Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/7f3cc9-6be9-40b2-8a14-130698a5959c/1/c4kz4ckjV7BfZhFzgPNtFjwI-Ok.roa
File: c4kz4ckjV7BfZhFzgPNtFjwI-Ok.roa (raw, json)
Hash identifier: 0wQiHgVWVyRS+4arH+XQSXzqBe0SOKLIo2m/5FltA8k=
Subject key identifier: 73:89:33:E1:C9:23:57:B0:5F:66:11:73:80:F3:6D:16:3C:08:F8:E9
Certificate issuer: /CN=01ec50cb33ae1860d4cc5fb67e43d39304224b4f
Certificate serial: 0AF39417
Authority key identifier: 01:EC:50:CB:33:AE:18:60:D4:CC:5F:B6:7E:43:D3:93:04:22:4B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AexQyzOuGGDUzF-2fkPTkwQiS08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/7f3cc9-6be9-40b2-8a14-130698a5959c/1/c4kz4ckjV7BfZhFzgPNtFjwI-Ok.roa
Signing time: Wed 12 Jan 2022 13:59:31 +0000
ROA not before: Wed 12 Jan 2022 13:59:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49436
IP address blocks: 185.248.190.0/24 maxlen: 24
185.248.191.0/24 maxlen: 24
185.248.188.0/23 maxlen: 23
2a0e:1b01::/32 maxlen: 32
2a0e:1b07::/32 maxlen: 32
2a0e:1b00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183735319 (0xaf39417)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01ec50cb33ae1860d4cc5fb67e43d39304224b4f
Validity
Not Before: Jan 12 13:59:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=738933e1c92357b05f66117380f36d163c08f8e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6f:c4:1a:b8:84:68:1e:0b:9d:dd:a0:16:4f:
11:ff:cf:09:41:32:32:a1:98:5e:50:65:84:0d:1d:
11:8b:fa:1c:07:bb:56:ea:92:24:3d:7a:34:77:53:
ff:3e:59:2f:3f:99:81:c5:80:bc:43:d5:70:df:b9:
ac:9f:08:47:36:bb:42:f3:60:87:ab:0a:54:7b:63:
72:c6:fb:cb:38:a8:01:ad:eb:54:08:d6:77:d1:38:
60:b3:fb:73:42:cc:0a:5a:90:c3:e2:0e:1e:d6:9f:
f9:5a:d8:54:1c:93:1b:b4:dd:d9:8e:ee:68:12:8c:
dc:5b:b6:e7:6e:7d:05:e0:c5:93:b0:a7:c6:6f:66:
68:87:0c:be:52:6b:65:db:32:db:0f:17:19:4b:4e:
04:cb:e7:8c:22:74:4e:70:68:09:2c:6d:bc:8d:b3:
e9:bd:32:41:9a:d2:dd:c6:87:2b:e6:5a:bf:7c:70:
9e:9b:6d:d1:18:65:e3:d1:de:93:91:69:2b:55:52:
46:1e:ec:af:66:21:2b:18:dd:ed:53:99:5f:27:e9:
e4:23:91:41:15:ec:1f:d6:05:66:95:af:74:13:ad:
b2:9c:8f:1e:90:a1:e0:4f:24:9c:f1:d8:2d:6a:ac:
29:56:20:87:17:5a:8e:6d:a1:a1:47:d9:86:0e:04:
58:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:89:33:E1:C9:23:57:B0:5F:66:11:73:80:F3:6D:16:3C:08:F8:E9
X509v3 Authority Key Identifier:
keyid:01:EC:50:CB:33:AE:18:60:D4:CC:5F:B6:7E:43:D3:93:04:22:4B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AexQyzOuGGDUzF-2fkPTkwQiS08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/7f3cc9-6be9-40b2-8a14-130698a5959c/1/c4kz4ckjV7BfZhFzgPNtFjwI-Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/7f3cc9-6be9-40b2-8a14-130698a5959c/1/AexQyzOuGGDUzF-2fkPTkwQiS08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.188.0/22
