Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/S3dvg0Qm_v4e7eenulpt-g-ZkTY.roa
File: S3dvg0Qm_v4e7eenulpt-g-ZkTY.roa (raw, json)
Hash identifier: X7ql3/WnOgwVaPTCJuVqWKfAT9N3iUWA7C+kxLQfqdU=
Subject key identifier: 4B:77:6F:83:44:26:FE:FE:1E:ED:E7:A7:BA:5A:6D:FA:0F:99:91:36
Certificate issuer: /CN=9344b4879f19ee719a351463001726f686d659ef
Certificate serial: 018C391BD6741A8ABA1BB4A9ABA816BFEAE8
Authority key identifier: 93:44:B4:87:9F:19:EE:71:9A:35:14:63:00:17:26:F6:86:D6:59:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k0S0h58Z7nGaNRRjABcm9obWWe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/S3dvg0Qm_v4e7eenulpt-g-ZkTY.roa
Signing time: Tue 05 Dec 2023 08:32:54 +0000
ROA not before: Tue 05 Dec 2023 08:32:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51432
IP address blocks: 185.55.208.0/22 maxlen: 32
2a02:22f8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:1b:d6:74:1a:8a:ba:1b:b4:a9:ab:a8:16:bf:ea:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9344b4879f19ee719a351463001726f686d659ef
Validity
Not Before: Dec 5 08:32:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b776f834426fefe1eede7a7ba5a6dfa0f999136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0d:19:39:16:c5:c6:eb:b5:ba:81:05:1f:d0:
41:5c:ac:6f:59:01:69:20:cf:69:62:1d:e9:db:8b:
2e:6d:3c:a5:a0:58:2c:f8:f6:db:1f:3d:8f:bc:33:
66:16:2c:f0:d2:53:68:32:be:b8:a0:29:c8:6a:8c:
5a:da:84:e3:f2:81:3f:ef:66:7e:26:e3:11:3c:26:
b5:e3:03:7c:0f:d5:44:cc:f8:ae:8c:d7:db:03:d7:
69:75:db:38:04:6d:1d:2c:de:fe:9d:4f:d0:7f:f3:
66:e8:22:94:fc:37:a9:e6:8c:52:aa:7c:5c:de:79:
d7:83:5b:e7:91:80:c9:b0:2c:56:21:7b:d6:1d:8a:
48:43:16:36:43:d2:3d:6a:aa:8d:54:a3:0e:c0:21:
a3:61:77:3a:f2:29:09:60:b2:d4:07:c7:74:62:d6:
ff:20:83:66:9e:e0:46:19:96:0a:49:a5:8f:51:58:
1d:ee:98:10:65:dc:72:5b:89:c3:b0:e8:76:cb:1d:
79:cd:b5:3f:24:57:7a:d1:dd:8d:c0:56:f2:d8:e9:
2f:14:b0:d5:d1:84:0c:e7:37:ae:fb:60:aa:b0:5e:
a6:df:6d:4f:43:9f:b8:60:19:85:c2:e6:48:1c:02:
ef:90:ce:f0:f3:83:69:ec:6a:20:62:10:f5:ad:ae:
8c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:77:6F:83:44:26:FE:FE:1E:ED:E7:A7:BA:5A:6D:FA:0F:99:91:36
X509v3 Authority Key Identifier:
keyid:93:44:B4:87:9F:19:EE:71:9A:35:14:63:00:17:26:F6:86:D6:59:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k0S0h58Z7nGaNRRjABcm9obWWe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/S3dvg0Qm_v4e7eenulpt-g-ZkTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/k0S0h58Z7nGaNRRjABcm9obWWe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.208.0/22
IPv6:
2a02:22f8::/29
