Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/7f3cc9-6be9-40b2-8a14-130698a5959c/1/yE15nt3YCZpGEXfcPZr8rBmnpnY.roa
File: yE15nt3YCZpGEXfcPZr8rBmnpnY.roa (raw, json)
Hash identifier: nW2i0AO06E2YX9VxKODRikapqETZ1bSSTBGaqD+8K74=
Subject key identifier: C8:4D:79:9E:DD:D8:09:9A:46:11:77:DC:3D:9A:FC:AC:19:A7:A6:76
Certificate issuer: /CN=01ec50cb33ae1860d4cc5fb67e43d39304224b4f
Certificate serial: 0185728C89AC814635184125CDF8C48E4B3E
Authority key identifier: 01:EC:50:CB:33:AE:18:60:D4:CC:5F:B6:7E:43:D3:93:04:22:4B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AexQyzOuGGDUzF-2fkPTkwQiS08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/7f3cc9-6be9-40b2-8a14-130698a5959c/1/yE15nt3YCZpGEXfcPZr8rBmnpnY.roa
Signing time: Mon 02 Jan 2023 12:54:50 +0000
ROA not before: Mon 02 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49436
IP address blocks: 185.248.190.0/24 maxlen: 24
185.248.191.0/24 maxlen: 24
185.248.188.0/23 maxlen: 23
2a0e:1b01::/32 maxlen: 32
2a0e:1b07::/32 maxlen: 32
2a0e:1b00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:89:ac:81:46:35:18:41:25:cd:f8:c4:8e:4b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01ec50cb33ae1860d4cc5fb67e43d39304224b4f
Validity
Not Before: Jan 2 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c84d799eddd8099a461177dc3d9afcac19a7a676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ea:58:fb:e4:0b:c7:c3:be:2a:b6:54:49:fe:
65:29:08:7b:cd:77:23:60:4c:f6:9f:1a:9b:3a:76:
ef:c5:4e:d6:85:81:af:e5:67:66:05:f6:01:ea:59:
7f:33:ca:fe:fc:f8:5b:ed:e8:85:e6:eb:48:fe:71:
2b:fc:6c:7d:39:f6:e0:1e:98:9d:f7:02:77:ab:26:
fd:50:b7:03:46:6e:aa:bc:dc:30:f3:10:53:0b:f9:
93:4e:8f:a3:17:3e:c4:20:5c:97:c4:27:34:52:d8:
48:8d:15:24:fc:fa:87:64:66:74:cc:9d:9e:e6:85:
e2:ee:10:6d:5c:7a:46:64:42:50:75:e9:fa:f5:fe:
f3:c5:06:60:55:48:80:97:d1:e3:e5:6a:19:77:f6:
b5:cb:d2:ac:e7:81:9a:d7:d8:d8:56:36:5a:5f:49:
0e:f5:ad:92:6d:57:44:a3:d8:43:a7:28:6f:cf:06:
82:bd:5e:bf:d0:12:3c:61:0b:d5:38:f1:a0:a0:4d:
6d:2d:3d:e9:24:ff:47:3d:a2:6f:4b:5b:5d:6a:b3:
e1:3e:ee:be:66:6e:3d:f1:1f:a0:b4:ce:b8:ee:27:
5b:9b:a9:0b:36:67:c9:fb:61:f9:3c:7f:9a:7c:0b:
be:44:26:4b:ae:55:01:0d:eb:48:d3:e0:f2:4b:dc:
81:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4D:79:9E:DD:D8:09:9A:46:11:77:DC:3D:9A:FC:AC:19:A7:A6:76
X509v3 Authority Key Identifier:
keyid:01:EC:50:CB:33:AE:18:60:D4:CC:5F:B6:7E:43:D3:93:04:22:4B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AexQyzOuGGDUzF-2fkPTkwQiS08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/7f3cc9-6be9-40b2-8a14-130698a5959c/1/yE15nt3YCZpGEXfcPZr8rBmnpnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/7f3cc9-6be9-40b2-8a14-130698a5959c/1/AexQyzOuGGDUzF-2fkPTkwQiS08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.188.0/22
