Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/gLWlRu66MUV6CU1r-BYP0YhLk1c.roa
File: gLWlRu66MUV6CU1r-BYP0YhLk1c.roa (raw, json)
Hash identifier: YBlPR36pb53HFAG73P6VTVLmfyhY7y8iJwOcu7wymPc=
Subject key identifier: 80:B5:A5:46:EE:BA:31:45:7A:09:4D:6B:F8:16:0F:D1:88:4B:93:57
Certificate issuer: /CN=37778681361b1fff87ce398402efa63869e5bfd1
Certificate serial: 01867442C16AF5D946CC565B2F0872147408
Authority key identifier: 37:77:86:81:36:1B:1F:FF:87:CE:39:84:02:EF:A6:38:69:E5:BF:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/gLWlRu66MUV6CU1r-BYP0YhLk1c.roa
Signing time: Tue 21 Feb 2023 13:56:17 +0000
ROA not before: Tue 21 Feb 2023 13:56:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203971
IP address blocks: 185.118.48.0/24 maxlen: 24
185.118.51.0/24 maxlen: 24
185.118.48.0/22 maxlen: 22
185.118.49.0/24 maxlen: 24
185.118.50.0/24 maxlen: 24
185.222.93.0/24 maxlen: 24
185.222.94.0/24 maxlen: 24
185.222.95.0/24 maxlen: 24
185.222.92.0/22 maxlen: 22
185.222.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:42:c1:6a:f5:d9:46:cc:56:5b:2f:08:72:14:74:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37778681361b1fff87ce398402efa63869e5bfd1
Validity
Not Before: Feb 21 13:56:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80b5a546eeba31457a094d6bf8160fd1884b9357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4a:f4:80:17:eb:2e:43:5c:fd:bb:c7:0b:95:
5c:b4:f3:bb:3d:5d:c8:46:d3:1c:61:89:bb:0e:04:
ac:92:6e:15:80:9d:e9:50:18:f2:a9:fe:ef:33:83:
de:45:3d:be:71:61:a5:53:f4:cb:7e:36:32:ab:ae:
f3:f9:aa:53:34:93:07:f1:a5:42:c5:09:95:20:fd:
de:85:92:ba:a6:ba:50:72:40:24:cd:90:83:4b:83:
9a:fe:a4:14:c1:47:ec:30:fd:ef:de:ec:69:c3:80:
83:d2:16:c3:d6:27:14:d6:31:e4:ba:11:e5:8a:88:
04:a8:de:e9:d5:a1:a0:12:8d:06:a6:fd:e5:48:e4:
b0:dc:ee:84:b9:11:e8:4f:5f:1f:2a:db:33:e0:21:
8d:3d:42:57:8e:32:f3:c4:a9:37:4e:d8:23:28:8a:
58:34:8d:d8:62:4d:c0:99:4b:92:a3:c0:cb:b5:8e:
ff:d0:1c:23:8c:a0:fb:85:f6:6b:f5:66:0e:cb:90:
3d:5a:40:c5:90:06:f6:c3:bf:dc:cd:d8:9c:e6:0f:
86:fb:f0:3a:38:da:8e:39:7b:b6:29:fe:a9:d5:79:
a2:f8:4f:be:6d:a5:f2:50:b7:38:54:32:71:2f:e7:
50:09:3c:48:a1:dd:05:64:b2:03:6c:8a:fd:6c:97:
00:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B5:A5:46:EE:BA:31:45:7A:09:4D:6B:F8:16:0F:D1:88:4B:93:57
X509v3 Authority Key Identifier:
keyid:37:77:86:81:36:1B:1F:FF:87:CE:39:84:02:EF:A6:38:69:E5:BF:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/gLWlRu66MUV6CU1r-BYP0YhLk1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/N3eGgTYbH_-HzjmEAu-mOGnlv9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.48.0/22
