Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/SPF0d26lguWbuZ41CFAaFmgI_-o.roa
File: SPF0d26lguWbuZ41CFAaFmgI_-o.roa (raw, json)
Hash identifier: u7kxncGL6NXt6VFczDM/HIARZv2u9XX+h3Jcc2CMigw=
Subject key identifier: 48:F1:74:77:6E:A5:82:E5:9B:B9:9E:35:08:50:1A:16:68:08:FF:EA
Certificate issuer: /CN=27dd2479badcb40a24a436b1edcc361c3fa62afb
Certificate serial: 01856F020B5A50E3568568BC1DEFBB1FA29F
Authority key identifier: 27:DD:24:79:BA:DC:B4:0A:24:A4:36:B1:ED:CC:36:1C:3F:A6:2A:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J90kebrctAokpDax7cw2HD-mKvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/SPF0d26lguWbuZ41CFAaFmgI_-o.roa
Signing time: Sun 01 Jan 2023 20:24:42 +0000
ROA not before: Sun 01 Jan 2023 20:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60718
IP address blocks: 185.18.171.0/24 maxlen: 24
185.18.168.0/22 maxlen: 24
185.18.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:0b:5a:50:e3:56:85:68:bc:1d:ef:bb:1f:a2:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27dd2479badcb40a24a436b1edcc361c3fa62afb
Validity
Not Before: Jan 1 20:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48f174776ea582e59bb99e3508501a166808ffea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:40:9c:b5:3b:27:ee:44:21:96:03:27:bf:4a:
e9:bf:15:67:4a:46:b4:48:b3:60:05:3a:b2:ce:55:
c3:75:80:2f:b7:df:f7:c4:ce:32:af:f7:01:72:90:
0d:0f:ab:df:b2:5a:a7:4f:c4:50:e5:84:92:61:b4:
32:53:12:05:be:25:2b:a6:25:5c:74:ac:87:78:69:
a4:24:ed:eb:1a:25:3a:9d:f0:4e:34:c3:41:f5:2e:
ab:75:5d:0f:92:de:6e:50:e8:10:9b:e7:9c:71:45:
44:f5:db:50:77:ae:51:c7:85:cb:d2:9c:4f:86:56:
b6:99:4e:0e:c9:a8:7c:5d:4f:db:cd:0a:21:ce:48:
5f:55:97:ca:23:5a:7a:3a:85:89:12:6b:fe:05:6f:
15:a1:67:2c:89:1d:ba:48:5c:d4:12:14:ad:bf:3e:
5b:3f:82:86:0a:8f:72:1b:dc:b9:bf:69:85:92:10:
d7:0c:5f:c7:94:63:bd:6e:b5:e0:d8:ac:82:dc:c3:
55:43:4b:55:53:d8:ab:30:e3:5b:e0:e8:ac:16:6f:
21:8c:e7:90:22:32:5f:36:57:df:d9:0d:cd:ff:b5:
0e:97:35:b1:0b:53:a6:56:53:f5:1e:3e:36:7d:58:
1b:40:fe:f6:22:64:c4:a8:18:e1:03:9a:59:c5:ad:
8f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F1:74:77:6E:A5:82:E5:9B:B9:9E:35:08:50:1A:16:68:08:FF:EA
X509v3 Authority Key Identifier:
keyid:27:DD:24:79:BA:DC:B4:0A:24:A4:36:B1:ED:CC:36:1C:3F:A6:2A:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J90kebrctAokpDax7cw2HD-mKvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/SPF0d26lguWbuZ41CFAaFmgI_-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/794de3-39e6-4f2c-86f1-bc2c453c0ec8/1/J90kebrctAokpDax7cw2HD-mKvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.168.0/22
