Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/064e35-8814-43f6-b48b-a26de313b34d/1/SV5uB7YkUKEhsc6Lz7e-7Ng4-0w.roa
File: SV5uB7YkUKEhsc6Lz7e-7Ng4-0w.roa (raw, json)
Hash identifier: y/xZto1aVumPxuUql4Z/3iPGaGy3V+47e7pR8RcV/aU=
Subject key identifier: 49:5E:6E:07:B6:24:50:A1:21:B1:CE:8B:CF:B7:BE:EC:D8:38:FB:4C
Certificate issuer: /CN=2d86956ccd7e3abb4291dd54dbd8b4342bf957cc
Certificate serial: 0188613D964DEA1776057F0A197AA7678706
Authority key identifier: 2D:86:95:6C:CD:7E:3A:BB:42:91:DD:54:DB:D8:B4:34:2B:F9:57:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LYaVbM1-OrtCkd1U29i0NCv5V8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/064e35-8814-43f6-b48b-a26de313b34d/1/SV5uB7YkUKEhsc6Lz7e-7Ng4-0w.roa
Signing time: Sun 28 May 2023 07:23:26 +0000
ROA not before: Sun 28 May 2023 07:23:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41714
IP address blocks: 185.163.148.0/23 maxlen: 24
185.225.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:61:3d:96:4d:ea:17:76:05:7f:0a:19:7a:a7:67:87:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d86956ccd7e3abb4291dd54dbd8b4342bf957cc
Validity
Not Before: May 28 07:23:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=495e6e07b62450a121b1ce8bcfb7beecd838fb4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0a:96:e8:d9:a5:7c:55:2e:d9:09:f2:30:cf:
36:0a:8c:d5:b8:6f:bd:77:d1:81:35:5b:6d:f1:db:
f0:9a:80:bf:95:ba:29:36:a2:53:8d:54:92:01:c0:
3c:90:e7:cd:f7:b8:a0:42:90:19:9f:30:17:e6:17:
b8:e2:57:d6:00:35:3b:5d:ee:26:1c:70:17:78:c0:
3b:1f:6b:d8:3b:6b:83:03:6f:af:22:40:a2:db:31:
af:7c:f8:7e:8d:d0:ea:0c:89:b4:a7:02:76:5c:ef:
89:ab:b0:24:05:09:29:b3:c4:7a:74:2e:99:af:bb:
ed:da:78:0e:af:c7:83:a6:5e:6a:6d:c9:14:ad:99:
f6:4f:07:1b:48:24:c4:7b:5e:4c:81:97:91:3c:6e:
49:95:8f:d5:f2:c4:64:10:44:76:05:55:81:82:f6:
03:13:b9:98:59:3f:79:12:f1:b0:30:33:12:89:82:
85:9d:e5:0c:74:9e:fd:83:32:59:81:2b:f2:dc:98:
e1:7e:26:87:db:4a:c1:5a:3e:e4:f1:76:26:ab:21:
13:c3:24:ac:2a:f5:9f:d2:33:9a:00:6e:3a:d1:13:
da:81:30:3e:58:2f:11:10:37:3c:22:73:d1:83:b7:
cf:19:cc:d1:7e:5a:1e:40:a5:2d:bc:75:e1:9f:d1:
55:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5E:6E:07:B6:24:50:A1:21:B1:CE:8B:CF:B7:BE:EC:D8:38:FB:4C
X509v3 Authority Key Identifier:
keyid:2D:86:95:6C:CD:7E:3A:BB:42:91:DD:54:DB:D8:B4:34:2B:F9:57:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LYaVbM1-OrtCkd1U29i0NCv5V8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/064e35-8814-43f6-b48b-a26de313b34d/1/SV5uB7YkUKEhsc6Lz7e-7Ng4-0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/064e35-8814-43f6-b48b-a26de313b34d/1/LYaVbM1-OrtCkd1U29i0NCv5V8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.148.0/23