185.222.92.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:9c:02:20:9a:c6:ed:09:13:c2:b0:c9:8b:c6:69:53:a1:9c:
b6:75:25:8b:3a:b3:c4:5c:56:ef:5f:e9:87:9a:30:76:11:46:
c4:3e:31:7a:66:37:a2:d2:d3:38:f9:fd:bb:41:7a:61:03:38:
39:e5:dc:f6:be:b9:b1:f2:20:85:95:f5:74:ca:64:ea:66:16:
60:ea:6c:fe:02:0f:06:5b:b6:44:7a:0a:7b:27:a6:8e:b7:a9:
42:3f:8f:26:4e:6e:ef:b6:40:b7:77:52:b5:e2:e1:37:57:6b:
2a:6c:9c:10:e7:e9:6a:86:1f:8e:e7:a9:41:0c:4a:6b:4c:1c:
74:7d:3e:3c:c9:12:44:aa:00:d8:6a:eb:f2:e9:9f:80:ae:38:
4b:20:32:db:27:4b:75:fc:3a:81:19:63:11:ff:89:2a:70:f6:
1d:19:4e:84:a6:e5:83:00:43:b8:25:31:2b:4c:69:f1:96:53:
e4:29:ac:b4:1d:09:f3:68:96:a5:3b:50:fa:dd:8b:e6:8f:be:
90:6a:3c:02:36:44:51:bf:cb:a7:ce:2c:32:c8:61:fd:06:70:
41:96:99:b0:ae:9f:3f:21:4c:ac:c9:3b:51:2c:99:89:f0:39:
f7:0d:5a:74:a8:d4:b9:4f:3a:9a:32:5e:64:f2:a3:bc:60:dd:
96:06:9f:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ0QsFq9dlGzFZbLwhyFHQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Nzc4NjgxMzYxYjFmZmY4N2NlMzk4NDAyZWZhNjM4Njll
NWJmZDEwHhcNMjMwMjIxMTM1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI1YTU0NmVlYmEzMTQ1N2EwOTRkNmJmODE2MGZkMTg4NGI5MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEr0gBfrLkNc/bvHC5VctPO7PV3I
RtMcYYm7DgSskm4VgJ3pUBjyqf7vM4PeRT2+cWGlU/TLfjYyq67z+apTNJMH8aVC
xQmVIP3ehZK6prpQckAkzZCDS4Oa/qQUwUfsMP3v3uxpw4CD0hbD1icU1jHkuhHl
iogEqN7p1aGgEo0Gpv3lSOSw3O6EuRHoT18fKtsz4CGNPUJXjjLzxKk3TtgjKIpY
NI3YYk3AmUuSo8DLtY7/0BwjjKD7hfZr9WYOy5A9WkDFkAb2w7/czdic5g+G+/A6
ONqOOXu2Kf6p1Xmi+E++baXyULc4VDJxL+dQCTxIod0FZLIDbIr9bJcAXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIC1pUbuujFFeglNa/gWD9GIS5NXMB8GA1UdIwQY
MBaAFDd3hoE2Gx//h845hALvpjhp5b/RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNlR2dUWWJIXy1IemptRUF1LW1PR25sdjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82NjBjY2EtYzFhYS00NTU4LWFkMWUt
ZTUzZjkwNGExZjU4LzEvZ0xXbFJ1NjZNVVY2Q1Uxci1CWVAwWWhMazFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82NjBjY2EtYzFhYS00NTU4LWFkMWUtZTUzZjkwNGExZjU4
LzEvTjNlR2dUWWJIXy1IemptRUF1LW1PR25sdjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXYwAwQC
ud5cMA0GCSqGSIb3DQEBCwUAA4IBAQDQnAIgmsbtCRPCsMmLxmlToZy2dSWLOrPE
XFbvX+mHmjB2EUbEPjF6Zjei0tM4+f27QXphAzg55dz2vrmx8iCFlfV0ymTqZhZg
6mz+Ag8GW7ZEegp7J6aOt6lCP48mTm7vtkC3d1K14uE3V2sqbJwQ5+lqhh+O56lB
DEprTBx0fT48yRJEqgDYauvy6Z+ArjhLIDLbJ0t1/DqBGWMR/4kqcPYdGU6EpuWD
AEO4JTErTGnxllPkKay0HQnzaJalO1D63Yvmj76QajwCNkRRv8unziwyyGH9BnBB
lpmwrp8/IUysyTtRLJmJ8Dn3DVp0qNS5TzqaMl5k8qO8YN2WBp+r
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:13 2025 by rpki-client