Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/SOurSoIpPL5eQHQ8JXddjEbBPv0.roa
File: SOurSoIpPL5eQHQ8JXddjEbBPv0.roa (raw, json)
Hash identifier: PA/r4Gau2ddSKjCbtb05OFtxbjkmEQwBkHCPOMoQf80=
Subject key identifier: 48:EB:AB:4A:82:29:3C:BE:5E:40:74:3C:25:77:5D:8C:46:C1:3E:FD
Certificate issuer: /CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3
Certificate serial: 01856CF846C3E0D0798433D105312E53AA93
Authority key identifier: 61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/SOurSoIpPL5eQHQ8JXddjEbBPv0.roa
Signing time: Sun 01 Jan 2023 10:54:48 +0000
ROA not before: Sun 01 Jan 2023 10:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60517
IP address blocks: 185.118.244.0/22 maxlen: 22
185.118.245.0/24 maxlen: 24
185.118.244.0/24 maxlen: 24
185.118.246.0/24 maxlen: 24
185.118.247.0/24 maxlen: 24
185.51.128.0/22 maxlen: 22
185.51.130.0/24 maxlen: 24
185.51.129.0/24 maxlen: 24
185.51.131.0/24 maxlen: 24
185.36.95.0/24 maxlen: 24
185.36.92.0/22 maxlen: 22
185.36.93.0/24 maxlen: 24
185.36.92.0/24 maxlen: 24
185.36.94.0/24 maxlen: 24
185.131.182.0/24 maxlen: 24
185.131.181.0/24 maxlen: 24
185.131.183.0/24 maxlen: 24
185.131.180.0/24 maxlen: 24
185.131.180.0/22 maxlen: 22
185.175.212.0/22 maxlen: 22
185.91.172.0/22 maxlen: 22
185.91.172.0/24 maxlen: 24
178.157.98.0/24 maxlen: 24
178.157.97.0/24 maxlen: 24
185.91.175.0/24 maxlen: 24
185.91.174.0/24 maxlen: 24
178.157.96.0/24 maxlen: 24
178.157.96.0/22 maxlen: 22
185.91.173.0/24 maxlen: 24
178.157.99.0/24 maxlen: 24
185.27.123.0/24 maxlen: 24
185.27.122.0/24 maxlen: 24
185.27.121.0/24 maxlen: 24
185.27.120.0/22 maxlen: 22
185.27.120.0/24 maxlen: 24
2a06:96c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:46:c3:e0:d0:79:84:33:d1:05:31:2e:53:aa:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3
Validity
Not Before: Jan 1 10:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48ebab4a82293cbe5e40743c25775d8c46c13efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:72:7d:53:35:3e:e3:18:91:b8:65:31:d7:5c:
cf:a4:a9:14:d6:b4:4f:0d:46:57:32:b4:d1:fd:db:
fb:bf:bb:85:9f:f9:12:83:dd:57:93:13:b9:79:e2:
78:c1:0d:ae:7c:fe:24:16:71:3a:2a:6c:4b:a0:d2:
11:16:a0:c3:5d:1b:42:7c:c3:7f:f4:2e:6b:54:5f:
f4:3f:a5:94:01:32:b6:8a:0f:d8:f6:af:d6:0c:84:
c0:73:82:9f:4f:13:26:7c:18:f6:0d:71:0f:6b:68:
62:c5:4d:4b:f7:7c:84:92:21:01:bb:bd:d0:a0:be:
35:9f:c9:2c:64:d9:da:14:e5:90:f1:cd:5e:b2:50:
ac:37:32:1a:72:83:0e:42:39:23:fb:f4:f8:8c:f2:
5e:86:9c:c8:97:af:fb:cd:96:d7:4d:9a:8a:42:21:
a9:1b:c3:d2:20:9e:ce:53:69:b1:56:39:0f:94:38:
e8:26:17:a2:1c:bb:e9:8b:3f:25:77:7f:0e:7f:6f:
e0:df:2e:1f:b9:7e:b7:03:69:71:78:df:df:12:88:
c1:32:85:fb:52:54:ff:11:62:f3:6c:5d:b1:b5:c3:
95:93:08:d3:a0:d5:e0:1f:bc:b8:ed:a4:d6:05:51:
67:c0:a2:95:94:79:96:75:e6:cb:95:2a:53:17:b9:
ff:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:EB:AB:4A:82:29:3C:BE:5E:40:74:3C:25:77:5D:8C:46:C1:3E:FD