Signature Algorithm: sha256WithRSAEncryption
85:18:8b:b6:70:98:01:9a:ed:1f:a5:38:f3:10:67:f5:ac:ce:
89:32:05:fb:08:1e:56:9f:61:97:e2:0a:8b:9a:60:2b:6b:08:
34:da:b2:00:91:fe:6a:a5:dc:97:4f:4d:5f:71:37:97:81:d5:
31:05:06:87:53:22:75:3a:02:c9:56:62:a4:fd:8e:b5:e0:d2:
a1:a7:c6:f9:7d:93:36:4d:96:c0:ee:54:ee:a8:cc:5f:cf:ea:
27:cd:15:c7:90:1c:b9:ae:da:32:56:94:44:33:1f:70:fd:13:
59:94:66:56:50:d0:5d:a9:86:3d:f6:29:34:07:f1:f1:3a:a4:
c9:53:51:6c:27:d3:a4:2f:58:13:02:ae:96:e6:31:f6:6e:1e:
42:2a:bb:92:bd:5c:9e:2f:8f:77:fe:66:1b:cc:5e:83:e4:c8:
6d:41:9c:33:67:2a:36:7d:b1:a1:24:9a:b2:ef:72:09:21:16:
9b:c6:23:76:82:51:92:28:06:3e:a2:5b:a1:6a:43:e0:6c:ad:
1b:b1:c6:29:e8:76:fe:a6:bc:80:20:ae:6a:47:c5:d6:00:63:
04:55:24:ba:6d:a1:96:b7:fd:5b:5e:ac:ba:a9:bd:bf:37:08:
8b:97:67:08:66:90:a5:68:e0:c8:4d:e8:fa:3b:eb:e5:7a:81:
df:69:0a:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAgtaUONWhWi8He+7H6KfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZGQyNDc5YmFkY2I0MGEyNGE0MzZiMWVkY2MzNjFjM2Zh
NjJhZmIwHhcNMjMwMTAxMjAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGYxNzQ3NzZlYTU4MmU1OWJiOTllMzUwODUwMWExNjY4MDhmZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkCctTsn7kQhlgMnv0rpvxVnSka0
SLNgBTqyzlXDdYAvt9/3xM4yr/cBcpAND6vfslqnT8RQ5YSSYbQyUxIFviUrpiVc
dKyHeGmkJO3rGiU6nfBONMNB9S6rdV0Pkt5uUOgQm+eccUVE9dtQd65Rx4XL0pxP
hla2mU4Oyah8XU/bzQohzkhfVZfKI1p6OoWJEmv+BW8VoWcsiR26SFzUEhStvz5b
P4KGCo9yG9y5v2mFkhDXDF/HlGO9brXg2KyC3MNVQ0tVU9irMONb4OisFm8hjOeQ
IjJfNlff2Q3N/7UOlzWxC1OmVlP1Hj42fVgbQP72ImTEqBjhA5pZxa2PgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEjxdHdupYLlm7meNQhQGhZoCP/qMB8GA1UdIwQY
MBaAFCfdJHm63LQKJKQ2se3MNhw/pir7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjkwa2VicmN0QW9rcERheDdjdzJIRC1tS3ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83OTRkZTMtMzllNi00ZjJjLTg2ZjEt
YmMyYzQ1M2MwZWM4LzEvU1BGMGQyNmxndVdidVo0MUNGQWFGbWdJXy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83OTRkZTMtMzllNi00ZjJjLTg2ZjEtYmMyYzQ1M2MwZWM4
LzEvSjkwa2VicmN0QW9rcERheDdjdzJIRC1tS3ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRKoMA0G
CSqGSIb3DQEBCwUAA4IBAQCFGIu2cJgBmu0fpTjzEGf1rM6JMgX7CB5Wn2GX4gqL
mmArawg02rIAkf5qpdyXT01fcTeXgdUxBQaHUyJ1OgLJVmKk/Y614NKhp8b5fZM2
TZbA7lTuqMxfz+onzRXHkBy5rtoyVpREMx9w/RNZlGZWUNBdqYY99ik0B/HxOqTJ
U1FsJ9OkL1gTAq6W5jH2bh5CKruSvVyeL493/mYbzF6D5MhtQZwzZyo2fbGhJJqy
73IJIRabxiN2glGSKAY+oluhakPgbK0bscYp6Hb+pryAIK5qR8XWAGMEVSS6baGW
t/1bXqy6qb2/NwiLl2cIZpClaODITej6O+vleoHfaQrK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:01 2025 by rpki-client