Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/SeMRo13PfkP94Tb0HUCifpNsQ3E.roa
File: SeMRo13PfkP94Tb0HUCifpNsQ3E.roa (raw, json)
Hash identifier: se3gb7Uyv0QR/5BkBl4AR+MnKKaFk4uV4syAERuSEDw=
Subject key identifier: 49:E3:11:A3:5D:CF:7E:43:FD:E1:36:F4:1D:40:A2:7E:93:6C:43:71
Certificate issuer: /CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
Certificate serial: 01856C0107A69A4671E26CCD1167082522D2
Authority key identifier: A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/SeMRo13PfkP94Tb0HUCifpNsQ3E.roa
Signing time: Sun 01 Jan 2023 06:24:44 +0000
ROA not before: Sun 01 Jan 2023 06:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60631
IP address blocks: 185.164.72.0/24 maxlen: 24
185.164.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:07:a6:9a:46:71:e2:6c:cd:11:67:08:25:22:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
Validity
Not Before: Jan 1 06:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49e311a35dcf7e43fde136f41d40a27e936c4371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:64:25:d5:3f:ae:78:cd:a0:7d:ff:49:b4:b0:
87:0c:7e:c2:9b:ae:49:33:d1:cf:9b:5d:9e:a1:26:
39:2e:d8:24:58:5a:22:52:df:b3:9b:51:3d:36:cf:
2e:3d:a5:5c:30:00:fe:39:1d:08:eb:64:fc:9f:90:
1b:3d:8c:b0:1f:23:be:15:4c:86:42:65:89:67:95:
53:34:af:57:d5:22:5a:01:8a:81:1a:04:62:1f:16:
17:2a:72:f2:3a:4d:63:e0:dd:88:df:8d:c3:7d:0c:
fa:23:65:f2:f3:6e:43:19:3b:ce:9b:ee:db:ad:da:
a8:50:f0:12:61:72:75:b5:0a:7d:2e:94:97:6d:d3:
1e:8f:38:0e:4f:a5:65:c5:c5:05:f9:af:9c:1d:bb:
8a:5b:0f:32:e0:c4:77:14:d7:fa:5c:d3:71:f2:a2:
b2:5a:9e:bd:41:f5:c4:33:73:f1:23:c3:84:e7:07:
a6:f3:cc:15:15:08:2b:c0:7f:73:c4:cb:d2:5d:98:
87:a7:69:e8:d7:22:82:74:82:6b:f6:ea:d5:02:a9:
80:ee:f7:42:69:a7:ae:a9:6e:80:e4:f8:2a:be:b3:
da:10:3e:0d:dc:37:02:39:f8:0d:6d:ba:f5:13:89:
b0:8d:a2:99:c7:08:89:d0:1c:f9:54:46:61:eb:03:
27:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E3:11:A3:5D:CF:7E:43:FD:E1:36:F4:1D:40:A2:7E:93:6C:43:71
X509v3 Authority Key Identifier:
keyid:A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/SeMRo13PfkP94Tb0HUCifpNsQ3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.72.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:dc:be:a5:95:14:00:e3:b9:4e:0b:6c:8a:5d:e2:b8:01:ce:
38:14:34:38:a5:b6:53:d0:89:76:43:0b:84:16:b6:06:4d:3c:
48:a2:2c:b9:cf:cb:fc:77:dd:47:2a:17:c7:3a:d3:1c:af:b2:
b3:d9:7f:00:23:ac:29:22:93:c6:ed:0e:7d:72:d6:e4:97:eb:
ef:45:56:11:2a:fa:68:35:76:d3:b7:a6:d4:4d:b8:89:5d:67:
da:51:ab:3e:10:03:a5:33:0b:87:fa:43:4d:e5:e7:ac:bf:be:
f1:cb:b5:a7:6a:f5:cd:d8:c3:0e:fa:4a:17:f3:30:ea:ce:1e:
de:35:02:21:54:24:f4:af:cb:ed:3d:c0:89:9b:1b:c2:39:f2:
72:30:b5:b6:72:60:23:b0:b3:a0:a3:15:ce:0a:f6:cd:28:6e:
29:13:76:b6:78:74:ae:26:26:cc:d8:74:83:ee:fd:d0:39:1c:
83:d1:46:61:bf:d0:7c:f7:7c:19:58:be:b4:aa:7a:66:85:34:
9b:d5:c1:e1:13:a9:de:5d:8a:54:ba:30:cb:c8:7b:c6:e1:5d:
56:1f:41:56:37:71:e0:7a:45:d6:2d:9b:0e:a9:af:a6:f7:3f:
82:ba:e3:db:3e:1a:ca:85:d1:84:f8:57:b1:3f:b8:50:e9:2e:
06:99:7a:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAQemmkZx4mzNEWcIJSLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTM4MWI2ZTc2Y2I5NTIwZThkOGY1Njc3NmVjYTBmZTE3
NmNjNDAwHhcNMjMwMTAxMDYyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWUzMTFhMzVkY2Y3ZTQzZmRlMTM2ZjQxZDQwYTI3ZTkzNmM0MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2Ql1T+ueM2gff9JtLCHDH7Cm65J
M9HPm12eoSY5LtgkWFoiUt+zm1E9Ns8uPaVcMAD+OR0I62T8n5AbPYywHyO+FUyG
QmWJZ5VTNK9X1SJaAYqBGgRiHxYXKnLyOk1j4N2I343DfQz6I2Xy825DGTvOm+7b
rdqoUPASYXJ1tQp9LpSXbdMejzgOT6VlxcUF+a+cHbuKWw8y4MR3FNf6XNNx8qKy
Wp69QfXEM3PxI8OE5wem88wVFQgrwH9zxMvSXZiHp2no1yKCdIJr9urVAqmA7vdC
aaeuqW6A5PgqvrPaED4N3DcCOfgNbbr1E4mwjaKZxwiJ0Bz5VEZh6wMnpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEnjEaNdz35D/eE29B1Aon6TbENxMB8GA1UdIwQY
MBaAFKDjgbbnbLlSDo2PVnduyg/hdsxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09PQnR1ZHN1VklPalk5V2QyN0tELUYyekVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS84ZTZmMDgtMzBmMC00NmRkLWE3YTEt
YTljMzg0MTI4ZDQyLzEvU2VNUm8xM1Bma1A5NFRiMEhVQ2lmcE5zUTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS84ZTZmMDgtMzBmMC00NmRkLWE3YTEtYTljMzg0MTI4ZDQy
LzEvb09PQnR1ZHN1VklPalk5V2QyN0tELUYyekVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaRIMA0G
CSqGSIb3DQEBCwUAA4IBAQCt3L6llRQA47lOC2yKXeK4Ac44FDQ4pbZT0Il2QwuE
FrYGTTxIoiy5z8v8d91HKhfHOtMcr7Kz2X8AI6wpIpPG7Q59ctbkl+vvRVYRKvpo
NXbTt6bUTbiJXWfaUas+EAOlMwuH+kNN5eesv77xy7WnavXN2MMO+koX8zDqzh7e
NQIhVCT0r8vtPcCJmxvCOfJyMLW2cmAjsLOgoxXOCvbNKG4pE3a2eHSuJibM2HSD
7v3QORyD0UZhv9B893wZWL60qnpmhTSb1cHhE6neXYpUujDLyHvG4V1WH0FWN3Hg
ekXWLZsOqa+m9z+CuuPbPhrKhdGE+FexP7hQ6S4GmXpX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:43 2025 by rpki-client