Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/36e838-1bbf-4cc0-b5da-4180f9e30945/1/8cyUdpRuKkEtSnPkNT1x0fVY_EM.roa
File: 8cyUdpRuKkEtSnPkNT1x0fVY_EM.roa (raw, json)
Hash identifier: 2xGKclb40tv+pCJfCqSKOxF+N7JkaW0ojxwtfQKFXMc=
Subject key identifier: F1:CC:94:76:94:6E:2A:41:2D:4A:73:E4:35:3D:71:D1:F5:58:FC:43
Certificate issuer: /CN=dac4cb51150802a4018cc256ad29f54720675ed5
Certificate serial: 01856DDD5685F5363CB45D58697AC28ADA25
Authority key identifier: DA:C4:CB:51:15:08:02:A4:01:8C:C2:56:AD:29:F5:47:20:67:5E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sTLURUIAqQBjMJWrSn1RyBnXtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/36e838-1bbf-4cc0-b5da-4180f9e30945/1/8cyUdpRuKkEtSnPkNT1x0fVY_EM.roa
Signing time: Sun 01 Jan 2023 15:05:00 +0000
ROA not before: Sun 01 Jan 2023 15:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211457
IP address blocks: 185.218.105.0/24 maxlen: 24
2a10:d3c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:56:85:f5:36:3c:b4:5d:58:69:7a:c2:8a:da:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac4cb51150802a4018cc256ad29f54720675ed5
Validity
Not Before: Jan 1 15:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1cc9476946e2a412d4a73e4353d71d1f558fc43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9d:8b:e6:bd:de:4e:b8:2e:d0:60:b5:f0:25:
5a:14:72:92:9c:f3:bd:c2:7c:23:63:a1:77:b5:75:
d9:6b:b3:66:6a:8c:71:7a:6f:8c:6a:43:cf:85:00:
2a:10:d9:2f:ff:55:71:d1:39:6a:11:57:05:85:59:
d5:72:16:5f:5f:d3:42:07:66:1b:68:d4:59:cf:00:
e5:3c:bf:50:ec:4f:bf:d2:45:3d:2d:12:99:cd:60:
fa:a6:2e:84:e3:4a:6f:41:c3:56:2e:b5:54:b5:1f:
f3:8a:54:8f:13:65:79:38:8c:c3:a4:4d:2c:a9:49:
77:6f:76:26:44:b7:9e:08:fe:99:3c:73:35:f3:1c:
15:ba:74:1e:84:1f:2b:e6:34:7c:f6:1f:7b:cd:c6:
f5:c4:68:68:48:0c:78:40:c6:39:81:c0:90:ff:63:
aa:c2:17:b6:c6:1d:d3:e6:d5:88:cc:99:38:9a:95:
51:36:e6:8c:63:60:3b:bf:ff:36:27:bd:b2:08:04:
ec:62:b5:d9:b3:9b:58:32:f5:b0:99:3a:18:00:b4:
08:a9:21:1d:a7:ca:5f:f4:98:5e:f4:f4:0d:ff:84:
47:92:77:63:cf:08:15:03:a9:e2:8a:77:7f:48:50:
c7:87:cf:53:77:c8:75:5a:30:c3:7a:e3:f4:c9:95:
c3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CC:94:76:94:6E:2A:41:2D:4A:73:E4:35:3D:71:D1:F5:58:FC:43
X509v3 Authority Key Identifier:
keyid:DA:C4:CB:51:15:08:02:A4:01:8C:C2:56:AD:29:F5:47:20:67:5E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sTLURUIAqQBjMJWrSn1RyBnXtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/36e838-1bbf-4cc0-b5da-4180f9e30945/1/8cyUdpRuKkEtSnPkNT1x0fVY_EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/36e838-1bbf-4cc0-b5da-4180f9e30945/1/2sTLURUIAqQBjMJWrSn1RyBnXtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.105.0/24
