Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/24875c-f159-464f-a8a7-1119b7fedfec/1/ON1LvA1nGN1NoB586ZBcA4Duh_8.roa
File: ON1LvA1nGN1NoB586ZBcA4Duh_8.roa (raw, json)
Hash identifier: BFBCXeylImoX0WypdVUkd+Wtlr9DQ3rH+O8kIJTaUeA=
Subject key identifier: 38:DD:4B:BC:0D:67:18:DD:4D:A0:1E:7C:E9:90:5C:03:80:EE:87:FF
Certificate issuer: /CN=f12b1b68ea1093bcee78d07192e6d8c3f70302cf
Certificate serial: 01856F6FF4B5FA4339852EFE65DDA569C95C
Authority key identifier: F1:2B:1B:68:EA:10:93:BC:EE:78:D0:71:92:E6:D8:C3:F7:03:02:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8SsbaOoQk7zueNBxkubYw_cDAs8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/24875c-f159-464f-a8a7-1119b7fedfec/1/ON1LvA1nGN1NoB586ZBcA4Duh_8.roa
Signing time: Sun 01 Jan 2023 22:24:46 +0000
ROA not before: Sun 01 Jan 2023 22:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42913
IP address blocks: 185.193.148.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:f4:b5:fa:43:39:85:2e:fe:65:dd:a5:69:c9:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f12b1b68ea1093bcee78d07192e6d8c3f70302cf
Validity
Not Before: Jan 1 22:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38dd4bbc0d6718dd4da01e7ce9905c0380ee87ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d7:3c:27:f3:88:4f:44:15:a3:62:25:7a:7e:
e6:20:2c:25:c3:09:1a:c9:2c:c7:fe:56:17:d3:8c:
7a:69:aa:40:d9:3f:9f:e1:bd:4b:45:d5:7a:b2:f6:
cc:95:ca:e4:05:8b:18:38:08:15:13:49:7d:38:44:
33:ac:7a:3a:0c:0b:a1:c6:ae:60:be:ec:25:9c:58:
16:a0:4e:8f:f0:a1:a4:f3:4d:5a:54:ac:c7:d4:01:
8b:2f:c2:76:f3:ec:7a:81:14:78:0a:a4:e2:bf:34:
bf:53:42:92:47:df:99:01:5f:43:5e:a1:5e:26:ec:
6e:c4:5c:aa:b5:0e:f4:00:a0:be:c1:05:d4:c4:5e:
3f:95:c2:ca:71:da:a1:1d:4d:18:90:72:c1:b8:66:
75:cf:00:34:89:8f:83:b0:19:86:5e:47:aa:c7:e8:
59:aa:53:bb:9b:59:bc:33:2b:6c:8e:0d:36:64:bf:
89:8c:fd:a1:62:c8:9e:a6:f4:3f:76:a2:bc:e3:8d:
25:db:87:ce:5f:a4:5b:24:af:f5:e2:c0:b5:61:dc:
e7:7d:65:25:85:ad:bd:c9:26:f2:1d:7f:b0:9f:69:
bc:c5:f9:49:97:58:4f:4e:65:a9:06:a8:6b:9e:b2:
c2:a4:97:af:e1:85:f1:00:66:08:02:73:d9:1b:5b:
b3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DD:4B:BC:0D:67:18:DD:4D:A0:1E:7C:E9:90:5C:03:80:EE:87:FF
X509v3 Authority Key Identifier:
keyid:F1:2B:1B:68:EA:10:93:BC:EE:78:D0:71:92:E6:D8:C3:F7:03:02:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8SsbaOoQk7zueNBxkubYw_cDAs8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/24875c-f159-464f-a8a7-1119b7fedfec/1/ON1LvA1nGN1NoB586ZBcA4Duh_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/24875c-f159-464f-a8a7-1119b7fedfec/1/8SsbaOoQk7zueNBxkubYw_cDAs8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.148.0/22
