Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/1M_8U4CAz70xbuO4wBioAuVKkss.roa
File: 1M_8U4CAz70xbuO4wBioAuVKkss.roa (raw, json)
Hash identifier: m75SDdYyZQn/zVgCHcNPQWU4hdimfap5zDR0qeaxIc4=
Subject key identifier: D4:CF:FC:53:80:80:CF:BD:31:6E:E3:B8:C0:18:A8:02:E5:4A:92:CB
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018570B0627B969FDB5A0473E8D672CA7C51
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/1M_8U4CAz70xbuO4wBioAuVKkss.roa
Signing time: Mon 02 Jan 2023 04:14:45 +0000
ROA not before: Mon 02 Jan 2023 04:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.187.155.0/24 maxlen: 24
185.187.154.0/24 maxlen: 24
185.121.24.0/23 maxlen: 24
185.121.26.0/23 maxlen: 24
2a05:b0c4:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:62:7b:96:9f:db:5a:04:73:e8:d6:72:ca:7c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 04:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4cffc538080cfbd316ee3b8c018a802e54a92cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9e:00:d4:ac:dd:cb:ee:9a:8a:61:72:b5:ba:
fe:cc:6c:c1:bb:c6:aa:82:e5:d3:db:72:2e:fa:76:
fc:ad:98:16:d7:97:b7:91:bc:33:60:01:8b:d3:20:
78:42:0a:f6:3e:9d:ca:84:b0:0c:dd:3b:84:28:52:
b1:ae:f2:65:f5:1d:6d:f3:5b:eb:9b:21:f6:77:67:
d0:e1:c9:51:93:da:8b:3e:2b:25:0d:aa:b6:b8:ad:
48:85:c6:4d:6d:19:e2:f3:02:43:68:cf:73:c9:7c:
56:f5:89:f4:bd:4e:62:e5:b5:a3:54:ec:ae:e1:5e:
37:da:8a:0a:e6:33:73:b8:e0:44:41:f2:69:6e:59:
ea:20:70:5e:a7:26:7f:53:c8:2b:71:84:d4:4d:99:
22:ac:8b:6e:b5:81:1d:30:97:1f:d6:ba:cf:67:36:
4f:e7:cc:95:da:5f:1c:d4:4d:27:b8:34:f0:5e:a8:
cf:ba:50:6b:ca:d9:68:14:da:d3:a9:74:10:a4:9c:
6e:fa:7b:c9:52:47:c5:66:ff:55:1e:70:44:1e:a7:
85:74:bc:15:01:ee:0a:63:d9:2d:55:97:cc:e4:30:
2e:05:99:d7:fb:3c:1f:99:ca:86:d1:05:5e:77:e3:
42:70:e8:4c:de:9f:fa:14:01:03:e3:89:b8:73:25:
b7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:CF:FC:53:80:80:CF:BD:31:6E:E3:B8:C0:18:A8:02:E5:4A:92:CB
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/1M_8U4CAz70xbuO4wBioAuVKkss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.24.0/22
185.187.154.0/23
IPv6:
2a05:b0c4:2::/48
Signature Algorithm: sha256WithRSAEncryption
04:8c:52:49:d6:ad:a6:d7:06:75:cc:b5:09:0f:a5:4c:0a:fa:
1b:e6:70:63:ef:70:ef:49:e4:00:01:cc:33:ac:a5:93:b5:d2:
07:8e:7f:3f:c8:bb:70:1b:6c:df:95:56:8d:d3:39:aa:4a:6a:
77:04:1a:41:30:16:8c:b4:ab:85:94:52:02:1e:68:6f:5c:88:
21:e9:98:72:65:b7:4c:3d:29:d6:48:cd:4c:1c:c5:70:5f:43:
6e:85:06:ee:2e:3b:eb:f7:ad:3c:15:9b:fa:9a:aa:d9:fc:4f:
76:71:a0:f7:b7:88:c9:2d:17:bf:c4:4a:5d:f2:42:bc:02:a6:
ee:0d:b8:d3:30:3c:54:09:bd:0e:c1:f0:42:86:bd:df:e5:a5:
2a:19:8b:fb:2f:7f:87:1f:83:7f:7d:f5:77:56:18:bd:11:14:
4e:9b:44:bc:45:1b:da:cf:e0:5f:6f:c2:fb:cb:0c:47:e2:94:
99:93:8e:04:84:bf:25:c6:2a:dd:0f:4e:61:21:c6:89:fb:a7:
78:70:30:6f:5e:00:5e:bc:c0:b3:e1:d3:b9:6d:d3:a8:5c:97:
5b:1b:2f:c0:50:e2:36:23:9d:a6:c0:d1:4d:33:b2:a3:1c:bd:
9f:a5:a0:c4:83:40:fa:63:9e:2c:5f:8e:d4:09:d6:99:5e:75:
db:4d:92:a9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwsGJ7lp/bWgRz6NZyynxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMwMTAyMDQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGNmZmM1MzgwODBjZmJkMzE2ZWUzYjhjMDE4YTgwMmU1NGE5MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp4A1Kzdy+6aimFytbr+zGzBu8aq
guXT23Iu+nb8rZgW15e3kbwzYAGL0yB4Qgr2Pp3KhLAM3TuEKFKxrvJl9R1t81vr
myH2d2fQ4clRk9qLPislDaq2uK1IhcZNbRni8wJDaM9zyXxW9Yn0vU5i5bWjVOyu
4V432ooK5jNzuOBEQfJpblnqIHBepyZ/U8grcYTUTZkirItutYEdMJcf1rrPZzZP
58yV2l8c1E0nuDTwXqjPulBrytloFNrTqXQQpJxu+nvJUkfFZv9VHnBEHqeFdLwV
Ae4KY9ktVZfM5DAuBZnX+zwfmcqG0QVed+NCcOhM3p/6FAED44m4cyW3wwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNTP/FOAgM+9MW7juMAYqALlSpLLMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvMU1fOFU0Q0F6NzB4YnVPNHdCaW9BdVZLa3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuXkYAwQB
ubuaMA8EAgACMAkDBwAqBbDEAAIwDQYJKoZIhvcNAQELBQADggEBAASMUknWrabX
BnXMtQkPpUwK+hvmcGPvcO9J5AABzDOspZO10geOfz/Iu3AbbN+VVo3TOapKancE
GkEwFoy0q4WUUgIeaG9ciCHpmHJlt0w9KdZIzUwcxXBfQ26FBu4uO+v3rTwVm/qa
qtn8T3ZxoPe3iMktF7/ESl3yQrwCpu4NuNMwPFQJvQ7B8EKGvd/lpSoZi/svf4cf
g3999XdWGL0RFE6bRLxFG9rP4F9vwvvLDEfilJmTjgSEvyXGKt0PTmEhxon7p3hw
MG9eAF68wLPh07lt06hcl1sbL8BQ4jYjnabA0U0zsqMcvZ+loMSDQPpjnixfjtQJ
1pleddtNkqk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:01:44 2025 by rpki-client