Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/28b303-47a5-4a92-b02e-ebd0c3ee44ae/1/SKRzsmqgBH9CKTQduA1BbEIOmd0.roa
File: SKRzsmqgBH9CKTQduA1BbEIOmd0.roa (raw, json)
Hash identifier: 8d+pWN9Xz0KvxgT2tzMCYA05dqhkxMJ34EsvraoCrdk=
Subject key identifier: 48:A4:73:B2:6A:A0:04:7F:42:29:34:1D:B8:0D:41:6C:42:0E:99:DD
Certificate issuer: /CN=03a6dc2f2668ebdcf86b6c0258a8187e5f7ce270
Certificate serial: 018AEFBDAD462CBC7A6F4C8B8F446D8EFBD2
Authority key identifier: 03:A6:DC:2F:26:68:EB:DC:F8:6B:6C:02:58:A8:18:7E:5F:7C:E2:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A6bcLyZo69z4a2wCWKgYfl984nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/28b303-47a5-4a92-b02e-ebd0c3ee44ae/1/SKRzsmqgBH9CKTQduA1BbEIOmd0.roa
Signing time: Mon 02 Oct 2023 09:34:59 +0000
ROA not before: Mon 02 Oct 2023 09:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20799
IP address blocks: 185.115.68.0/22 maxlen: 24
80.68.32.0/19 maxlen: 24
77.241.176.0/20 maxlen: 24
2a02:df8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:bd:ad:46:2c:bc:7a:6f:4c:8b:8f:44:6d:8e:fb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03a6dc2f2668ebdcf86b6c0258a8187e5f7ce270
Validity
Not Before: Oct 2 09:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48a473b26aa0047f4229341db80d416c420e99dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a4:b3:f4:e6:80:07:06:db:ea:ec:5f:2d:0e:
c9:59:f2:de:6a:64:d9:bc:9d:6b:74:ef:02:0a:2e:
a4:67:a7:4b:ac:c0:d9:93:19:cf:d2:b5:73:5c:63:
d9:58:ee:49:89:82:b8:60:17:a4:59:08:b2:a3:b1:
68:fc:cc:31:b1:76:72:e7:a9:18:49:8f:42:5d:28:
35:9b:bc:1c:ac:ff:32:6c:95:ee:1e:43:46:05:9e:
81:24:6c:27:39:e8:30:46:77:a2:92:49:0c:12:f5:
b5:64:c8:8c:dd:4c:88:d4:72:17:9f:f8:18:b3:a3:
6e:64:3f:94:96:a8:d3:5a:76:49:ca:99:cb:f6:f2:
10:e4:1d:d1:fe:0f:4b:5b:64:90:44:9f:1c:3c:dd:
e5:e1:2b:49:cf:6f:64:1f:af:9f:bd:e0:b2:d7:20:
93:49:3f:af:7c:af:09:7c:75:f3:a6:e2:c3:2a:7a:
b1:db:1e:27:26:7b:49:d2:03:a5:9e:e6:71:f4:48:
6e:3f:4d:fe:7e:35:84:8c:06:38:b4:39:a3:ec:eb:
05:5f:e2:b3:fe:70:5c:36:86:00:02:95:b2:a1:3a:
af:f9:ad:83:6b:88:ae:d5:58:15:df:94:81:f8:47:
d3:f3:79:d2:cf:6f:40:d7:69:fd:df:93:77:6f:bd:
91:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A4:73:B2:6A:A0:04:7F:42:29:34:1D:B8:0D:41:6C:42:0E:99:DD
X509v3 Authority Key Identifier:
keyid:03:A6:DC:2F:26:68:EB:DC:F8:6B:6C:02:58:A8:18:7E:5F:7C:E2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A6bcLyZo69z4a2wCWKgYfl984nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/28b303-47a5-4a92-b02e-ebd0c3ee44ae/1/SKRzsmqgBH9CKTQduA1BbEIOmd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/28b303-47a5-4a92-b02e-ebd0c3ee44ae/1/A6bcLyZo69z4a2wCWKgYfl984nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.176.0/20
