Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/x90K1k-_v_U1AMpPwDZ7uFRPC78.roa
File: x90K1k-_v_U1AMpPwDZ7uFRPC78.roa (raw, json)
Hash identifier: JwdN3pNS8WzeRdzuuiY/lYSuqrfdbVfd+Y787r4/jeY=
Subject key identifier: C7:DD:0A:D6:4F:BF:BF:F5:35:00:CA:4F:C0:36:7B:B8:54:4F:0B:BF
Certificate issuer: /CN=344fdad10ee55b3282a64246a41dc61a8922d25d
Certificate serial: 01856DEF7856BDE88DD998C136FAB3EC25C4
Authority key identifier: 34:4F:DA:D1:0E:E5:5B:32:82:A6:42:46:A4:1D:C6:1A:89:22:D2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/x90K1k-_v_U1AMpPwDZ7uFRPC78.roa
Signing time: Sun 01 Jan 2023 15:24:48 +0000
ROA not before: Sun 01 Jan 2023 15:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 185.145.184.0/22 maxlen: 22
185.186.50.0/24 maxlen: 24
185.186.51.0/24 maxlen: 24
185.186.48.0/24 maxlen: 24
185.186.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:78:56:bd:e8:8d:d9:98:c1:36:fa:b3:ec:25:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=344fdad10ee55b3282a64246a41dc61a8922d25d
Validity
Not Before: Jan 1 15:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7dd0ad64fbfbff53500ca4fc0367bb8544f0bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:fd:dc:ad:2f:0c:25:df:15:f1:60:a9:c1:
d1:1d:7a:de:40:3e:23:94:72:12:b9:3c:e7:d4:42:
71:71:82:dd:b4:89:8c:c4:40:f4:ab:42:bb:fa:6b:
61:db:80:29:5d:d3:c2:63:a5:df:2b:f2:30:25:52:
5c:1d:bc:9d:66:f2:2d:a8:35:a0:60:1e:37:80:39:
eb:a9:45:c8:48:ad:12:66:d5:d1:08:be:f7:2f:fd:
4e:33:7e:e4:af:bf:c2:2a:ef:26:8d:8e:21:bf:dd:
ad:a2:70:99:6c:bf:d9:30:7a:c7:b4:ad:be:4f:f1:
bc:39:15:ab:81:f3:1c:83:25:8d:a8:70:09:3a:5a:
2c:6c:a3:0c:32:d9:b2:5b:1d:05:5b:20:0b:3c:fc:
85:40:c3:06:d2:76:ff:3a:8a:40:58:68:a2:4f:dd:
1d:15:0a:b0:9d:4e:3d:1e:dc:84:2a:53:15:ef:9e:
ee:b7:c1:e2:ee:27:ae:08:18:10:6f:4b:6f:73:87:
74:b6:3b:2f:87:52:61:20:f7:0d:e1:75:8f:85:d5:
34:dd:73:f5:f2:2f:3a:d0:ca:37:eb:43:18:de:5b:
b7:1d:fd:bb:91:c9:66:fc:4b:da:54:1e:99:78:e6:
41:af:f5:f4:1b:d9:59:c4:c6:60:52:5b:87:7a:45:
04:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DD:0A:D6:4F:BF:BF:F5:35:00:CA:4F:C0:36:7B:B8:54:4F:0B:BF
X509v3 Authority Key Identifier:
keyid:34:4F:DA:D1:0E:E5:5B:32:82:A6:42:46:A4:1D:C6:1A:89:22:D2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/x90K1k-_v_U1AMpPwDZ7uFRPC78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/NE_a0Q7lWzKCpkJGpB3GGoki0l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.184.0/22
185.186.48.0/22
Signature Algorithm: sha256WithRSAEncryption