Signature Algorithm: sha256WithRSAEncryption
7c:9f:28:5a:59:2b:1e:50:b7:ea:7b:43:06:62:19:80:1e:d6:
25:e9:a2:d8:bf:50:6d:b5:6b:d7:21:4c:1b:df:09:f3:3e:76:
90:24:56:ab:8c:0d:38:57:50:0a:1c:0d:74:bd:c9:c1:46:b0:
62:b2:87:b6:d6:df:b4:ba:fb:28:2a:d4:50:4f:7c:3f:86:2f:
63:19:5a:b3:ab:47:fe:f7:87:03:21:77:cd:1a:8d:bf:95:4a:
b1:5d:98:14:97:60:b2:ab:e9:c9:52:98:e3:d1:f9:26:f8:47:
fe:c7:c4:cd:bc:ac:b2:3a:31:15:72:0d:ac:7a:21:e5:ea:e1:
75:a9:f8:88:a6:e8:f1:ba:ec:82:e7:4b:79:d0:4b:68:5a:2e:
0a:a7:8f:2d:94:20:c6:93:1e:d4:7a:a5:6b:bd:f7:c8:62:5a:
1f:85:d5:cb:87:17:fd:95:96:a0:32:7e:7c:e8:73:23:c2:07:
9d:f0:1a:06:54:60:68:17:bb:42:80:e5:1f:cc:1f:64:04:96:
a3:08:ae:02:57:87:80:26:d6:3d:97:7e:c9:06:6d:a1:f0:c7:
d2:62:73:c8:37:14:38:9a:3b:98:d3:58:60:e9:1e:93:71:bf:
73:fb:e1:78:68:88:ce:49:bb:27:2b:59:2c:61:ef:36:cc:15:
eb:d4:fd:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw5G9Z0Goq6G7Spq6gWv+roMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNDRiNDg3OWYxOWVlNzE5YTM1MTQ2MzAwMTcyNmY2ODZk
NjU5ZWYwHhcNMjMxMjA1MDgzMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc3NmY4MzQ0MjZmZWZlMWVlZGU3YTdiYTVhNmRmYTBmOTk5MTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g0ZORbFxuu1uoEFH9BBXKxvWQFp
IM9pYh3p24subTyloFgs+PbbHz2PvDNmFizw0lNoMr64oCnIaoxa2oTj8oE/72Z+
JuMRPCa14wN8D9VEzPiujNfbA9dpdds4BG0dLN7+nU/Qf/Nm6CKU/Dep5oxSqnxc
3nnXg1vnkYDJsCxWIXvWHYpIQxY2Q9I9aqqNVKMOwCGjYXc68ikJYLLUB8d0Ytb/
IINmnuBGGZYKSaWPUVgd7pgQZdxyW4nDsOh2yx15zbU/JFd60d2NwFby2OkvFLDV
0YQM5zeu+2CqsF6m321PQ5+4YBmFwuZIHALvkM7w84Np7GogYhD1ra6M4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEt3b4NEJv7+Hu3np7pabfoPmZE2MB8GA1UdIwQY
MBaAFJNEtIefGe5xmjUUYwAXJvaG1lnvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazBTMGg1OFo3bkdhTlJSakFCY205b2JXV2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81ODU4ZjEtMjljNS00NmU2LWE3NmQt
NWE0MGU1MmNkNDgxLzEvUzNkdmcwUW1fdjRlN2VlbnVscHQtZy1aa1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81ODU4ZjEtMjljNS00NmU2LWE3NmQtNWE0MGU1MmNkNDgx
LzEvazBTMGg1OFo3bkdhTlJSakFCY205b2JXV2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTfQMA0E
AgACMAcDBQMqAiL4MA0GCSqGSIb3DQEBCwUAA4IBAQB8nyhaWSseULfqe0MGYhmA
HtYl6aLYv1BttWvXIUwb3wnzPnaQJFarjA04V1AKHA10vcnBRrBisoe21t+0uvso
KtRQT3w/hi9jGVqzq0f+94cDIXfNGo2/lUqxXZgUl2Cyq+nJUpjj0fkm+Ef+x8TN
vKyyOjEVcg2seiHl6uF1qfiIpujxuuyC50t50EtoWi4Kp48tlCDGkx7UeqVrvffI
YlofhdXLhxf9lZagMn586HMjwged8BoGVGBoF7tCgOUfzB9kBJajCK4CV4eAJtY9
l37JBm2h8MfSYnPINxQ4mjuY01hg6R6Tcb9z++F4aIjOSbsnK1ksYe82zBXr1P0U
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:03 2025 by rpki-client