185.225.172.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:c0:89:9b:46:ca:27:8b:b8:bc:be:3d:d8:9e:54:2a:d9:13:
0f:5e:31:d2:e4:89:bc:6f:2a:fd:20:b3:ee:f2:71:9f:83:4f:
fd:b7:6a:d3:3b:75:2a:7a:c9:7c:84:3b:05:19:b5:b6:d3:8f:
5d:fe:46:67:f7:09:a7:03:6b:75:74:62:ed:14:15:c0:85:9e:
2c:b0:d0:64:6f:39:9a:ea:74:3b:69:5e:4a:08:d2:2b:cc:20:
48:ff:da:fb:30:86:44:c9:5b:af:e3:6e:4a:60:45:3f:77:43:
8e:de:f8:c9:2e:d2:04:5a:49:ec:a9:6d:de:b4:a3:aa:3c:d0:
ab:16:2c:af:f8:95:69:5f:dd:48:cf:e2:66:52:c3:38:a6:b5:
ed:f2:9d:ea:b7:c3:58:fe:9f:02:30:6c:2e:92:44:78:e3:71:
31:e8:c8:dc:22:de:4b:dc:a5:73:e3:2f:1f:ff:5b:eb:67:f7:
8d:a7:55:ea:7f:dd:16:99:35:47:0a:a8:c4:a6:09:86:88:05:
ce:0e:b3:c0:9d:ff:9a:25:b0:7f:6b:24:2b:de:9f:a1:2d:db:
a2:ed:a1:75:3d:26:7f:65:10:e7:cf:c9:82:94:89:d0:e4:41:
a9:08:31:9c:13:94:f2:81:70:81:05:7f:e8:d9:66:81:88:0c:
55:81:4c:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhhPZZN6hd2BX8KGXqnZ4cGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkODY5NTZjY2Q3ZTNhYmI0MjkxZGQ1NGRiZDhiNDM0MmJm
OTU3Y2MwHhcNMjMwNTI4MDcyMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTVlNmUwN2I2MjQ1MGExMjFiMWNlOGJjZmI3YmVlY2Q4MzhmYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wqW6NmlfFUu2QnyMM82CozVuG+9
d9GBNVtt8dvwmoC/lbopNqJTjVSSAcA8kOfN97igQpAZnzAX5he44lfWADU7Xe4m
HHAXeMA7H2vYO2uDA2+vIkCi2zGvfPh+jdDqDIm0pwJ2XO+Jq7AkBQkps8R6dC6Z
r7vt2ngOr8eDpl5qbckUrZn2TwcbSCTEe15MgZeRPG5JlY/V8sRkEER2BVWBgvYD
E7mYWT95EvGwMDMSiYKFneUMdJ79gzJZgSvy3JjhfiaH20rBWj7k8XYmqyETwySs
KvWf0jOaAG460RPagTA+WC8REDc8InPRg7fPGczRfloeQKUtvHXhn9FV5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFElebge2JFChIbHOi8+3vuzYOPtMMB8GA1UdIwQY
MBaAFC2GlWzNfjq7QpHdVNvYtDQr+VfMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFlhVmJNMS1PcnRDa2QxVTI5aTBOQ3Y1Vjh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8wNjRlMzUtODgxNC00M2Y2LWI0OGIt
YTI2ZGUzMTNiMzRkLzEvU1Y1dUI3WWtVS0Voc2M2THo3ZS03Tmc0LTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8wNjRlMzUtODgxNC00M2Y2LWI0OGItYTI2ZGUzMTNiMzRk
LzEvTFlhVmJNMS1PcnRDa2QxVTI5aTBOQ3Y1Vjh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaOUAwQC
ueGsMA0GCSqGSIb3DQEBCwUAA4IBAQCfwImbRsoni7i8vj3YnlQq2RMPXjHS5Im8
byr9ILPu8nGfg0/9t2rTO3Uqesl8hDsFGbW2049d/kZn9wmnA2t1dGLtFBXAhZ4s
sNBkbzma6nQ7aV5KCNIrzCBI/9r7MIZEyVuv425KYEU/d0OO3vjJLtIEWknsqW3e
tKOqPNCrFiyv+JVpX91Iz+JmUsM4prXt8p3qt8NY/p8CMGwukkR443Ex6MjcIt5L
3KVz4y8f/1vrZ/eNp1Xqf90WmTVHCqjEpgmGiAXODrPAnf+aJbB/ayQr3p+hLdui
7aF1PSZ/ZRDnz8mClInQ5EGpCDGcE5TygXCBBX/o2WaBiAxVgUxR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:46 2025 by rpki-client