Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/UF_S637_MYmwKSxLOvPooS4Hjl0.roa
File: UF_S637_MYmwKSxLOvPooS4Hjl0.roa (raw, json)
Hash identifier: VgiK/v+Q3sqfNPTAhfBz4dy/+exe14d8q0kFEFlzl3Q=
Subject key identifier: 50:5F:D2:EB:7E:FF:31:89:B0:29:2C:4B:3A:F3:E8:A1:2E:07:8E:5D
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 32851B5C
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/UF_S637_MYmwKSxLOvPooS4Hjl0.roa
Signing time: Sat 01 Jan 2022 16:06:46 +0000
ROA not before: Sat 01 Jan 2022 16:06:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51335
IP address blocks: 85.118.36.0/24 maxlen: 24
85.118.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 847584092 (0x32851b5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 1 16:06:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=505fd2eb7eff3189b0292c4b3af3e8a12e078e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:b6:81:ad:27:e8:be:a5:4c:95:31:ad:38:
cc:d3:81:45:f6:b0:d7:28:8e:49:fe:f5:41:72:98:
8e:bd:30:8c:24:02:ee:db:49:20:df:d1:61:23:f3:
e2:7e:f4:f1:fe:92:75:62:9f:bb:d3:2c:3d:b3:22:
10:41:f8:e2:cd:af:96:60:18:05:a5:7c:43:51:31:
6b:42:01:cf:98:88:cd:db:19:78:50:94:20:39:09:
d5:66:c9:0f:a7:69:ed:45:ba:ae:62:51:46:91:61:
58:a5:2d:86:ed:d5:f3:8a:a1:cb:fd:de:30:cd:34:
5d:37:47:9e:d3:ee:f3:1b:47:60:8c:ca:1e:e5:2a:
20:95:9a:58:ad:f3:69:ef:72:eb:3d:a0:8b:15:29:
28:24:1c:1c:49:e7:f6:82:86:16:8f:62:f0:67:f8:
68:09:9a:84:82:d1:46:ab:03:27:e9:78:63:e2:e4:
b1:9d:b4:e9:81:24:cf:ed:c5:05:db:33:9f:e0:2b:
33:ba:87:36:1c:04:f8:12:4f:9c:90:a9:29:2d:50:
30:a7:74:ce:3e:92:ba:28:39:80:3f:dd:c8:a9:03:
b2:23:f8:b2:e1:06:23:7c:dd:21:b1:96:73:4a:de:
35:1d:15:1d:55:73:2f:01:f5:9c:70:03:ac:00:b0:
f2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5F:D2:EB:7E:FF:31:89:B0:29:2C:4B:3A:F3:E8:A1:2E:07:8E:5D
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/UF_S637_MYmwKSxLOvPooS4Hjl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.36.0/24
85.118.39.0/24
Signature Algorithm: sha256WithRSAEncryption
28:07:3a:d9:70:e1:46:7b:85:5b:e4:45:df:c4:a6:62:dc:ed:
a3:a0:1b:0e:6b:40:1b:32:de:d7:d8:dc:60:52:ec:73:fb:ea:
ea:33:56:1e:33:56:2e:be:58:10:39:d4:7c:45:1c:d4:7b:af:
75:90:07:b8:57:d7:7a:fc:68:f5:18:61:c7:a7:f4:aa:fa:6c:
40:7b:0c:cf:49:bc:da:6b:a0:3f:14:82:42:88:4c:17:cf:58:
b4:9b:a0:fa:cd:34:46:2f:7c:50:19:66:36:14:73:c7:c9:df:
ac:94:41:ca:e3:74:2b:68:3a:3e:2e:a2:77:42:cd:f6:f0:99:
a1:a6:44:b9:39:a8:1e:2f:1b:10:06:61:9c:03:fb:a0:54:d8:
ca:5e:96:59:b3:0a:25:ff:17:86:37:63:47:b4:3d:93:60:4e:
21:b7:6a:b7:03:54:c2:e6:b5:11:f2:ec:3a:80:bc:75:b6:de:
ab:87:cb:5a:bf:55:94:ee:f9:6e:4f:e2:64:3d:55:9f:0f:8f:
ef:50:36:21:ef:25:13:28:28:54:17:8a:9d:d6:7d:32:aa:bc:
41:75:9f:ba:9f:d4:e0:e9:67:b3:e7:bb:c5:4f:42:d5:e5:56:
cf:7f:42:d0:d9:1e:19:eb:90:47:da:4f:7b:07:81:a1:96:64:
41:b4:0e:13
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEMoUbXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmRlMWQ5ZGNkYjI1YzFlNTMyYzVjOWI2OWRmYTc1N2UzMDYyMTBlMB4XDTIyMDEw
MTE2MDY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA1ZmQyZWI3ZWZm
MzE4OWIwMjkyYzRiM2FmM2U4YTEyZTA3OGU1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKn/toGtJ+i+pUyVMa04zNOBRfaw1yiOSf71QXKYjr0wjCQC
7ttJIN/RYSPz4n708f6SdWKfu9MsPbMiEEH44s2vlmAYBaV8Q1Exa0IBz5iIzdsZ
eFCUIDkJ1WbJD6dp7UW6rmJRRpFhWKUthu3V84qhy/3eMM00XTdHntPu8xtHYIzK
HuUqIJWaWK3zae9y6z2gixUpKCQcHEnn9oKGFo9i8Gf4aAmahILRRqsDJ+l4Y+Lk
sZ206YEkz+3FBdszn+ArM7qHNhwE+BJPnJCpKS1QMKd0zj6Suig5gD/dyKkDsiP4
suEGI3zdIbGWc0reNR0VHVVzLwH1nHADrACw8qcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRQX9Lrfv8xibApLEs68+ihLgeOXTAfBgNVHSMEGDAWgBRm3h2dzbJcHlMs
XJtp36dX4wYhDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p0NGRuYzJ5WEI1VExGeWJhZC1uVi1NR0lRNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNjBmY2ZlLTdiMmMtNDY3Mi1iYzJmLTQwNDc5ODcwOTc2ZS8x
L1VGX1M2MzdfTVltd0tTeExPdlBvb1M0SGpsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NjBmY2ZlLTdiMmMtNDY3Mi1iYzJmLTQwNDc5ODcwOTc2ZS8xL1p0NGRuYzJ5WEI1
VExGeWJhZC1uVi1NR0lRNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFV2JAMEAFV2JzANBgkqhkiG9w0B
AQsFAAOCAQEAKAc62XDhRnuFW+RF38SmYtzto6AbDmtAGzLe19jcYFLsc/vq6jNW
HjNWLr5YEDnUfEUc1HuvdZAHuFfXevxo9Rhhx6f0qvpsQHsMz0m82mugPxSCQohM
F89YtJug+s00Ri98UBlmNhRzx8nfrJRByuN0K2g6Pi6id0LN9vCZoaZEuTmoHi8b
EAZhnAP7oFTYyl6WWbMKJf8XhjdjR7Q9k2BOIbdqtwNUwua1EfLsOoC8dbbeq4fL
Wr9VlO75bk/iZD1Vnw+P71A2Ie8lEygoVBeKndZ9Mqq8QXWfup/U4Olns+e7xU9C
1eVWz39C0NkeGeuQR9pPeweBoZZkQbQOEw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:27:17 2025 by rpki-client