:ce:05:38:e1:
00:ea:5f:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+HICQPTO1GO7MFoTZvktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4
MGI1ZWMwHhcNMjMwMTAxMTA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmI0OGZlNTk4MGFkMzczNzZiNTFkYzdhOGJhMDNlNjU4Njg0YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxKlkwL4e83/cB243AakC/yUhq24
LLpw43ikRI3sy5y+JSP+rxFQq2o75fzshMbNXlINOGu/xP6+CsREJhA14o8cnhAz
nZ5nN9aU7EpfRktJxbrfHIm0W+c+4AH7ZQQFh1WefRxEFwl2SPj7qe7DEiY8wmSS
kilG6Ll9EgceYXPco7VoqlJaq/kv95ACTbqZy9ZWwdjtW1Wo/p9+GWLcZ/1TdsMf
MLdNwvtMMtA9njF1/Z9BmO8nsgLzD/rC3oYZW/59q8FZvWBixQrY5lP9o72ZOPSd
qmjAif992QpHGmEMSzdaavUFYSgch3HnEJ/I4CMkSYG1/jRRpO3AT1TL2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPa0j+WYCtNzdrUdx6i6A+ZYaEo0MB8GA1UdIwQY
MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt
MzQ0OTUyMjcxMGU3LzEvOXJTUDVaZ0swM04ydFIzSHFMb0Q1bGhvU2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3
LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E
AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQAgnDrBcg7RqmJsSQ6kZHEI
VegENs2DzkjtOCgQX3NR8feQsMxi59nDgI+HodPGivzaDVIouYPiLW5YAWYxrCNQ
6vbzkIlKjLnzUW+uO+BLpEy8ZBbD897E1Q9+pOzbZCNw/PxlX5C5kHFN74+HT+mO
4DuyfmhKywsFTzgD4wpZB7tZ1X/ZbNyWFrNv4YiYyyXZhb7uTFWd7pVEaxyhNPUY
XYirZR77AL9D41Sio1j0b6REA1hJdSCa3qlt5IJTq6Egr6qJqb5Ak1f/qdSg7UWa
lT9DpTeXxnw60fPYmSEGvkbsdPM2pqdGVejOaWnzN7WtdVy15Iig5s4FOOEA6l+T
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:15 2025 by rpki-client