IPv6:
2a0e:1b00::/31
2a0e:1b07::/32
Signature Algorithm: sha256WithRSAEncryption
4c:51:21:fe:4a:63:cd:b1:03:15:8a:e1:89:0b:aa:46:9a:0d:
e7:bd:46:3d:c4:be:49:23:b5:78:f8:41:cf:ad:e9:82:5c:60:
83:6d:12:78:fb:59:da:e6:03:a6:17:80:1a:16:66:0f:1f:90:
f9:e7:11:1b:4c:1e:5a:75:b1:78:c5:19:cc:88:91:8a:8d:2c:
f8:f6:51:fd:87:61:b3:d7:27:b9:cc:cf:fd:c6:fa:c0:17:7b:
58:12:83:70:d2:99:91:d9:e4:1a:93:ad:75:a7:5e:d0:91:2b:
fb:ab:c6:f3:47:12:16:1e:70:7a:f5:f1:b2:f0:0d:0f:7f:04:
0d:08:49:9d:aa:09:f2:2f:46:61:82:ca:56:b3:6b:fa:d6:30:
af:5e:11:3f:f2:86:3c:18:0d:fc:b7:2c:d9:70:d4:2e:5c:bd:
08:5d:37:e9:8d:3f:8f:6b:53:21:05:7e:49:2c:55:77:a7:61:
f8:78:85:fc:01:04:ff:da:de:27:47:da:68:50:45:4c:4c:9e:
51:98:55:69:5b:50:af:9d:5f:21:09:c0:41:a3:66:e0:ab:55:
4b:46:ff:d3:d3:ae:21:ed:e1:2c:ad:ef:f0:7e:d5:cc:34:59:
3d:d6:00:c7:af:6d:c3:c0:cc:6b:b4:ce:01:0b:90:2e:0e:ca:
58:b6:9e:07
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECvOUFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWVjNTBjYjMzYWUxODYwZDRjYzVmYjY3ZTQzZDM5MzA0MjI0YjRmMB4XDTIyMDEx
MjEzNTkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzM4OTMzZTFjOTIz
NTdiMDVmNjYxMTczODBmMzZkMTYzYzA4ZjhlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJvxBq4hGgeC53doBZPEf/PCUEyMqGYXlBlhA0dEYv6HAe7
VuqSJD16NHdT/z5ZLz+ZgcWAvEPVcN+5rJ8IRza7QvNgh6sKVHtjcsb7yzioAa3r
VAjWd9E4YLP7c0LMClqQw+IOHtaf+VrYVByTG7Td2Y7uaBKM3Fu25259BeDFk7Cn
xm9maIcMvlJrZdsy2w8XGUtOBMvnjCJ0TnBoCSxtvI2z6b0yQZrS3caHK+Zav3xw
nptt0Rhl49Hek5FpK1VSRh7sr2YhKxjd7VOZXyfp5CORQRXsH9YFZpWvdBOtspyP
HpCh4E8knPHYLWqsKVYghxdajm2hoUfZhg4EWO8CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRziTPhySNXsF9mEXOA820WPAj46TAfBgNVHSMEGDAWgBQB7FDLM64YYNTM
X7Z+Q9OTBCJLTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FleFF5ek91R0dEVXpGLTJma1BUa3dRaVMwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvN2YzY2M5LTZiZTktNDBiMi04YTE0LTEzMDY5OGE1OTU5Yy8x
L2M0a3o0Y2tqVjdCZlpoRnpnUE50Rmp3SS1Pay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
N2YzY2M5LTZiZTktNDBiMi04YTE0LTEzMDY5OGE1OTU5Yy8xL0FleFF5ek91R0dE
VXpGLTJma1BUa3dRaVMwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEArn4vDAUBAIAAjAOAwUBKg4bAAMF
ACoOGwcwDQYJKoZIhvcNAQELBQADggEBAExRIf5KY82xAxWK4YkLqkaaDee9Rj3E
vkkjtXj4Qc+t6YJcYINtEnj7WdrmA6YXgBoWZg8fkPnnERtMHlp1sXjFGcyIkYqN
LPj2Uf2HYbPXJ7nMz/3G+sAXe1gSg3DSmZHZ5BqTrXWnXtCRK/urxvNHEhYecHr1
8bLwDQ9/BA0ISZ2qCfIvRmGCylaza/rWMK9eET/yhjwYDfy3LNlw1C5cvQhdN+mN
P49rUyEFfkksVXenYfh4hfwBBP/a3idH2mhQRUxMnlGYVWlbUK+dXyEJwEGjZuCr
VUtG/9PTriHt4Syt7/B+1cw0WT3WAMevbcPAzGu0zgELkC4Oyli2ngc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:49:59 2025 by rpki-client