Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/tHIeZIEnbrSJN_MTlPg1WS8FM8Q.roa
File: tHIeZIEnbrSJN_MTlPg1WS8FM8Q.roa (raw, json)
Hash identifier: sKepcVF1vif498MNr1GttqHhZcI8iSqqUPmagKeTFo0=
Subject key identifier: B4:72:1E:64:81:27:6E:B4:89:37:F3:13:94:F8:35:59:2F:05:33:C4
Certificate issuer: /CN=836462c62c7f63d2f5d787a701d779ab696e2236
Certificate serial: 018AA832935EB057EA0D0D59A41CA5B09D19
Authority key identifier: 83:64:62:C6:2C:7F:63:D2:F5:D7:87:A7:01:D7:79:AB:69:6E:22:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Rixix_Y9L114enAdd5q2luIjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/tHIeZIEnbrSJN_MTlPg1WS8FM8Q.roa
Signing time: Mon 18 Sep 2023 12:10:01 +0000
ROA not before: Mon 18 Sep 2023 12:10:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209128
IP address blocks: 185.149.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:32:93:5e:b0:57:ea:0d:0d:59:a4:1c:a5:b0:9d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836462c62c7f63d2f5d787a701d779ab696e2236
Validity
Not Before: Sep 18 12:10:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4721e6481276eb48937f31394f835592f0533c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:66:58:c5:95:7c:5d:ad:88:9b:7e:64:3f:41:
33:27:c3:17:49:f9:44:bd:21:f8:4e:c0:de:66:77:
80:8a:58:ef:18:fa:ed:21:01:4f:6c:ee:5a:4a:25:
11:2e:a5:64:93:b6:50:d9:50:7f:b9:c4:b6:39:7a:
c6:9c:f8:c7:fc:1c:0b:11:60:02:86:54:20:c2:12:
48:63:dd:df:52:2f:af:ca:30:c6:45:ac:b5:df:1e:
db:d2:e3:90:55:c3:00:c9:38:53:25:c4:a7:8e:26:
91:c5:80:4c:b2:d4:bf:ef:e6:61:4a:1b:de:b1:69:
f1:08:fc:9e:b1:45:04:76:75:f1:16:83:ee:ba:83:
e9:c8:8f:da:04:b5:7f:b7:93:51:e4:82:86:ee:38:
69:34:eb:a6:bd:fa:a7:5e:c9:55:35:74:0f:d9:38:
ae:aa:fd:02:09:fc:40:05:7b:59:1f:a3:a3:97:e4:
3d:0e:06:19:b7:ab:db:2b:e8:46:77:18:81:4b:65:
8a:ea:da:9d:6b:ab:0e:04:2f:92:49:45:77:5c:59:
9c:c4:26:20:13:c3:03:9a:e5:24:55:af:67:50:73:
3b:62:03:f1:56:1a:b6:28:1b:07:27:f9:20:9c:6d:
e8:2f:f8:01:a9:3c:e1:76:fc:57:dc:c9:19:5a:79:
ad:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:72:1E:64:81:27:6E:B4:89:37:F3:13:94:F8:35:59:2F:05:33:C4
X509v3 Authority Key Identifier:
keyid:83:64:62:C6:2C:7F:63:D2:F5:D7:87:A7:01:D7:79:AB:69:6E:22:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Rixix_Y9L114enAdd5q2luIjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/tHIeZIEnbrSJN_MTlPg1WS8FM8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/g2Rixix_Y9L114enAdd5q2luIjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.121.0/24
