Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/875ba5-8bb1-48ab-b47d-81fea0f77286/1/S1XUdfn7lPpAA-TF2uMtfPmxly8.roa
File: S1XUdfn7lPpAA-TF2uMtfPmxly8.roa (raw, json)
Hash identifier: it+uU+Q5ner8/QNgaXMi5HU0svcr8cRAh6we9etodPE=
Subject key identifier: 4B:55:D4:75:F9:FB:94:FA:40:03:E4:C5:DA:E3:2D:7C:F9:B1:97:2F
Certificate issuer: /CN=ce70fe698e4dae9d7c32bc156c418064fdcff4b0
Certificate serial: 01856E8B367EAAF7BE1F8AC2A026D7846EAA
Authority key identifier: CE:70:FE:69:8E:4D:AE:9D:7C:32:BC:15:6C:41:80:64:FD:CF:F4:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znD-aY5Nrp18MrwVbEGAZP3P9LA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/875ba5-8bb1-48ab-b47d-81fea0f77286/1/S1XUdfn7lPpAA-TF2uMtfPmxly8.roa
Signing time: Sun 01 Jan 2023 18:14:55 +0000
ROA not before: Sun 01 Jan 2023 18:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199473
IP address blocks: 185.15.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:36:7e:aa:f7:be:1f:8a:c2:a0:26:d7:84:6e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce70fe698e4dae9d7c32bc156c418064fdcff4b0
Validity
Not Before: Jan 1 18:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b55d475f9fb94fa4003e4c5dae32d7cf9b1972f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f3:08:17:ff:d0:40:b4:52:95:f4:b1:e0:73:
f0:ef:41:9b:89:4a:7e:03:c0:3f:b8:28:c9:d7:27:
60:6d:0e:4b:0b:f3:99:22:5b:d3:31:dd:65:d9:a9:
45:99:07:13:c3:a6:43:3e:e2:54:12:5e:f8:8a:49:
22:da:7b:a0:cc:42:32:14:ef:66:40:25:07:c0:0b:
64:86:ea:b3:c3:6a:46:a6:50:bd:19:15:87:4f:19:
24:76:44:e2:8a:92:34:f2:05:9f:d4:66:c8:53:c4:
5a:37:1d:a6:ed:79:f2:71:00:5e:63:48:3d:51:39:
f6:ce:b3:e1:05:a2:be:63:28:a5:54:bb:f2:38:1b:
83:13:42:9b:10:f7:85:0d:d8:52:4e:38:fb:ca:2f:
33:73:33:c2:e8:a4:f6:f3:d4:3a:f7:83:37:b7:64:
b9:68:5e:83:c3:87:8d:3b:2d:81:82:96:c9:eb:de:
c5:34:7f:16:11:fe:f2:74:fb:64:bb:69:15:77:29:
04:95:5a:d9:73:14:c1:14:01:cc:4d:e5:93:12:fc:
6a:c1:81:e4:cf:24:d7:72:b9:0d:6c:f6:fc:49:24:
f3:81:d1:df:12:fc:78:da:d4:b6:5a:e4:1c:dc:13:
5c:92:c3:4f:7b:0c:15:36:31:dd:63:ad:9a:fb:1b:
a6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:55:D4:75:F9:FB:94:FA:40:03:E4:C5:DA:E3:2D:7C:F9:B1:97:2F
X509v3 Authority Key Identifier:
keyid:CE:70:FE:69:8E:4D:AE:9D:7C:32:BC:15:6C:41:80:64:FD:CF:F4:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znD-aY5Nrp18MrwVbEGAZP3P9LA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/875ba5-8bb1-48ab-b47d-81fea0f77286/1/S1XUdfn7lPpAA-TF2uMtfPmxly8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/875ba5-8bb1-48ab-b47d-81fea0f77286/1/znD-aY5Nrp18MrwVbEGAZP3P9LA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.132.0/22
