Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/mS6CHyES2JLcKMnpXJgzlzqGgac.roa
File: mS6CHyES2JLcKMnpXJgzlzqGgac.roa (raw, json)
Hash identifier: 4JPhadcCdgHoOxuaTW5MD1FJYx3vzz22OHUfKly8gKg=
Subject key identifier: 99:2E:82:1F:21:12:D8:92:DC:28:C9:E9:5C:98:33:97:3A:86:81:A7
Certificate issuer: /CN=115c040ec9754320236cdca64e39390bdde3626a
Certificate serial: 01856E2681BDE0AE6D7AABB3E26C6AA435E5
Authority key identifier: 11:5C:04:0E:C9:75:43:20:23:6C:DC:A6:4E:39:39:0B:DD:E3:62:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EVwEDsl1QyAjbNymTjk5C93jYmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/mS6CHyES2JLcKMnpXJgzlzqGgac.roa
Signing time: Sun 01 Jan 2023 16:24:55 +0000
ROA not before: Sun 01 Jan 2023 16:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30742
IP address blocks: 185.48.220.0/22 maxlen: 22
2a01:9ba0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:81:bd:e0:ae:6d:7a:ab:b3:e2:6c:6a:a4:35:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115c040ec9754320236cdca64e39390bdde3626a
Validity
Not Before: Jan 1 16:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=992e821f2112d892dc28c9e95c9833973a8681a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:46:3d:2b:6b:f4:50:83:f6:fd:ca:92:2b:71:
d6:70:81:36:4e:6b:a9:c8:91:c6:59:2e:33:f1:f2:
4d:6b:de:b1:96:78:13:9f:68:22:4c:a5:79:0b:13:
94:3a:ef:cb:d6:82:cf:27:4e:d3:05:28:2d:41:3a:
b1:75:d4:a5:38:8b:33:42:3c:dc:e4:d0:63:e7:9c:
03:57:6b:fd:13:a2:b4:91:8d:0b:53:a5:be:74:5b:
dc:d8:e8:c2:7d:43:95:07:71:07:6e:07:77:49:1b:
68:90:37:8b:40:45:01:e7:6f:6e:ae:9d:d2:59:71:
bb:97:d5:57:6c:60:77:0d:44:5a:db:7b:af:76:e4:
8c:00:57:45:23:e2:12:38:7d:e0:bb:cf:20:16:32:
e4:16:7a:57:4e:56:3b:07:7f:ac:18:1e:c2:c8:93:
b4:5b:98:89:1d:8e:31:6a:3a:2d:32:ea:86:8d:0e:
50:6f:44:54:48:a6:57:cd:5e:53:bd:9c:39:b2:62:
c3:85:e8:1a:3a:87:46:97:f2:dc:54:65:22:4e:0d:
ac:fa:fc:0e:fb:53:1f:62:56:20:fc:50:4f:fe:75:
e0:50:a6:eb:00:2d:81:b8:67:9c:18:ee:15:f5:51:
73:8d:ea:aa:38:52:31:f8:e2:f7:f2:1e:2a:14:48:
8e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2E:82:1F:21:12:D8:92:DC:28:C9:E9:5C:98:33:97:3A:86:81:A7
X509v3 Authority Key Identifier:
keyid:11:5C:04:0E:C9:75:43:20:23:6C:DC:A6:4E:39:39:0B:DD:E3:62:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVwEDsl1QyAjbNymTjk5C93jYmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/mS6CHyES2JLcKMnpXJgzlzqGgac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/EVwEDsl1QyAjbNymTjk5C93jYmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.220.0/22
IPv6:
2a01:9ba0::/32
