Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/Br7AhjS7bQjyPy71L1Jlm0rBLYA.roa
File: Br7AhjS7bQjyPy71L1Jlm0rBLYA.roa (raw, json)
Hash identifier: 2g1O+fCnC2nFUdaIcuSbZFMTmOaS42+Cvzj9VJj9UQk=
Subject key identifier: 06:BE:C0:86:34:BB:6D:08:F2:3F:2E:F5:2F:52:65:9B:4A:C1:2D:80
Certificate issuer: /CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Certificate serial: 01856CAF38B91B82633CFA83772EDC2D955F
Authority key identifier: C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/Br7AhjS7bQjyPy71L1Jlm0rBLYA.roa
Signing time: Sun 01 Jan 2023 09:35:00 +0000
ROA not before: Sun 01 Jan 2023 09:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61207
IP address blocks: 185.41.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:38:b9:1b:82:63:3c:fa:83:77:2e:dc:2d:95:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Validity
Not Before: Jan 1 09:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06bec08634bb6d08f23f2ef52f52659b4ac12d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:58:13:f5:b8:f7:f0:bc:5b:f0:d7:c5:1e:71:
64:b3:dc:50:27:df:0b:df:b7:70:14:1d:74:b1:2b:
d9:2b:ce:27:76:ad:18:c8:ef:50:68:ba:c7:51:58:
e5:d7:f3:55:4c:71:4b:a7:17:90:b1:13:b9:25:b5:
18:cf:57:f5:8d:0a:d1:3d:ef:e8:ec:60:c6:3c:03:
c8:e7:64:9e:cc:96:0c:d5:de:56:fd:88:53:5d:83:
af:f5:c0:85:92:b2:1c:f3:07:fb:a9:de:47:92:6d:
4b:8f:04:38:44:39:b9:22:59:a6:69:41:38:74:21:
30:68:5a:e3:06:84:26:6a:19:87:8a:11:1d:e1:86:
da:ea:7f:1e:12:34:a9:3d:26:a1:30:a0:3b:1e:f9:
48:04:ad:4b:60:02:a0:12:36:6d:96:79:20:91:0c:
28:25:06:de:a7:30:95:73:9f:86:8e:77:da:0d:bc:
2d:10:e7:c7:53:4d:00:21:c7:bb:ad:7e:80:fe:b3:
18:68:e0:8b:92:f6:96:90:55:fb:10:de:cd:8d:e5:
3c:05:a4:9a:6c:e6:8a:a6:0e:7a:87:ca:e2:3e:7d:
0e:74:9c:7a:b4:b3:33:19:09:74:a7:6b:7a:ef:b3:
43:b8:a6:a3:1e:23:08:1a:99:66:9a:a7:b6:bd:5b:
05:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:BE:C0:86:34:BB:6D:08:F2:3F:2E:F5:2F:52:65:9B:4A:C1:2D:80
X509v3 Authority Key Identifier:
keyid:C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/Br7AhjS7bQjyPy71L1Jlm0rBLYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.148.0/24
Signature Algorithm: sha256WithRSAEncryption
13:38:b1:d7:a0:47:f5:2f:78:c6:46:9f:b9:32:f1:0c:13:d5:
4b:54:bc:3b:0d:2f:5b:af:74:81:2d:90:e9:d8:1d:0b:36:f8:
d5:6b:de:b3:b4:38:d1:24:ff:df:27:8c:1d:e3:a2:9c:23:f5:
fb:b7:e3:9e:d9:29:b0:b7:18:90:7e:7f:7f:1e:1c:5c:06:dc:
28:0a:c2:36:d5:68:6f:04:0a:b3:de:05:28:27:1e:27:cd:e6:
d7:22:99:b3:fb:a9:50:14:31:39:56:11:88:6e:b7:59:e2:bd:
8e:e1:79:06:dd:29:bc:d5:fa:52:82:c2:60:f9:39:58:f3:ec:
b3:da:29:ae:51:93:2c:8e:8b:55:9c:b0:10:99:7c:fd:24:cd:
be:84:41:3c:4e:a6:50:96:63:64:eb:a1:52:03:9f:ad:cb:2e:
2f:96:65:66:8c:e4:91:10:5f:20:63:8f:53:30:dc:d0:96:6a:
4c:b5:94:18:cc:40:bd:d8:8c:d6:99:74:6c:23:cf:c5:1d:e2:
ee:7f:1c:55:58:83:8d:bb:d2:3d:47:d6:32:3d:5c:f4:dc:89:
74:31:91:81:e2:e1:8c:fe:51:2e:14:54:de:2c:26:7a:29:d6:
d0:04:e8:14:b3:af:93:e8:05:d0:8d:eb:8b:25:70:e5:7d:71:
77:c8:f7:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrzi5G4JjPPqDdy7cLZVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzVmNzZlOGY4OTQyNDc5MjNjMGUyNzYyMzRkOThhNGMz
ZWM1YzIwHhcNMjMwMTAxMDkzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmJlYzA4NjM0YmI2ZDA4ZjIzZjJlZjUyZjUyNjU5YjRhYzEyZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFgT9bj38Lxb8NfFHnFks9xQJ98L
37dwFB10sSvZK84ndq0YyO9QaLrHUVjl1/NVTHFLpxeQsRO5JbUYz1f1jQrRPe/o
7GDGPAPI52SezJYM1d5W/YhTXYOv9cCFkrIc8wf7qd5Hkm1LjwQ4RDm5IlmmaUE4
dCEwaFrjBoQmahmHihEd4Yba6n8eEjSpPSahMKA7HvlIBK1LYAKgEjZtlnkgkQwo
JQbepzCVc5+GjnfaDbwtEOfHU00AIce7rX6A/rMYaOCLkvaWkFX7EN7NjeU8BaSa
bOaKpg56h8riPn0OdJx6tLMzGQl0p2t677NDuKajHiMIGplmmqe2vVsFtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAa+wIY0u20I8j8u9S9SZZtKwS2AMB8GA1UdIwQY
MBaAFMh1926PiUJHkjwOJ2I02YpMPsXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAt
MzA1NjU4ZjkxNjM1LzEvQnI3QWhqUzdiUWp5UHk3MUwxSmxtMHJCTFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAtMzA1NjU4ZjkxNjM1
LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSmUMA0G
CSqGSIb3DQEBCwUAA4IBAQATOLHXoEf1L3jGRp+5MvEME9VLVLw7DS9br3SBLZDp
2B0LNvjVa96ztDjRJP/fJ4wd46KcI/X7t+Oe2SmwtxiQfn9/HhxcBtwoCsI21Whv
BAqz3gUoJx4nzebXIpmz+6lQFDE5VhGIbrdZ4r2O4XkG3Sm81fpSgsJg+TlY8+yz
2imuUZMsjotVnLAQmXz9JM2+hEE8TqZQlmNk66FSA5+tyy4vlmVmjOSREF8gY49T
MNzQlmpMtZQYzEC92IzWmXRsI8/FHeLufxxVWIONu9I9R9YyPVz03Il0MZGB4uGM
/lEuFFTeLCZ6KdbQBOgUs6+T6AXQjeuLJXDlfXF3yPck
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:57 2025 by rpki-client