IPv6:
2a0e:1b00::/31
2a0e:1b07::/32
Signature Algorithm: sha256WithRSAEncryption
52:49:63:7e:53:a4:c7:76:be:f6:66:de:bd:38:9c:4d:00:ac:
db:df:10:e4:87:13:c8:f4:1b:09:72:31:d3:a5:f9:92:9e:73:
17:87:74:4e:a7:6b:3f:76:4c:f6:b5:91:33:b1:03:16:e0:07:
13:ce:1d:91:28:88:5c:e8:9d:fb:77:9a:5d:4d:d8:66:eb:45:
32:8f:fb:69:9e:43:68:11:57:31:e6:0f:50:44:08:92:e0:0a:
55:5b:ae:6f:e6:0d:27:82:dd:5b:a7:44:85:b7:fb:28:23:81:
b9:ad:18:04:e7:4e:5a:1f:e1:21:e6:aa:df:a9:c8:3e:0b:1d:
c7:66:63:f2:63:4c:c2:76:79:58:93:b9:79:a4:b2:7e:51:ed:
df:44:dc:cb:a7:29:86:40:d4:18:62:86:d4:ac:b5:08:36:95:
b3:7c:a1:17:34:0d:29:d0:26:8d:ac:ee:96:1f:ed:c6:57:1c:
86:7d:54:00:dc:85:25:ff:65:3d:b3:c5:28:2e:d3:1a:ad:fe:
2d:1b:8a:37:0e:b8:de:c2:f7:46:d8:10:76:eb:80:78:35:d6:
fa:e2:23:83:57:e2:72:ba:0b:fa:84:e5:a6:9d:3b:ea:12:3a:
3f:d8:1c:b9:ac:dd:f6:1a:64:c6:d5:fc:21:cd:8a:f0:73:47:
d8:32:25:2c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVyjImsgUY1GEElzfjEjks+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZWM1MGNiMzNhZTE4NjBkNGNjNWZiNjdlNDNkMzkzMDQy
MjRiNGYwHhcNMjMwMTAyMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODRkNzk5ZWRkZDgwOTlhNDYxMTc3ZGMzZDlhZmNhYzE5YTdhNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOpY++QLx8O+KrZUSf5lKQh7zXcj
YEz2nxqbOnbvxU7WhYGv5WdmBfYB6ll/M8r+/Phb7eiF5utI/nEr/Gx9OfbgHpid
9wJ3qyb9ULcDRm6qvNww8xBTC/mTTo+jFz7EIFyXxCc0UthIjRUk/PqHZGZ0zJ2e
5oXi7hBtXHpGZEJQden69f7zxQZgVUiAl9Hj5WoZd/a1y9Ks54Ga19jYVjZaX0kO
9a2SbVdEo9hDpyhvzwaCvV6/0BI8YQvVOPGgoE1tLT3pJP9HPaJvS1tdarPhPu6+
Zm498R+gtM647idbm6kLNmfJ+2H5PH+afAu+RCZLrlUBDetI0+DyS9yBBwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMhNeZ7d2AmaRhF33D2a/KwZp6Z2MB8GA1UdIwQY
MBaAFAHsUMszrhhg1Mxftn5D05MEIktPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWV4UXl6T3VHR0RVekYtMmZrUFRrd1FpUzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi83ZjNjYzktNmJlOS00MGIyLThhMTQt
MTMwNjk4YTU5NTljLzEveUUxNW50M1lDWnBHRVhmY1BacjhyQm1ucG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi83ZjNjYzktNmJlOS00MGIyLThhMTQtMTMwNjk4YTU5NTlj
LzEvQWV4UXl6T3VHR0RVekYtMmZrUFRrd1FpUzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCufi8MBQE
AgACMA4DBQEqDhsAAwUAKg4bBzANBgkqhkiG9w0BAQsFAAOCAQEAUkljflOkx3a+
9mbevTicTQCs298Q5IcTyPQbCXIx06X5kp5zF4d0TqdrP3ZM9rWRM7EDFuAHE84d
kSiIXOid+3eaXU3YZutFMo/7aZ5DaBFXMeYPUEQIkuAKVVuub+YNJ4LdW6dEhbf7
KCOBua0YBOdOWh/hIeaq36nIPgsdx2Zj8mNMwnZ5WJO5eaSyflHt30Tcy6cphkDU
GGKG1Ky1CDaVs3yhFzQNKdAmjazulh/txlcchn1UANyFJf9lPbPFKC7TGq3+LRuK
Nw643sL3RtgQduuAeDXW+uIjg1ficroL+oTlpp076hI6P9gcuazd9hpkxtX8Ic2K
8HNH2DIlLA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:58 2025 by rpki-client