Signature Algorithm: sha256WithRSAEncryption
18:1f:1f:b4:17:83:12:3a:7b:b1:fe:42:e7:33:65:0c:b1:4d:
dc:4d:5c:14:b4:24:b2:f1:81:b9:c8:79:0b:4b:36:86:1f:fc:
9c:50:9a:d8:10:59:eb:a0:73:12:26:21:b8:4e:e9:ec:24:1d:
d8:dc:47:6b:a6:84:0e:48:e0:3e:1f:23:da:50:d3:bb:c6:00:
0e:09:07:6a:ed:65:a2:da:01:0a:4a:b1:a3:f1:66:89:28:da:
20:c0:37:16:81:e2:dd:d2:3d:67:2a:9e:50:c7:ed:09:59:f0:
76:67:b1:7c:67:ba:fc:9e:b6:b3:84:9d:27:37:ce:79:f8:b0:
87:56:6e:40:3f:6c:13:a9:15:b4:18:e2:31:47:b5:8e:3a:58:
ef:a8:b4:8e:80:35:72:a4:21:fe:f5:40:df:12:23:f1:ee:36:
2e:4c:d9:2a:1d:22:f7:e4:a2:6d:61:77:1d:26:ef:e8:70:4e:
39:33:d5:4a:b1:92:e8:d2:a7:06:82:1e:3d:bf:c3:74:3b:ad:
1c:02:dc:c1:c8:95:cc:77:10:8a:76:9a:1d:bc:e4:48:cf:5c:
9e:98:e3:b8:9a:da:ed:f8:5d:95:85:b9:35:04:ce:e0:17:83:
c5:3e:2e:47:5b:19:cc:a5:8e:37:71:d3:86:e7:06:50:16:66:
05:2b:f3:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqoMpNesFfqDQ1ZpBylsJ0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjQ2MmM2MmM3ZjYzZDJmNWQ3ODdhNzAxZDc3OWFiNjk2
ZTIyMzYwHhcNMjMwOTE4MTIxMDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcyMWU2NDgxMjc2ZWI0ODkzN2YzMTM5NGY4MzU1OTJmMDUzM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2ZYxZV8Xa2Im35kP0EzJ8MXSflE
vSH4TsDeZneAiljvGPrtIQFPbO5aSiURLqVkk7ZQ2VB/ucS2OXrGnPjH/BwLEWAC
hlQgwhJIY93fUi+vyjDGRay13x7b0uOQVcMAyThTJcSnjiaRxYBMstS/7+ZhShve
sWnxCPyesUUEdnXxFoPuuoPpyI/aBLV/t5NR5IKG7jhpNOumvfqnXslVNXQP2Tiu
qv0CCfxABXtZH6Ojl+Q9DgYZt6vbK+hGdxiBS2WK6tqda6sOBC+SSUV3XFmcxCYg
E8MDmuUkVa9nUHM7YgPxVhq2KBsHJ/kgnG3oL/gBqTzhdvxX3MkZWnmtnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRyHmSBJ260iTfzE5T4NVkvBTPEMB8GA1UdIwQY
MBaAFINkYsYsf2PS9deHpwHXeatpbiI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJSaXhpeF9ZOUwxMTRlbkFkZDVxMmx1SWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zNzE3Y2YtZmEzOC00ZTNlLWFlZmMt
ZjkxMGU1MTc2YjVlLzEvdEhJZVpJRW5iclNKTl9NVGxQZzFXUzhGTThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zNzE3Y2YtZmEzOC00ZTNlLWFlZmMtZjkxMGU1MTc2YjVl
LzEvZzJSaXhpeF9ZOUwxMTRlbkFkZDVxMmx1SWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZV5MA0G
CSqGSIb3DQEBCwUAA4IBAQAYHx+0F4MSOnux/kLnM2UMsU3cTVwUtCSy8YG5yHkL
SzaGH/ycUJrYEFnroHMSJiG4TunsJB3Y3EdrpoQOSOA+HyPaUNO7xgAOCQdq7WWi
2gEKSrGj8WaJKNogwDcWgeLd0j1nKp5Qx+0JWfB2Z7F8Z7r8nrazhJ0nN855+LCH
Vm5AP2wTqRW0GOIxR7WOOljvqLSOgDVypCH+9UDfEiPx7jYuTNkqHSL35KJtYXcd
Ju/ocE45M9VKsZLo0qcGgh49v8N0O60cAtzByJXMdxCKdpodvORIz1yemOO4mtrt
+F2Vhbk1BM7gF4PFPi5HWxnMpY43cdOG5wZQFmYFK/P2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:59 2025 by rpki-client