80.68.32.0/19
185.115.68.0/22
IPv6:
2a02:df8::/29
Signature Algorithm: sha256WithRSAEncryption
57:4f:d7:2b:bc:f2:d6:18:00:39:c0:aa:79:10:07:27:76:5b:
36:36:70:d9:b7:fc:2f:22:30:00:ef:42:c4:e3:e2:98:ce:f1:
c6:ae:ab:49:bf:dd:89:4a:f0:6d:74:f6:f5:9a:5a:2f:b8:34:
b8:10:bf:1f:83:3c:4d:1e:9b:e1:e4:16:0d:53:62:ff:85:6b:
05:30:0c:8f:eb:05:35:25:ac:11:10:ca:2c:f6:15:7b:79:57:
2e:a1:92:2c:6d:9a:9e:46:e1:75:13:db:85:bc:61:3e:78:5e:
e8:eb:ac:b1:78:f5:5c:1a:a4:4c:1e:f2:d2:2f:de:9d:e6:22:
ba:07:30:90:2b:4f:ef:20:a6:89:82:b7:04:c2:e6:53:b9:63:
f3:b5:03:48:4d:0c:0a:85:c5:6d:3b:7a:e3:ec:6c:95:51:d5:
84:11:14:e2:0e:cb:96:b1:55:d1:6f:a0:77:3a:8c:06:1b:bf:
bb:5b:f8:38:80:a4:f8:8e:72:dd:12:45:90:61:b6:ed:ea:c3:
95:2d:c4:79:96:f3:10:2b:f3:93:c7:ac:8f:51:e9:db:f0:f7:
10:2e:ca:9c:ef:6c:aa:c1:c3:d3:0a:8e:15:ee:19:89:5f:3b:
a9:e7:0d:e8:0e:dc:8d:12:37:2b:a3:80:b7:01:6e:84:11:90:
6d:ad:ad:5c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYrvva1GLLx6b0yLj0RtjvvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYTZkYzJmMjY2OGViZGNmODZiNmMwMjU4YTgxODdlNWY3
Y2UyNzAwHhcNMjMxMDAyMDkzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGE0NzNiMjZhYTAwNDdmNDIyOTM0MWRiODBkNDE2YzQyMGU5OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaSz9OaABwbb6uxfLQ7JWfLeamTZ
vJ1rdO8CCi6kZ6dLrMDZkxnP0rVzXGPZWO5JiYK4YBekWQiyo7Fo/MwxsXZy56kY
SY9CXSg1m7wcrP8ybJXuHkNGBZ6BJGwnOegwRneikkkMEvW1ZMiM3UyI1HIXn/gY
s6NuZD+UlqjTWnZJypnL9vIQ5B3R/g9LW2SQRJ8cPN3l4StJz29kH6+fveCy1yCT
ST+vfK8JfHXzpuLDKnqx2x4nJntJ0gOlnuZx9EhuP03+fjWEjAY4tDmj7OsFX+Kz
/nBcNoYAApWyoTqv+a2Da4iu1VgV35SB+EfT83nSz29A12n935N3b72ReQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEikc7JqoAR/Qik0HbgNQWxCDpndMB8GA1UdIwQY
MBaAFAOm3C8maOvc+GtsAlioGH5ffOJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTZiY0x5Wm82OXo0YTJ3Q1dLZ1lmbDk4NG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8yOGIzMDMtNDdhNS00YTkyLWIwMmUt
ZWJkMGMzZWU0NGFlLzEvU0tSenNtcWdCSDlDS1RRZHVBMUJiRUlPbWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8yOGIzMDMtNDdhNS00YTkyLWIwMmUtZWJkMGMzZWU0NGFl
LzEvQTZiY0x5Wm82OXo0YTJ3Q1dLZ1lmbDk4NG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETfGwAwQF
UEQgAwQCuXNEMA0EAgACMAcDBQMqAg34MA0GCSqGSIb3DQEBCwUAA4IBAQBXT9cr
vPLWGAA5wKp5EAcndls2NnDZt/wvIjAA70LE4+KYzvHGrqtJv92JSvBtdPb1mlov
uDS4EL8fgzxNHpvh5BYNU2L/hWsFMAyP6wU1JawREMos9hV7eVcuoZIsbZqeRuF1
E9uFvGE+eF7o66yxePVcGqRMHvLSL96d5iK6BzCQK0/vIKaJgrcEwuZTuWPztQNI
TQwKhcVtO3rj7GyVUdWEERTiDsuWsVXRb6B3OowGG7+7W/g4gKT4jnLdEkWQYbbt
6sOVLcR5lvMQK/OTx6yPUenb8PcQLsqc72yqwcPTCo4V7hmJXzup5w3oDtyNEjcr
o4C3AW6EEZBtra1c
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:58 2025 by rpki-client