Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/a646af-e61d-48b6-89d2-eba988a548e7/1/s-mFDDIzF4Vl_VqZ_48lk-S81Ds.roa
File: s-mFDDIzF4Vl_VqZ_48lk-S81Ds.roa (raw, json)
Hash identifier: xABR/I1A3YEJdcPpbcPEYERzO66T93aeeZTRIAPu1ww=
Subject key identifier: B3:E9:85:0C:32:33:17:85:65:FD:5A:99:FF:8F:25:93:E4:BC:D4:3B
Certificate issuer: /CN=6460129c221f7a47812885a64838b12ee6b15ed5
Certificate serial: 0181CF060A86849D7FF583AD9049F0C632A1
Authority key identifier: 64:60:12:9C:22:1F:7A:47:81:28:85:A6:48:38:B1:2E:E6:B1:5E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGASnCIfekeBKIWmSDixLuaxXtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/a646af-e61d-48b6-89d2-eba988a548e7/1/s-mFDDIzF4Vl_VqZ_48lk-S81Ds.roa
Signing time: Tue 05 Jul 2022 15:41:28 +0000
ROA not before: Tue 05 Jul 2022 15:41:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199942
IP address blocks: 185.41.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:cf:06:0a:86:84:9d:7f:f5:83:ad:90:49:f0:c6:32:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6460129c221f7a47812885a64838b12ee6b15ed5
Validity
Not Before: Jul 5 15:41:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3e9850c3233178565fd5a99ff8f2593e4bcd43b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d1:81:dc:ab:e4:8c:5a:88:82:ca:67:a1:81:
0f:29:02:32:e9:3b:4f:26:af:bb:98:3f:05:99:14:
98:cf:ee:a9:ac:a9:5d:7d:e9:2e:0d:4d:29:8f:87:
d6:39:a4:6d:d9:28:a8:36:91:55:f2:46:3f:52:8a:
1b:8b:aa:99:49:53:32:05:06:b4:22:f8:d7:c8:0b:
07:f8:5f:9c:c1:b2:a4:b7:cf:4c:32:fc:e4:f9:68:
df:37:b7:ac:94:d8:b1:37:3a:25:e8:36:86:bf:cf:
b5:0b:2e:a1:49:9e:a9:37:a8:b5:12:04:b8:a1:7d:
f9:e5:d4:2b:e4:53:3e:a6:3d:c3:50:ee:fc:99:89:
67:18:5a:68:25:b8:0d:23:a1:7a:15:4f:97:76:75:
51:4b:fd:05:2e:84:d0:fc:15:0d:c6:22:b0:e8:8a:
ad:3f:90:a7:67:c7:f1:1a:99:54:03:8f:d7:6b:8c:
52:82:3d:54:30:0c:75:82:9e:1b:0d:fb:66:32:a0:
6c:94:f7:7a:ac:00:98:aa:8e:15:b7:8d:f7:e4:13:
4d:f3:70:2b:74:17:bd:a5:59:4b:08:2b:9f:dd:c4:
cc:1d:90:37:e0:aa:c3:62:50:83:29:0c:63:25:2f:
11:77:1e:6b:a0:c6:6f:09:d5:3b:20:d1:e2:f4:49:
3f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E9:85:0C:32:33:17:85:65:FD:5A:99:FF:8F:25:93:E4:BC:D4:3B
X509v3 Authority Key Identifier:
keyid:64:60:12:9C:22:1F:7A:47:81:28:85:A6:48:38:B1:2E:E6:B1:5E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGASnCIfekeBKIWmSDixLuaxXtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/a646af-e61d-48b6-89d2-eba988a548e7/1/s-mFDDIzF4Vl_VqZ_48lk-S81Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/a646af-e61d-48b6-89d2-eba988a548e7/1/ZGASnCIfekeBKIWmSDixLuaxXtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.236.0/22
