Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/SM-m3hQrVNHCCz81uIGTUYi-BAQ.roa
File: SM-m3hQrVNHCCz81uIGTUYi-BAQ.roa (raw, json)
Hash identifier: pBzWxHdaqnx0x7mexyHeEz0BYQB+GaWT9qjjzX0yWcs=
Subject key identifier: 48:CF:A6:DE:14:2B:54:D1:C2:0B:3F:35:B8:81:93:51:88:BE:04:04
Certificate issuer: /CN=49240b59bbf6906a555e1074c5ae73ec62dffc5f
Certificate serial: 01856B8A416EF4606BF9DE424975730AF633
Authority key identifier: 49:24:0B:59:BB:F6:90:6A:55:5E:10:74:C5:AE:73:EC:62:DF:FC:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSQLWbv2kGpVXhB0xa5z7GLf_F8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/SM-m3hQrVNHCCz81uIGTUYi-BAQ.roa
Signing time: Sun 01 Jan 2023 04:15:00 +0000
ROA not before: Sun 01 Jan 2023 04:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59708
IP address blocks: 185.4.107.0/24 maxlen: 24
185.4.106.0/24 maxlen: 24
185.4.104.0/22 maxlen: 24
185.4.104.0/24 maxlen: 24
185.4.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:41:6e:f4:60:6b:f9:de:42:49:75:73:0a:f6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49240b59bbf6906a555e1074c5ae73ec62dffc5f
Validity
Not Before: Jan 1 04:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48cfa6de142b54d1c20b3f35b881935188be0404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0f:8d:3f:4a:5a:ef:ef:f3:8d:27:36:0a:4b:
ef:f4:77:b8:f3:e9:f0:18:41:b3:99:31:6e:af:6a:
8d:81:cc:bb:d6:42:48:57:40:a0:d2:ee:4e:ae:b5:
ac:11:69:c9:ec:b4:0f:fb:53:bc:90:fd:0f:d8:cf:
19:a2:80:ae:ca:71:f2:d6:c8:db:da:e8:83:58:da:
e3:66:65:2e:15:6b:64:e8:8e:70:17:55:1f:f5:d6:
21:c3:5b:17:13:bc:12:bb:4f:31:b8:ae:a2:48:66:
9f:af:9a:88:06:a0:b1:8c:cb:95:de:88:30:2d:34:
1e:52:62:f5:c6:08:a2:a2:82:a8:67:07:d6:81:bd:
1e:af:a4:64:ff:00:e3:ae:40:d5:2a:74:27:3f:6c:
65:21:dd:b9:3f:b2:1b:11:cf:d4:94:db:50:88:9b:
f8:d4:a1:26:07:dc:98:e1:7d:7b:09:c0:cd:8f:36:
58:11:b5:c8:71:38:76:9c:dc:0f:60:7d:b4:39:15:
b3:fa:af:e7:ca:c1:2f:bf:44:e0:1c:e1:dc:61:5b:
ad:88:c6:53:03:51:31:ba:19:87:c6:1a:ce:88:a5:
4c:80:39:74:6d:c2:8d:fa:41:38:5c:c8:9a:7b:df:
d3:e3:32:a3:e6:0b:f5:50:8b:b1:d6:73:72:99:64:
96:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:CF:A6:DE:14:2B:54:D1:C2:0B:3F:35:B8:81:93:51:88:BE:04:04
X509v3 Authority Key Identifier:
keyid:49:24:0B:59:BB:F6:90:6A:55:5E:10:74:C5:AE:73:EC:62:DF:FC:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSQLWbv2kGpVXhB0xa5z7GLf_F8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/SM-m3hQrVNHCCz81uIGTUYi-BAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/SSQLWbv2kGpVXhB0xa5z7GLf_F8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.104.0/22
