Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/8WBdfxclk774XCdk9FxaZQKy5DQ.roa
File: 8WBdfxclk774XCdk9FxaZQKy5DQ.roa (raw, json)
Hash identifier: aornOleO7lkKeSWcacYwAKz9T5GZiElJf1s6YtZp6U0=
Subject key identifier: F1:60:5D:7F:17:25:93:BE:F8:5C:27:64:F4:5C:5A:65:02:B2:E4:34
Certificate issuer: /CN=b1d802667980944df4da2ab4b08e9d34b20a8d11
Certificate serial: 018C48B351C8EC4731C2B7C5DC4651E76AEB
Authority key identifier: B1:D8:02:66:79:80:94:4D:F4:DA:2A:B4:B0:8E:9D:34:B2:0A:8D:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdgCZnmAlE302iq0sI6dNLIKjRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/8WBdfxclk774XCdk9FxaZQKy5DQ.roa
Signing time: Fri 08 Dec 2023 09:12:40 +0000
ROA not before: Fri 08 Dec 2023 09:12:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207192
IP address blocks: 185.161.48.0/22 maxlen: 22
185.161.51.0/24 maxlen: 24
185.161.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:48:b3:51:c8:ec:47:31:c2:b7:c5:dc:46:51:e7:6a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1d802667980944df4da2ab4b08e9d34b20a8d11
Validity
Not Before: Dec 8 09:12:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1605d7f172593bef85c2764f45c5a6502b2e434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:35:bd:43:0c:e7:f8:2b:98:12:5c:74:09:c6:
14:2f:00:43:ca:58:68:19:74:59:98:55:9d:f3:53:
4e:53:c7:c7:d7:b5:55:d1:da:3c:e0:f2:a3:6b:a8:
2e:4b:7d:65:00:e5:18:b8:20:35:f5:f9:57:80:76:
0c:0a:26:6f:12:65:4d:f8:d4:6c:d3:44:f1:1d:cd:
e0:b5:9f:df:06:c5:fd:b9:e8:3b:3e:91:cf:b6:3d:
95:f5:55:d8:1f:f9:09:46:5e:87:eb:99:c9:30:11:
01:cb:62:8e:bc:5c:95:51:15:8f:41:a0:05:92:f5:
e5:87:ef:ba:83:ae:cd:7c:c9:79:74:9e:ea:5b:9a:
2f:57:b8:ad:48:82:74:83:e9:a6:01:6b:30:a3:ec:
00:9f:e9:e4:98:19:a9:cf:0b:57:6d:ed:cf:b0:ee:
a0:50:db:90:64:22:06:05:1b:1a:9a:3a:f5:25:44:
8c:5a:b1:22:a1:6f:29:e4:60:92:2e:3b:6e:ae:e3:
2f:68:00:41:4b:1f:db:dc:41:76:f3:04:f3:23:22:
8b:88:13:ee:58:7f:0b:e8:03:47:b2:c0:f1:0f:17:
0f:08:d9:92:9e:35:9a:ec:fb:f8:7b:eb:12:b0:a5:
ff:75:b5:c8:52:2a:50:2e:ad:9e:3d:06:a1:66:f3:
81:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:60:5D:7F:17:25:93:BE:F8:5C:27:64:F4:5C:5A:65:02:B2:E4:34
X509v3 Authority Key Identifier:
keyid:B1:D8:02:66:79:80:94:4D:F4:DA:2A:B4:B0:8E:9D:34:B2:0A:8D:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdgCZnmAlE302iq0sI6dNLIKjRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/8WBdfxclk774XCdk9FxaZQKy5DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/sdgCZnmAlE302iq0sI6dNLIKjRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.48.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:16:7f:7f:3e:52:f9:7a:bf:c6:8d:b6:94:ed:da:58:9c:a1:
