Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/O0BIiU2i55AF6IrsFMHudMxJIaw.roa
File: O0BIiU2i55AF6IrsFMHudMxJIaw.roa (raw, json)
Hash identifier: mEb2tli6x/U2YdSxh6qAmzcmFl4bzFGmSFu0vFolZcY=
Subject key identifier: 3B:40:48:89:4D:A2:E7:90:05:E8:8A:EC:14:C1:EE:74:CC:49:21:AC
Certificate issuer: /CN=4feb9457ec519e8237867710bcc82fa30eae67c0
Certificate serial: 01856FC261F581D7234F4FDBD53276CDA03C
Authority key identifier: 4F:EB:94:57:EC:51:9E:82:37:86:77:10:BC:C8:2F:A3:0E:AE:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T-uUV-xRnoI3hncQvMgvow6uZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/O0BIiU2i55AF6IrsFMHudMxJIaw.roa
Signing time: Sun 01 Jan 2023 23:54:48 +0000
ROA not before: Sun 01 Jan 2023 23:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49188
IP address blocks: 185.163.245.0/24 maxlen: 24
185.163.246.0/23 maxlen: 23
185.163.246.0/24 maxlen: 24
185.163.244.0/24 maxlen: 24
185.163.244.0/22 maxlen: 22
2a10:9d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:61:f5:81:d7:23:4f:4f:db:d5:32:76:cd:a0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4feb9457ec519e8237867710bcc82fa30eae67c0
Validity
Not Before: Jan 1 23:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b4048894da2e79005e88aec14c1ee74cc4921ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:30:d4:b1:05:09:d9:89:2c:a6:c2:15:7a:c6:
1e:1a:4f:11:b5:1e:42:fb:ac:ac:60:e7:8a:d5:a0:
42:b7:61:90:46:da:a0:63:c2:e7:80:0b:98:11:7f:
9a:2f:b4:a5:03:e2:f6:4a:e2:16:c5:eb:d0:4b:5c:
c6:11:18:97:f2:11:36:57:30:48:13:9f:bd:3c:0a:
ac:2d:0d:3e:a8:c7:b5:32:88:0e:3b:10:8b:90:00:
73:09:cf:0b:c8:f8:71:a2:38:4b:44:52:f4:1f:2c:
bb:cd:ed:31:27:d2:f5:77:73:fb:c2:33:47:2b:48:
0b:3b:a8:cb:43:4a:98:8d:5c:c1:bf:83:16:d3:23:
78:85:93:39:0d:5a:04:57:4d:25:fe:66:40:50:a5:
94:16:10:06:78:ea:63:ff:19:b8:ae:b8:1b:0f:76:
c7:9a:89:f1:2c:97:68:c0:32:89:3c:c3:11:28:71:
57:33:60:d4:5d:a3:10:e9:3e:ae:e0:f5:c0:bc:a9:
55:c2:c7:8c:ff:44:5f:5e:82:0c:00:b3:14:4f:e7:
30:48:e6:b8:9d:db:a1:67:d2:d1:c2:38:13:07:80:
17:d5:91:78:4c:ed:6d:13:fc:12:50:4d:09:98:79:
f6:8b:c2:9c:11:51:03:c8:c1:9d:75:71:97:70:36:
25:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:40:48:89:4D:A2:E7:90:05:E8:8A:EC:14:C1:EE:74:CC:49:21:AC
X509v3 Authority Key Identifier:
keyid:4F:EB:94:57:EC:51:9E:82:37:86:77:10:BC:C8:2F:A3:0E:AE:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T-uUV-xRnoI3hncQvMgvow6uZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/O0BIiU2i55AF6IrsFMHudMxJIaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/T-uUV-xRnoI3hncQvMgvow6uZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.244.0/22