Signature Algorithm: sha256WithRSAEncryption
35:4e:6a:20:5c:30:1b:ce:c1:18:dd:c3:19:77:27:c7:a3:17:
9b:6e:7b:e4:6b:f6:99:0b:53:4f:b4:98:1a:2e:6a:22:8b:a6:
94:fe:e1:ec:80:98:71:31:0e:39:4d:8c:e3:0a:07:14:f1:85:
f3:f6:96:3d:8b:bb:b2:56:50:36:da:88:b2:f2:e4:d1:64:69:
d9:03:79:f9:62:af:d1:73:74:ef:31:bf:0b:7e:14:e7:cc:eb:
39:80:60:48:b5:1a:f7:f4:cf:8a:a4:91:3a:33:20:2b:e6:07:
79:c0:1e:16:70:18:20:ad:3d:b3:94:c3:6f:a6:15:c0:c9:50:
e3:b0:87:5c:fe:07:ee:ea:e7:82:0f:37:39:42:d0:07:fa:ad:
a5:85:16:4d:f6:e2:ed:42:18:fb:82:75:51:10:0f:f0:f8:7d:
b5:70:ee:7f:e8:af:2e:83:5d:05:2f:c1:c8:f0:84:c7:2a:42:
5d:98:cf:49:2d:df:03:96:2d:51:2e:74:e7:b0:2c:6c:70:cd:
3e:48:3f:66:aa:80:d1:93:8f:dc:d1:c8:8b:f8:3c:df:a8:6f:
0e:60:71:c1:0a:13:ce:e8:6d:e4:f0:ef:42:bd:6b:48:55:ba:
1b:51:ff:77:fd:e1:ce:95:79:3c:e7:5b:b8:f9:99:b0:f5:d2:
43:c4:f5:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuJoG94K5tequz4mxqpDXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNWMwNDBlYzk3NTQzMjAyMzZjZGNhNjRlMzkzOTBiZGRl
MzYyNmEwHhcNMjMwMTAxMTYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJlODIxZjIxMTJkODkyZGMyOGM5ZTk1Yzk4MzM5NzNhODY4MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUY9K2v0UIP2/cqSK3HWcIE2Tmup
yJHGWS4z8fJNa96xlngTn2giTKV5CxOUOu/L1oLPJ07TBSgtQTqxddSlOIszQjzc
5NBj55wDV2v9E6K0kY0LU6W+dFvc2OjCfUOVB3EHbgd3SRtokDeLQEUB529urp3S
WXG7l9VXbGB3DURa23uvduSMAFdFI+ISOH3gu88gFjLkFnpXTlY7B3+sGB7CyJO0
W5iJHY4xajotMuqGjQ5Qb0RUSKZXzV5TvZw5smLDhegaOodGl/LcVGUiTg2s+vwO
+1MfYlYg/FBP/nXgUKbrAC2BuGecGO4V9VFzjeqqOFIx+OL38h4qFEiOyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJkugh8hEtiS3CjJ6VyYM5c6hoGnMB8GA1UdIwQY
MBaAFBFcBA7JdUMgI2zcpk45OQvd42JqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVZ3RURzbDFReUFqYk55bVRqazVDOTNqWW1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lNjUxNTItMzlmYi00OTc2LThjZGEt
NzBlN2QwNTdmZjJkLzEvbVM2Q0h5RVMySkxjS01ucFhKZ3psenFHZ2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lNjUxNTItMzlmYi00OTc2LThjZGEtNzBlN2QwNTdmZjJk
LzEvRVZ3RURzbDFReUFqYk55bVRqazVDOTNqWW1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTDcMA0E
AgACMAcDBQAqAZugMA0GCSqGSIb3DQEBCwUAA4IBAQA1TmogXDAbzsEY3cMZdyfH
oxebbnvka/aZC1NPtJgaLmoii6aU/uHsgJhxMQ45TYzjCgcU8YXz9pY9i7uyVlA2
2oiy8uTRZGnZA3n5Yq/Rc3TvMb8LfhTnzOs5gGBItRr39M+KpJE6MyAr5gd5wB4W
cBggrT2zlMNvphXAyVDjsIdc/gfu6ueCDzc5QtAH+q2lhRZN9uLtQhj7gnVREA/w
+H21cO5/6K8ug10FL8HI8ITHKkJdmM9JLd8Dli1RLnTnsCxscM0+SD9mqoDRk4/c
0ciL+DzfqG8OYHHBChPO6G3k8O9CvWtIVbobUf93/eHOlXk851u4+Zmw9dJDxPWI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:55 2025 by rpki-client