Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/SmiUDremCfCeW2KHS0cPHqeCvyk.roa
File: SmiUDremCfCeW2KHS0cPHqeCvyk.roa (raw, json)
Hash identifier: 0mavVMP8AKT3TWt0gNWOLpbdMBz4y9iVSCK8mMhseF4=
Subject key identifier: 4A:68:94:0E:B7:A6:09:F0:9E:5B:62:87:4B:47:0F:1E:A7:82:BF:29
Certificate issuer: /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial: 01856E143FEEBBB5EED7634F876ACCDCBF1D
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/SmiUDremCfCeW2KHS0cPHqeCvyk.roa
Signing time: Sun 01 Jan 2023 16:04:58 +0000
ROA not before: Sun 01 Jan 2023 16:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201803
IP address blocks: 185.63.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:3f:ee:bb:b5:ee:d7:63:4f:87:6a:cc:dc:bf:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Validity
Not Before: Jan 1 16:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a68940eb7a609f09e5b62874b470f1ea782bf29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:22:59:c6:90:58:56:23:33:1f:f0:d2:df:65:
dd:0f:0c:81:76:34:45:96:88:c3:70:79:5a:e6:71:
46:5d:df:bf:5d:06:e5:93:ca:6d:8a:33:cb:28:a4:
d0:1f:8e:38:ac:75:97:d0:da:7c:1f:33:f1:2d:84:
48:b5:c4:02:5b:8a:5e:73:5d:eb:22:9d:62:71:9a:
c3:16:50:7d:d2:a7:36:1f:98:cf:8c:45:1d:93:06:
b7:e4:35:d1:b9:16:05:57:55:a9:05:1e:74:42:85:
4f:7b:5f:db:e8:99:41:b3:05:30:c3:31:36:a2:7f:
ca:cd:e5:d9:30:34:72:fc:49:0b:23:32:b8:ac:59:
be:ef:70:83:10:f5:cf:c2:1a:fd:c9:0c:cb:c7:c1:
24:d6:c1:98:d8:bb:f7:82:17:7c:fb:1f:e8:3e:57:
0e:a7:06:5d:a9:07:05:bf:eb:12:fa:6e:03:44:40:
a7:0c:f6:31:e3:e2:6f:f4:78:ce:65:00:c6:e1:79:
a9:d6:5b:bc:74:29:b5:be:94:29:9a:cf:a4:38:ca:
80:20:63:fd:df:98:87:c6:59:8a:78:29:98:8a:6b:
eb:0f:b4:57:3a:b5:86:dc:76:8d:bf:f1:8e:81:e1:
06:f5:57:31:13:1b:18:ae:5e:59:5e:a2:6a:ec:bd:
4d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:68:94:0E:B7:A6:09:F0:9E:5B:62:87:4B:47:0F:1E:A7:82:BF:29
X509v3 Authority Key Identifier:
keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/SmiUDremCfCeW2KHS0cPHqeCvyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.32.0/24
Signature Algorithm: sha256WithRSAEncryption
73:c8:3c:31:df:66:a7:e2:d3:b6:d2:5c:2f:5a:94:69:64:20:
47:bf:e7:d9:ff:20:ee:9a:b9:36:2e:cd:82:a3:85:0a:7b:1d:
4b:c4:ab:3f:89:2d:ff:47:a4:26:fc:52:4f:19:e5:f2:e5:f8:
ed:12:0f:0a:ac:8c:b8:3f:d1:02:df:20:cb:48:7b:24:3a:52:
66:40:ad:9b:6b:bb:05:2f:a1:51:0c:db:68:92:60:e5:a7:23:
88:1c:10:00:a0:0c:59:b5:35:f6:6d:db:93:69:51:c3:db:16:
04:6e:01:f0:f3:ab:f8:af:c8:fc:ba:0f:1a:b5:79:55:6f:8d:
35:d4:21:cd:79:6a:92:8f:87:94:4c:60:81:45:1f:bc:33:86:
fa:36:d4:50:cb:f3:fd:d1:8f:7e:c7:73:26:e0:25:43:36:dd:
f7:e3:bc:02:02:aa:1a:0d:7a:cc:b0:98:61:49:bc:f6:e4:b7:
aa:f5:e1:b9:ca:6f:32:60:04:81:61:10:da:06:13:15:f1:cf:
f1:8f:dc:58:c9:27:4d:ef:98:a9:5a:f9:8c:83:f7:46:70:33:
fa:a0:a7:bd:e3:bf:d2:36:e9:ff:4e:0e:6c:0b:9a:4b:50:21:
70:82:7f:35:8d:b2:9b:14:a5:6c:9f:db:39:f7:08:be:6c:bd:
a7:96:0c:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFD/uu7Xu12NPh2rM3L8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjMwMTAxMTYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTY4OTQwZWI3YTYwOWYwOWU1YjYyODc0YjQ3MGYxZWE3ODJiZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryJZxpBYViMzH/DS32XdDwyBdjRF
lojDcHla5nFGXd+/XQblk8ptijPLKKTQH444rHWX0Np8HzPxLYRItcQCW4pec13r
Ip1icZrDFlB90qc2H5jPjEUdkwa35DXRuRYFV1WpBR50QoVPe1/b6JlBswUwwzE2
on/KzeXZMDRy/EkLIzK4rFm+73CDEPXPwhr9yQzLx8Ek1sGY2Lv3ghd8+x/oPlcO
pwZdqQcFv+sS+m4DRECnDPYx4+Jv9HjOZQDG4Xmp1lu8dCm1vpQpms+kOMqAIGP9
35iHxlmKeCmYimvrD7RXOrWG3HaNv/GOgeEG9VcxExsYrl5ZXqJq7L1NrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpolA63pgnwnltih0tHDx6ngr8pMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvU21pVURyZW1DZkNlVzJLSFMwY1BIcWVDdnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT8gMA0G
CSqGSIb3DQEBCwUAA4IBAQBzyDwx32an4tO20lwvWpRpZCBHv+fZ/yDumrk2Ls2C
o4UKex1LxKs/iS3/R6Qm/FJPGeXy5fjtEg8KrIy4P9EC3yDLSHskOlJmQK2ba7sF
L6FRDNtokmDlpyOIHBAAoAxZtTX2bduTaVHD2xYEbgHw86v4r8j8ug8atXlVb401
1CHNeWqSj4eUTGCBRR+8M4b6NtRQy/P90Y9+x3Mm4CVDNt3347wCAqoaDXrMsJhh
Sbz25Leq9eG5ym8yYASBYRDaBhMV8c/xj9xYySdN75ipWvmMg/dGcDP6oKe947/S
Nun/Tg5sC5pLUCFwgn81jbKbFKVsn9s59wi+bL2nlgxx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:59 2025 by rpki-client