IPv6:
2a10:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
42:4a:c4:b0:b9:6c:2a:e9:aa:bc:64:4d:94:f3:19:9c:0c:09:
b0:90:5d:fe:75:2e:49:ff:70:df:ec:90:af:01:f0:e6:3b:2e:
70:be:38:d9:bb:42:d8:17:3d:bd:16:2c:f2:c6:b5:46:31:1b:
5f:3e:6c:65:d6:19:07:77:b5:f8:6b:df:0a:ca:55:04:33:53:
c5:86:50:9e:b7:38:88:5f:11:f1:de:f1:10:7e:82:38:51:34:
6a:98:72:ec:32:7d:1e:81:e1:29:f1:db:a3:2e:c4:87:18:61:
a5:26:0f:f2:96:83:7f:e8:07:20:99:50:0d:fa:ae:27:ca:30:
2c:4a:63:d4:9d:f5:2d:9c:0c:c5:89:00:c6:a6:8a:0d:34:2a:
4e:ce:62:bc:be:6c:1b:3d:28:5e:fc:90:6f:77:16:7e:d4:39:
36:0e:84:33:44:8e:e1:cd:ba:67:93:92:83:91:64:45:46:95:
65:ff:78:db:73:09:0c:1f:a2:d0:d5:e5:0f:74:68:32:cc:e2:
24:4c:a6:0b:4e:5f:b0:92:05:46:94:9e:ca:ae:0b:a8:97:a4:
62:13:51:6a:50:8c:31:23:b2:9f:78:39:c3:08:eb:0b:ae:1c:
5d:2e:96:63:9c:7f:4f:1a:ce:73:3a:af:25:10:78:da:50:18:
3c:a1:c3:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwmH1gdcjT0/b1TJ2zaA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmZWI5NDU3ZWM1MTllODIzNzg2NzcxMGJjYzgyZmEzMGVh
ZTY3YzAwHhcNMjMwMTAxMjM1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQwNDg4OTRkYTJlNzkwMDVlODhhZWMxNGMxZWU3NGNjNDkyMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTDUsQUJ2YkspsIVesYeGk8RtR5C
+6ysYOeK1aBCt2GQRtqgY8LngAuYEX+aL7SlA+L2SuIWxevQS1zGERiX8hE2VzBI
E5+9PAqsLQ0+qMe1MogOOxCLkABzCc8LyPhxojhLRFL0Hyy7ze0xJ9L1d3P7wjNH
K0gLO6jLQ0qYjVzBv4MW0yN4hZM5DVoEV00l/mZAUKWUFhAGeOpj/xm4rrgbD3bH
monxLJdowDKJPMMRKHFXM2DUXaMQ6T6u4PXAvKlVwseM/0RfXoIMALMUT+cwSOa4
nduhZ9LRwjgTB4AX1ZF4TO1tE/wSUE0JmHn2i8KcEVEDyMGddXGXcDYlvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDtASIlNoueQBeiK7BTB7nTMSSGsMB8GA1UdIwQY
MBaAFE/rlFfsUZ6CN4Z3ELzIL6MOrmfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVC11VVYteFJub0kzaG5jUXZNZ3ZvdzZ1WjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iOGY1MGUtNDc1Zi00YjQ3LTg1YzAt
NWYxMjM1NTVjZmIxLzEvTzBCSWlVMmk1NUFGNklyc0ZNSHVkTXhKSWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9iOGY1MGUtNDc1Zi00YjQ3LTg1YzAtNWYxMjM1NTVjZmIx
LzEvVC11VVYteFJub0kzaG5jUXZNZ3ZvdzZ1WjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaP0MA0E
AgACMAcDBQMqEJ0AMA0GCSqGSIb3DQEBCwUAA4IBAQBCSsSwuWwq6aq8ZE2U8xmc
DAmwkF3+dS5J/3Df7JCvAfDmOy5wvjjZu0LYFz29FizyxrVGMRtfPmxl1hkHd7X4
a98KylUEM1PFhlCetziIXxHx3vEQfoI4UTRqmHLsMn0egeEp8dujLsSHGGGlJg/y
loN/6AcgmVAN+q4nyjAsSmPUnfUtnAzFiQDGpooNNCpOzmK8vmwbPShe/JBvdxZ+
1Dk2DoQzRI7hzbpnk5KDkWRFRpVl/3jbcwkMH6LQ1eUPdGgyzOIkTKYLTl+wkgVG
lJ7Krguol6RiE1FqUIwxI7KfeDnDCOsLrhxdLpZjnH9PGs5zOq8lEHjaUBg8ocMe
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:29 2025 by rpki-client