10:f9:7a:7b:fa:a2:54:3f:4a:c3:42:ef:55:d2:f0:f3:9f:4f:
0b:84:f7:2d:c9:a8:2b:5c:2b:46:1e:4e:91:bf:1c:87:0b:5c:
aa:c9:08:9e:81:be:a4:4d:9e:88:68:2e:99:81:97:d0:57:3b:
2e:7a:f3:c4:12:cf:9a:69:b6:db:aa:e8:b3:a2:3b:59:e1:32:
f3:4e:5e:f2:3b:8b:ce:84:e0:8f:71:d8:46:34:1c:cf:fb:ef:
78:30:20:c6:c3:e2:6b:88:2b:b4:9c:6e:5e:50:4e:f2:5a:d1:
51:9c:df:aa:ef:fe:bb:39:be:b4:c6:5f:08:d3:f2:a5:dc:91:
e7:2d:ee:90:e2:52:d8:3c:07:b8:22:8a:99:f4:f4:52:2e:a0:
4c:af:c1:3c:7d:6a:c8:52:fd:29:a8:74:b8:5c:cf:fb:7a:86:
97:19:40:04:a7:1b:8a:fe:62:b1:f9:95:b6:5a:7c:6f:00:43:
25:d8:04:41:8a:b8:06:98:64:5f:9c:27:fc:53:c1:34:f3:b8:
d2:39:25:84:21:e9:93:09:fe:ee:a1:b0:f1:e7:50:20:50:d3:
d0:49:58:a0:c6:ea:40:47:7c:3d:b2:c4:4e:84:8c:3e:d9:0e:
c8:f7:d7:f6:14:81:a5:02:91:66:35:3c:0d:4a:bb:f3:32:fa:
46:a1:9a:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt73hWveiN2ZjBNvqz7CXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NGZkYWQxMGVlNTViMzI4MmE2NDI0NmE0MWRjNjFhODky
MmQyNWQwHhcNMjMwMTAxMTUyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RkMGFkNjRmYmZiZmY1MzUwMGNhNGZjMDM2N2JiODU0NGYwYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUb93K0vDCXfFfFgqcHRHXreQD4j
lHISuTzn1EJxcYLdtImMxED0q0K7+mth24ApXdPCY6XfK/IwJVJcHbydZvItqDWg
YB43gDnrqUXISK0SZtXRCL73L/1OM37kr7/CKu8mjY4hv92tonCZbL/ZMHrHtK2+
T/G8ORWrgfMcgyWNqHAJOlosbKMMMtmyWx0FWyALPPyFQMMG0nb/OopAWGiiT90d
FQqwnU49HtyEKlMV757ut8Hi7ieuCBgQb0tvc4d0tjsvh1JhIPcN4XWPhdU03XP1
8i860Mo360MY3lu3Hf27kclm/EvaVB6ZeOZBr/X0G9lZxMZgUluHekUE0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMfdCtZPv7/1NQDKT8A2e7hUTwu/MB8GA1UdIwQY
MBaAFDRP2tEO5VsygqZCRqQdxhqJItJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVfYTBRN2xXektDcGtKR3BCM0dHb2tpMGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8wNjc2MzAtMzA2ZS00YzM3LThiY2Mt
NGYwMjFjNzNlZjc0LzEveDkwSzFrLV92X1UxQU1wUHdEWjd1RlJQQzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8wNjc2MzAtMzA2ZS00YzM3LThiY2MtNGYwMjFjNzNlZjc0
LzEvTkVfYTBRN2xXektDcGtKR3BCM0dHb2tpMGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZG4AwQC
ubowMA0GCSqGSIb3DQEBCwUAA4IBAQAQ+Xp7+qJUP0rDQu9V0vDzn08LhPctyagr
XCtGHk6RvxyHC1yqyQiegb6kTZ6IaC6ZgZfQVzsuevPEEs+aabbbquizojtZ4TLz
Tl7yO4vOhOCPcdhGNBzP++94MCDGw+JriCu0nG5eUE7yWtFRnN+q7/67Ob60xl8I
0/Kl3JHnLe6Q4lLYPAe4IoqZ9PRSLqBMr8E8fWrIUv0pqHS4XM/7eoaXGUAEpxuK
/mKx+ZW2WnxvAEMl2ARBirgGmGRfnCf8U8E087jSOSWEIemTCf7uobDx51AgUNPQ
SVigxupAR3w9ssROhIw+2Q7I99f2FIGlApFmNTwNSrvzMvpGoZoe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:20 2025 by rpki-client