Signature Algorithm: sha256WithRSAEncryption
81:f0:4d:18:58:b2:08:32:d9:12:40:60:f7:5e:4a:ea:9a:1f:
ea:e9:ef:d7:ea:f0:57:df:c8:a5:2e:11:89:cb:89:05:87:bf:
a8:c0:d5:6b:c8:32:d9:fd:26:75:7e:a2:4f:97:ec:d8:bd:b1:
81:e1:cc:d1:40:cb:09:ad:db:ca:8c:ef:a0:44:ce:f0:e3:a2:
24:be:33:00:63:87:ce:24:25:cc:b8:49:8f:e1:8a:c0:cd:59:
f1:70:33:37:95:aa:36:97:d4:de:29:eb:6e:90:c5:5b:57:60:
b2:17:2c:4c:a2:e7:70:c5:75:d7:5c:84:52:c0:9b:d0:60:93:
d8:a1:e5:3d:d8:05:d0:11:6c:4a:c4:3d:52:4e:c8:31:3f:90:
bf:84:ec:0a:e6:c8:94:21:cc:5f:b5:5a:33:56:4f:f6:67:47:
c8:be:02:f2:52:92:08:60:e0:69:ee:b6:4a:b6:58:2f:3d:16:
76:38:0e:59:00:52:97:ff:25:d1:d4:05:0b:97:dd:de:ac:d6:
70:e8:6f:b6:ab:c0:60:a2:7a:70:da:ed:a7:2f:f8:be:b4:d9:
ad:bc:66:6b:f7:7f:1c:9a:2d:46:8d:70:d5:4c:4c:d5:2a:44:
a2:7f:0e:03:d4:a5:47:25:ba:2e:94:fb:49:5c:30:3b:27:e2:
ed:78:89:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuizZ+qve+H4rCoCbXhG6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNzBmZTY5OGU0ZGFlOWQ3YzMyYmMxNTZjNDE4MDY0ZmRj
ZmY0YjAwHhcNMjMwMTAxMTgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU1ZDQ3NWY5ZmI5NGZhNDAwM2U0YzVkYWUzMmQ3Y2Y5YjE5NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fMIF//QQLRSlfSx4HPw70GbiUp+
A8A/uCjJ1ydgbQ5LC/OZIlvTMd1l2alFmQcTw6ZDPuJUEl74ikki2nugzEIyFO9m
QCUHwAtkhuqzw2pGplC9GRWHTxkkdkTiipI08gWf1GbIU8RaNx2m7XnycQBeY0g9
UTn2zrPhBaK+YyilVLvyOBuDE0KbEPeFDdhSTjj7yi8zczPC6KT289Q694M3t2S5
aF6Dw4eNOy2BgpbJ697FNH8WEf7ydPtku2kVdykElVrZcxTBFAHMTeWTEvxqwYHk
zyTXcrkNbPb8SSTzgdHfEvx42tS2WuQc3BNcksNPewwVNjHdY62a+xumOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtV1HX5+5T6QAPkxdrjLXz5sZcvMB8GA1UdIwQY
MBaAFM5w/mmOTa6dfDK8FWxBgGT9z/SwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem5ELWFZNU5ycDE4TXJ3VmJFR0FaUDNQOUxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NzViYTUtOGJiMS00OGFiLWI0N2Qt
ODFmZWEwZjc3Mjg2LzEvUzFYVWRmbjdsUHBBQS1URjJ1TXRmUG14bHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NzViYTUtOGJiMS00OGFiLWI0N2QtODFmZWEwZjc3Mjg2
LzEvem5ELWFZNU5ycDE4TXJ3VmJFR0FaUDNQOUxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ+EMA0G
CSqGSIb3DQEBCwUAA4IBAQCB8E0YWLIIMtkSQGD3Xkrqmh/q6e/X6vBX38ilLhGJ
y4kFh7+owNVryDLZ/SZ1fqJPl+zYvbGB4czRQMsJrdvKjO+gRM7w46IkvjMAY4fO
JCXMuEmP4YrAzVnxcDM3lao2l9TeKetukMVbV2CyFyxMoudwxXXXXIRSwJvQYJPY
oeU92AXQEWxKxD1STsgxP5C/hOwK5siUIcxftVozVk/2Z0fIvgLyUpIIYOBp7rZK
tlgvPRZ2OA5ZAFKX/yXR1AULl93erNZw6G+2q8Bgonpw2u2nL/i+tNmtvGZr938c
mi1GjXDVTEzVKkSifw4D1KVHJboulPtJXDA7J+LteIn0
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:41:55 2025 by rpki-client