Signature Algorithm: sha256WithRSAEncryption
11:17:77:47:53:ae:a9:22:71:77:c6:5e:99:10:14:17:e8:36:
5e:23:60:b4:ef:df:fe:7d:73:0e:61:f1:1f:d2:3e:2a:36:22:
2a:28:59:cb:a1:3b:17:65:43:68:a3:d9:a8:c3:fb:bc:81:e1:
51:25:88:e7:a8:b1:14:dd:9a:25:74:fd:1d:b6:3a:42:1c:c6:
35:28:cd:eb:10:bd:c4:db:0f:ec:d9:10:e9:95:6d:45:76:5b:
cc:93:1a:fb:7b:00:45:42:ee:63:be:8d:0b:ab:5f:4e:0b:8f:
3c:62:a4:af:53:2e:d6:35:e1:98:ec:4a:79:65:a5:bb:a0:36:
5b:60:6e:4c:d8:ee:44:15:16:b0:e5:b0:49:98:3d:7f:42:14:
40:96:d3:60:ed:76:a6:7e:12:96:6a:1b:39:ef:0a:69:12:61:
09:f6:54:ff:d3:89:f0:31:73:a4:02:d1:b3:c3:36:8d:f8:b0:
5a:23:0e:83:20:b7:00:15:00:c6:cd:19:07:5d:95:68:82:a1:
f1:89:c1:4c:b1:2d:55:7a:fd:cb:a2:ab:70:bd:7e:70:e2:df:
04:7d:ce:8f:b1:14:5c:cd:26:ff:ae:15:87:cf:79:3f:ec:d7:
1c:63:60:29:49:16:ec:5a:6f:b2:18:58:be:b5:12:67:cf:52:
5f:74:58:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvb/S1+kM5hS7+Zd2laclcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMmIxYjY4ZWExMDkzYmNlZTc4ZDA3MTkyZTZkOGMzZjcw
MzAyY2YwHhcNMjMwMTAxMjIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGRkNGJiYzBkNjcxOGRkNGRhMDFlN2NlOTkwNWMwMzgwZWU4N2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9c8J/OIT0QVo2Ilen7mICwlwwka
ySzH/lYX04x6aapA2T+f4b1LRdV6svbMlcrkBYsYOAgVE0l9OEQzrHo6DAuhxq5g
vuwlnFgWoE6P8KGk801aVKzH1AGLL8J28+x6gRR4CqTivzS/U0KSR9+ZAV9DXqFe
JuxuxFyqtQ70AKC+wQXUxF4/lcLKcdqhHU0YkHLBuGZ1zwA0iY+DsBmGXkeqx+hZ
qlO7m1m8Mytsjg02ZL+JjP2hYsiepvQ/dqK8440l24fOX6RbJK/14sC1YdznfWUl
ha29ySbyHX+wn2m8xflJl1hPTmWpBqhrnrLCpJev4YXxAGYIAnPZG1uzwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjdS7wNZxjdTaAefOmQXAOA7of/MB8GA1UdIwQY
MBaAFPErG2jqEJO87njQcZLm2MP3AwLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFNzYmFPb1FrN3p1ZU5CeGt1Yll3X2NEQXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yNDg3NWMtZjE1OS00NjRmLWE4YTct
MTExOWI3ZmVkZmVjLzEvT04xTHZBMW5HTjFOb0I1ODZaQmNBNER1aF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yNDg3NWMtZjE1OS00NjRmLWE4YTctMTExOWI3ZmVkZmVj
LzEvOFNzYmFPb1FrN3p1ZU5CeGt1Yll3X2NEQXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucGUMA0G
CSqGSIb3DQEBCwUAA4IBAQARF3dHU66pInF3xl6ZEBQX6DZeI2C079/+fXMOYfEf
0j4qNiIqKFnLoTsXZUNoo9mow/u8geFRJYjnqLEU3ZoldP0dtjpCHMY1KM3rEL3E
2w/s2RDplW1FdlvMkxr7ewBFQu5jvo0Lq19OC488YqSvUy7WNeGY7Ep5ZaW7oDZb
YG5M2O5EFRaw5bBJmD1/QhRAltNg7XamfhKWahs57wppEmEJ9lT/04nwMXOkAtGz
wzaN+LBaIw6DILcAFQDGzRkHXZVogqHxicFMsS1Vev3LoqtwvX5w4t8Efc6PsRRc
zSb/rhWHz3k/7NccY2ApSRbsWm+yGFi+tRJnz1JfdFiM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:07 2025 by rpki-client