X509v3 Authority Key Identifier:
keyid:61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/SOurSoIpPL5eQHQ8JXddjEbBPv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/YQ-Pmfymmqc_iKUx20bSKKfiw9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.157.96.0/22
185.27.120.0/22
185.36.92.0/22
185.51.128.0/22
185.91.172.0/22
185.118.244.0/22
185.131.180.0/22
185.175.212.0/22
IPv6:
2a06:96c0::/29
Signature Algorithm: sha256WithRSAEncryption
36:43:66:0c:7a:51:44:d1:83:84:bc:6f:eb:9a:ce:3b:89:c4:
19:ad:97:11:fe:c1:77:1d:6c:e8:38:1e:f4:72:8b:bb:b0:5d:
6a:7a:81:c2:97:ff:5f:38:6e:15:b7:f1:69:ce:39:2c:d3:0c:
a6:77:da:bc:2f:9d:08:4f:72:03:36:c6:41:a2:63:56:81:a8:
ca:ce:5a:e2:c9:0e:39:95:61:52:82:27:72:78:d3:8a:65:cb:
8b:7f:73:87:60:d7:e2:b3:8e:a8:04:a9:c5:09:b7:0c:2b:8b:
90:71:6d:97:84:8b:ac:dc:f5:97:28:3b:15:72:b1:d3:46:91:
51:dd:e9:ef:a0:03:32:a9:de:db:92:78:d5:06:80:bc:af:b9:
5e:b0:83:5d:61:7e:af:9b:71:e9:57:0b:cb:01:40:18:a9:37:
a3:60:6b:91:cc:3d:a2:cd:3d:ce:c5:1a:68:04:0d:9e:f2:6f:
dd:c9:81:08:93:6c:a3:84:4e:27:f4:fb:29:e9:34:24:12:a2:
5f:f3:89:e7:9a:79:75:de:d1:28:00:92:d8:95:58:c2:21:55:
07:31:df:5d:9d:4f:f4:2a:18:c7:95:f0:c5:43:aa:d1:34:1d:
38:e2:cb:81:c6:a6:2d:64:43:36:55:78:2a:e6:21:16:26:4b:
2f:93:cc:d9
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVs+EbD4NB5hDPRBTEuU6qTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGY4Zjk5ZmNhNjlhYTczZjg4YTUzMWRiNDZkMjI4YTdl
MmMzZDMwHhcNMjMwMTAxMTA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGViYWI0YTgyMjkzY2JlNWU0MDc0M2MyNTc3NWQ4YzQ2YzEzZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHJ9UzU+4xiRuGUx11zPpKkU1rRP
DUZXMrTR/dv7v7uFn/kSg91XkxO5eeJ4wQ2ufP4kFnE6KmxLoNIRFqDDXRtCfMN/
9C5rVF/0P6WUATK2ig/Y9q/WDITAc4KfTxMmfBj2DXEPa2hixU1L93yEkiEBu73Q
oL41n8ksZNnaFOWQ8c1eslCsNzIacoMOQjkj+/T4jPJehpzIl6/7zZbXTZqKQiGp
G8PSIJ7OU2mxVjkPlDjoJheiHLvpiz8ld38Of2/g3y4fuX63A2lxeN/fEojBMoX7
UlT/EWLzbF2xtcOVkwjToNXgH7y47aTWBVFnwKKVlHmWdebLlSpTF7n/OQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEjrq0qCKTy+XkB0PCV3XYxGwT79MB8GA1UdIwQY
MBaAFGEPj5n8ppqnP4ilMdtG0iin4sPTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgt
NzlhMGE1MjhlMGE0LzEvU091clNvSXBQTDVlUUhROEpYZGRqRWJCUHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgtNzlhMGE1MjhlMGE0
LzEvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCsp1gAwQC
uRt4AwQCuSRcAwQCuTOAAwQCuVusAwQCuXb0AwQCuYO0AwQCua/UMA0EAgACMAcD
BQMqBpbAMA0GCSqGSIb3DQEBCwUAA4IBAQA2Q2YMelFE0YOEvG/rms47icQZrZcR
/sF3HWzoOB70cou7sF1qeoHCl/9fOG4Vt/Fpzjks0wymd9q8L50IT3IDNsZBomNW
gajKzlriyQ45lWFSgidyeNOKZcuLf3OHYNfis46oBKnFCbcMK4uQcW2XhIus3PWX
KDsVcrHTRpFR3envoAMyqd7bknjVBoC8r7lesINdYX6vm3HpVwvLAUAYqTejYGuR
zD2izT3OxRpoBA2e8m/dyYEIk2yjhE4n9Psp6TQkEqJf84nnmnl13tEoAJLYlVjC
IVUHMd9dnU/0KhjHlfDFQ6rRNB044suBxqYtZEM2VXgq5iEWJksvk8zZ
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:42:15 2025 by rpki-client