03:51:d3:2b:a8:aa:5c:87:42:c7:03:8b:c7:24:d5:a5:2a:14:
5d:4a:07:71:6a:cd:0c:3e:8b:63:72:32:39:28:45:59:49:9b:
cf:d6:a4:ba:84:f5:6a:fb:0d:51:a0:c4:04:fa:b6:48:02:97:
6c:cb:46:95:74:25:7c:f8:e7:36:bf:46:71:59:6d:75:9e:27:
15:de:fc:ab:36:4d:ec:f3:d4:0e:04:ef:61:5d:2a:81:78:54:
8e:3a:05:60:86:68:de:ed:48:5c:e6:df:0f:50:06:06:ab:b0:
b3:8e:1a:4c:02:e8:c2:72:58:15:80:61:00:76:cd:54:c5:13:
b7:d1:09:09:67:ab:27:17:6a:ee:fd:73:cc:90:d2:20:ed:5a:
44:aa:bc:a2:0e:89:cc:c9:a0:fd:72:5e:09:cd:5c:69:e4:34:
44:eb:c5:9d:b4:5b:e9:0d:bd:d4:86:0b:cc:68:2b:93:76:81:
34:b2:04:30:14:4f:cd:d3:71:e5:23:ad:31:9c:b5:e0:35:86:
36:13:76:6e:26:47:f2:0e:55:14:a3:03:b5:fe:ca:f3:ab:4e:
6f:d4:e0:81:4f:09:ea:c1:9d:a8:97:4f:c5:a5:f5:f8:32:63:
90:4b:cd:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxIs1HI7EcxwrfF3EZR52rrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDgwMjY2Nzk4MDk0NGRmNGRhMmFiNGIwOGU5ZDM0YjIw
YThkMTEwHhcNMjMxMjA4MDkxMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTYwNWQ3ZjE3MjU5M2JlZjg1YzI3NjRmNDVjNWE2NTAyYjJlNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTW9Qwzn+CuYElx0CcYULwBDylho
GXRZmFWd81NOU8fH17VV0do84PKja6guS31lAOUYuCA19flXgHYMCiZvEmVN+NRs
00TxHc3gtZ/fBsX9ueg7PpHPtj2V9VXYH/kJRl6H65nJMBEBy2KOvFyVURWPQaAF
kvXlh++6g67NfMl5dJ7qW5ovV7itSIJ0g+mmAWswo+wAn+nkmBmpzwtXbe3PsO6g
UNuQZCIGBRsamjr1JUSMWrEioW8p5GCSLjturuMvaABBSx/b3EF28wTzIyKLiBPu
WH8L6ANHssDxDxcPCNmSnjWa7Pv4e+sSsKX/dbXIUipQLq2ePQahZvOBGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFgXX8XJZO++FwnZPRcWmUCsuQ0MB8GA1UdIwQY
MBaAFLHYAmZ5gJRN9NoqtLCOnTSyCo0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RnQ1pubUFsRTMwMmlxMHNJNmROTElLalJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mMTUzZTctMDdkOS00YjgxLWFhZWQt
Y2JlYzQzZmQ5MmExLzEvOFdCZGZ4Y2xrNzc0WENkazlGeGFaUUt5NURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mMTUzZTctMDdkOS00YjgxLWFhZWQtY2JlYzQzZmQ5MmEx
LzEvc2RnQ1pubUFsRTMwMmlxMHNJNmROTElLalJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaEwMA0G
CSqGSIb3DQEBCwUAA4IBAQCOFn9/PlL5er/GjbaU7dpYnKEDUdMrqKpch0LHA4vH
JNWlKhRdSgdxas0MPotjcjI5KEVZSZvP1qS6hPVq+w1RoMQE+rZIApdsy0aVdCV8
+Oc2v0ZxWW11nicV3vyrNk3s89QOBO9hXSqBeFSOOgVghmje7Uhc5t8PUAYGq7Cz
jhpMAujCclgVgGEAds1UxRO30QkJZ6snF2ru/XPMkNIg7VpEqryiDonMyaD9cl4J
zVxp5DRE68WdtFvpDb3UhgvMaCuTdoE0sgQwFE/N03HlI60xnLXgNYY2E3ZuJkfy
DlUUowO1/srzq05v1OCBTwnqwZ2ol0/FpfX4MmOQS81B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:31 2025 by rpki-client