Signature Algorithm: sha256WithRSAEncryption
11:56:97:9c:8a:41:92:ba:b0:6d:96:5b:23:0c:7f:30:06:e4:
22:8e:58:48:62:b0:f0:16:97:bb:6e:9a:e0:30:3f:c5:3d:3a:
e0:ff:8e:dc:27:d8:17:fa:f2:67:4c:dc:1e:0d:eb:43:f3:d9:
8f:d4:58:58:d6:5f:94:2c:b2:7e:b6:ae:9f:33:03:fd:c5:2c:
1c:5a:30:cc:02:7d:76:f5:d5:ff:d8:88:03:4d:65:04:97:1d:
56:5b:d5:51:dc:31:c9:6a:b0:f0:c6:f4:47:83:84:2e:da:d7:
0d:10:dd:42:82:28:45:fc:ed:18:1f:7d:3f:cb:61:87:cd:20:
52:97:18:a0:28:13:b7:fb:22:fb:79:ea:7d:aa:55:49:21:81:
db:1c:00:d5:1a:13:c8:01:15:45:22:36:37:dc:c7:d1:8f:60:
d1:aa:58:bc:90:25:f3:01:d4:e7:01:9c:7e:92:bd:5b:44:fb:
38:ec:ea:1a:b8:cf:38:c8:39:cd:7c:57:ea:03:9e:3e:11:43:
eb:81:c0:5f:15:4c:95:56:d2:90:99:ac:cf:72:32:f3:a8:6d:
54:f0:94:20:2f:c1:6f:bc:07:06:df:d5:74:0d:cf:f0:bc:d4:
52:fb:06:75:b5:06:c2:59:65:34:da:c4:69:62:a7:bd:f6:e3:
ec:35:ed:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrikFu9GBr+d5CSXVzCvYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjQwYjU5YmJmNjkwNmE1NTVlMTA3NGM1YWU3M2VjNjJk
ZmZjNWYwHhcNMjMwMTAxMDQxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGNmYTZkZTE0MmI1NGQxYzIwYjNmMzViODgxOTM1MTg4YmUwNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ+NP0pa7+/zjSc2Ckvv9He48+nw
GEGzmTFur2qNgcy71kJIV0Cg0u5OrrWsEWnJ7LQP+1O8kP0P2M8ZooCuynHy1sjb
2uiDWNrjZmUuFWtk6I5wF1Uf9dYhw1sXE7wSu08xuK6iSGafr5qIBqCxjMuV3ogw
LTQeUmL1xgiiooKoZwfWgb0er6Rk/wDjrkDVKnQnP2xlId25P7IbEc/UlNtQiJv4
1KEmB9yY4X17CcDNjzZYEbXIcTh2nNwPYH20ORWz+q/nysEvv0TgHOHcYVutiMZT
A1ExuhmHxhrOiKVMgDl0bcKN+kE4XMiae9/T4zKj5gv1UIux1nNymWSWBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEjPpt4UK1TRwgs/NbiBk1GIvgQEMB8GA1UdIwQY
MBaAFEkkC1m79pBqVV4QdMWuc+xi3/xfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NRTFdidjJrR3BWWGhCMHhhNXo3R0xmX0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yMjZiZTgtYzdiNy00N2YwLWIwZDUt
ZDE0YWYyY2I4ZmRlLzEvU00tbTNoUXJWTkhDQ3o4MXVJR1RVWWktQkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yMjZiZTgtYzdiNy00N2YwLWIwZDUtZDE0YWYyY2I4ZmRl
LzEvU1NRTFdidjJrR3BWWGhCMHhhNXo3R0xmX0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQRoMA0G
CSqGSIb3DQEBCwUAA4IBAQARVpecikGSurBtllsjDH8wBuQijlhIYrDwFpe7bprg
MD/FPTrg/47cJ9gX+vJnTNweDetD89mP1FhY1l+ULLJ+tq6fMwP9xSwcWjDMAn12
9dX/2IgDTWUElx1WW9VR3DHJarDwxvRHg4Qu2tcNEN1CgihF/O0YH30/y2GHzSBS
lxigKBO3+yL7eep9qlVJIYHbHADVGhPIARVFIjY33MfRj2DRqli8kCXzAdTnAZx+
kr1bRPs47OoauM84yDnNfFfqA54+EUPrgcBfFUyVVtKQmazPcjLzqG1U8JQgL8Fv
vAcG39V0Dc/wvNRS+wZ1tQbCWWU02sRpYqe99uPsNe0l
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:58 2025 by rpki-client