IPv6:
2a10:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
a4:cd:5f:84:81:c4:67:a2:17:89:1c:ce:0f:62:6a:cc:6e:4a:
81:24:de:11:a1:4d:24:ef:1d:93:f9:d9:a9:4f:60:68:68:06:
12:35:20:54:90:8c:d3:0d:67:60:d6:50:68:68:d1:8e:52:56:
a9:61:b5:a1:8f:9c:54:a0:a4:37:1d:5b:7a:ee:61:e5:fe:d1:
6f:27:c9:be:92:46:88:d4:e4:01:75:bc:c5:e6:a0:89:4f:3f:
0f:08:32:44:ed:df:02:f1:07:e0:ce:cb:35:1e:fb:83:71:91:
ea:6a:e9:cd:de:d2:e5:62:0c:0b:fe:fb:b2:69:64:93:3c:b5:
6c:7d:31:b9:3d:89:38:33:d7:eb:86:5c:79:0b:af:f1:c5:12:
0a:b9:97:7b:b7:5a:17:3f:9f:ce:06:55:9c:01:fd:ca:c1:54:
7b:04:f3:cc:b3:25:f6:59:9d:52:0d:54:b1:75:b6:6e:f9:a5:
14:88:f0:27:9c:d2:17:6e:7b:0d:94:fc:21:94:16:2f:5e:6b:
08:7c:31:ae:ef:11:f9:73:b1:02:d7:61:68:88:5e:7c:d2:a4:
02:e5:36:04:7a:ea:36:1d:fe:1c:8e:2b:f1:3c:0b:d6:7d:9d:
ad:88:0f:84:1f:85:d6:45:9f:e1:79:d7:79:03:f2:96:f9:3d:
7e:2f:d3:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt3VaF9TY8tF1YaXrCitolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzRjYjUxMTUwODAyYTQwMThjYzI1NmFkMjlmNTQ3MjA2
NzVlZDUwHhcNMjMwMTAxMTUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNjOTQ3Njk0NmUyYTQxMmQ0YTczZTQzNTNkNzFkMWY1NThmYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ2L5r3eTrgu0GC18CVaFHKSnPO9
wnwjY6F3tXXZa7Nmaoxxem+MakPPhQAqENkv/1Vx0TlqEVcFhVnVchZfX9NCB2Yb
aNRZzwDlPL9Q7E+/0kU9LRKZzWD6pi6E40pvQcNWLrVUtR/zilSPE2V5OIzDpE0s
qUl3b3YmRLeeCP6ZPHM18xwVunQehB8r5jR89h97zcb1xGhoSAx4QMY5gcCQ/2Oq
whe2xh3T5tWIzJk4mpVRNuaMY2A7v/82J72yCATsYrXZs5tYMvWwmToYALQIqSEd
p8pf9Jhe9PQN/4RHkndjzwgVA6niind/SFDHh89Td8h1WjDDeuP0yZXDqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPHMlHaUbipBLUpz5DU9cdH1WPxDMB8GA1UdIwQY
MBaAFNrEy1EVCAKkAYzCVq0p9UcgZ17VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNUTFVSVUlBcVFCak1KV3JTbjFSeUJuWHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zNmU4MzgtMWJiZi00Y2MwLWI1ZGEt
NDE4MGY5ZTMwOTQ1LzEvOGN5VWRwUnVLa0V0U25Qa05UMXgwZlZZX0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zNmU4MzgtMWJiZi00Y2MwLWI1ZGEtNDE4MGY5ZTMwOTQ1
LzEvMnNUTFVSVUlBcVFCak1KV3JTbjFSeUJuWHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudppMA0E
AgACMAcDBQMqENPAMA0GCSqGSIb3DQEBCwUAA4IBAQCkzV+EgcRnoheJHM4PYmrM
bkqBJN4RoU0k7x2T+dmpT2BoaAYSNSBUkIzTDWdg1lBoaNGOUlapYbWhj5xUoKQ3
HVt67mHl/tFvJ8m+kkaI1OQBdbzF5qCJTz8PCDJE7d8C8Qfgzss1HvuDcZHqaunN
3tLlYgwL/vuyaWSTPLVsfTG5PYk4M9frhlx5C6/xxRIKuZd7t1oXP5/OBlWcAf3K
wVR7BPPMsyX2WZ1SDVSxdbZu+aUUiPAnnNIXbnsNlPwhlBYvXmsIfDGu7xH5c7EC
12FoiF580qQC5TYEeuo2Hf4cjivxPAvWfZ2tiA+EH4XWRZ/hedd5A/KW+T1+L9Pe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:49 2025 by rpki-client