Signature Algorithm: sha256WithRSAEncryption
88:e6:f3:75:0d:9e:7f:49:ea:3b:30:03:b1:15:a6:bd:b3:12:
94:f7:82:3f:28:2b:0e:3a:6c:1d:65:f1:05:6b:f8:ad:4a:59:
4c:74:2d:16:4c:84:45:80:36:a2:92:10:b5:4b:af:33:47:89:
79:d0:f7:c4:13:4a:48:8a:3d:27:31:0f:9b:f4:57:bf:ac:11:
42:89:56:d0:98:e9:21:67:48:10:9d:e0:8b:5f:61:a3:6a:66:
ee:b9:f2:b2:75:cd:75:b3:c3:f7:8b:66:3f:c2:8d:5a:fc:8e:
ae:55:13:3f:48:71:91:1c:f2:d5:8c:5f:b9:e3:1a:95:2e:89:
9f:77:fb:3d:38:5e:b6:32:93:99:f3:71:6f:66:12:77:00:11:
30:b7:87:48:36:c3:8b:7c:91:2b:13:79:3d:e4:13:43:73:69:
2d:d7:56:57:05:d0:01:25:9c:b3:e4:c4:25:ad:7e:03:e9:cb:
10:80:04:4e:4b:34:d1:d6:d9:9a:e4:f6:ff:e6:ac:4b:5d:e3:
35:6e:8d:ab:13:ed:07:2c:92:98:32:3a:15:c6:5b:b6:02:8e:
9a:4d:e9:d6:30:e5:fe:e7:9d:f8:99:3b:53:3f:68:cb:ff:58:
fe:03:18:00:7f:f0:06:82:1a:4d:d6:09:3a:13:be:cb:67:35:
e9:10:94:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHPBgqGhJ1/9YOtkEnwxjKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NjAxMjljMjIxZjdhNDc4MTI4ODVhNjQ4MzhiMTJlZTZi
MTVlZDUwHhcNMjIwNzA1MTU0MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2U5ODUwYzMyMzMxNzg1NjVmZDVhOTlmZjhmMjU5M2U0YmNkNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdGB3KvkjFqIgspnoYEPKQIy6TtP
Jq+7mD8FmRSYz+6prKldfekuDU0pj4fWOaRt2SioNpFV8kY/Uoobi6qZSVMyBQa0
IvjXyAsH+F+cwbKkt89MMvzk+WjfN7eslNixNzol6DaGv8+1Cy6hSZ6pN6i1EgS4
oX355dQr5FM+pj3DUO78mYlnGFpoJbgNI6F6FU+XdnVRS/0FLoTQ/BUNxiKw6Iqt
P5CnZ8fxGplUA4/Xa4xSgj1UMAx1gp4bDftmMqBslPd6rACYqo4Vt4335BNN83Ar
dBe9pVlLCCuf3cTMHZA34KrDYlCDKQxjJS8Rdx5roMZvCdU7INHi9Ek/ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPphQwyMxeFZf1amf+PJZPkvNQ7MB8GA1UdIwQY
MBaAFGRgEpwiH3pHgSiFpkg4sS7msV7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdBU25DSWZla2VCS0lXbVNEaXhMdWF4WHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hNjQ2YWYtZTYxZC00OGI2LTg5ZDIt
ZWJhOTg4YTU0OGU3LzEvcy1tRkRESXpGNFZsX1ZxWl80OGxrLVM4MURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hNjQ2YWYtZTYxZC00OGI2LTg5ZDItZWJhOTg4YTU0OGU3
LzEvWkdBU25DSWZla2VCS0lXbVNEaXhMdWF4WHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSnsMA0G
CSqGSIb3DQEBCwUAA4IBAQCI5vN1DZ5/Seo7MAOxFaa9sxKU94I/KCsOOmwdZfEF
a/itSllMdC0WTIRFgDaikhC1S68zR4l50PfEE0pIij0nMQ+b9Fe/rBFCiVbQmOkh
Z0gQneCLX2GjambuufKydc11s8P3i2Y/wo1a/I6uVRM/SHGRHPLVjF+54xqVLomf
d/s9OF62MpOZ83FvZhJ3ABEwt4dINsOLfJErE3k95BNDc2kt11ZXBdABJZyz5MQl
rX4D6csQgAROSzTR1tma5Pb/5qxLXeM1bo2rE+0HLJKYMjoVxlu2Ao6aTenWMOX+
5534mTtTP2jL/1j+AxgAf/AGghpN1gk6E77LZzXpEJTG
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:05:45 2025 by rpki-client