Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/e22980-d5e5-41e8-a06a-7469ef203f82/1/SstWBVx53Nty8iKV61-urMPWDrY.roa
File: SstWBVx53Nty8iKV61-urMPWDrY.roa (raw, json)
Hash identifier: uaRGizDX2BE9V9D2IWmiW+QeUxU6i2ZsDJmFXDku/vM=
Subject key identifier: 4A:CB:56:05:5C:79:DC:DB:72:F2:22:95:EB:5F:AE:AC:C3:D6:0E:B6
Certificate issuer: /CN=c87c78b5b06a6f902c510f9b4a8f803ba32dfa84
Certificate serial: 018B94D2AAFF54D829E75966EBED4229A2DF
Authority key identifier: C8:7C:78:B5:B0:6A:6F:90:2C:51:0F:9B:4A:8F:80:3B:A3:2D:FA:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHx4tbBqb5AsUQ-bSo-AO6Mt-oQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/e22980-d5e5-41e8-a06a-7469ef203f82/1/SstWBVx53Nty8iKV61-urMPWDrY.roa
Signing time: Fri 03 Nov 2023 10:55:16 +0000
ROA not before: Fri 03 Nov 2023 10:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203391
IP address blocks: 185.136.98.0/24 maxlen: 24
185.136.97.0/24 maxlen: 24
185.136.96.0/22 maxlen: 24
185.136.96.0/24 maxlen: 24
185.136.99.0/24 maxlen: 24
45.83.251.0/24 maxlen: 24
45.83.250.0/24 maxlen: 24
45.83.249.0/24 maxlen: 24
45.83.248.0/24 maxlen: 24
45.83.248.0/22 maxlen: 24
2a06:fb00:3::/48 maxlen: 48
2a06:fb00:2::/48 maxlen: 48
2a06:fb00:1::/48 maxlen: 48
2a06:fb00:4::/48 maxlen: 48
2a06:fb00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:d2:aa:ff:54:d8:29:e7:59:66:eb:ed:42:29:a2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87c78b5b06a6f902c510f9b4a8f803ba32dfa84
Validity
Not Before: Nov 3 10:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4acb56055c79dcdb72f22295eb5faeacc3d60eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:08:ae:d0:fe:ae:be:b8:c9:c2:18:32:f6:60:
94:0e:66:3c:12:2d:49:a4:3e:9e:73:44:5b:0e:e0:
0f:cd:aa:f8:99:78:38:66:ae:38:a7:e9:64:dd:13:
48:2c:97:71:d4:89:3c:82:98:30:52:e3:40:fd:fa:
28:7b:81:e9:69:14:8c:8a:54:58:66:75:6f:7b:9c:
1a:77:7d:0f:c7:2e:c7:e0:98:80:96:45:ef:12:90:
b7:7b:ff:7c:bf:6d:8b:5e:df:70:3b:c7:f6:06:fb:
30:96:e6:6b:33:b2:ad:43:8e:49:61:5d:50:0c:80:
63:ae:ff:30:d7:35:4d:4b:30:75:34:44:00:0b:cc:
dc:f5:2f:e2:61:7a:6c:7b:d9:e5:c6:37:00:a0:ab:
7f:93:1a:9c:aa:0d:cb:5a:18:af:97:b6:04:21:2a:
68:b1:2f:46:b4:45:b5:6d:a3:3b:8c:2f:90:10:15:
e8:50:fc:e8:86:76:bd:97:0c:f7:d3:53:1a:6b:0e:
d2:33:61:a7:97:44:eb:c0:8f:19:64:bf:b8:8d:17:
9c:89:33:a1:33:c1:f1:11:0a:83:f2:04:0d:86:9f:
1d:74:6d:a5:9e:13:7c:63:10:98:c8:60:96:91:f8:
45:b4:a6:e0:8e:13:9d:2f:a7:1c:f9:47:37:55:ad:
82:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:CB:56:05:5C:79:DC:DB:72:F2:22:95:EB:5F:AE:AC:C3:D6:0E:B6
X509v3 Authority Key Identifier:
keyid:C8:7C:78:B5:B0:6A:6F:90:2C:51:0F:9B:4A:8F:80:3B:A3:2D:FA:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHx4tbBqb5AsUQ-bSo-AO6Mt-oQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e22980-d5e5-41e8-a06a-7469ef203f82/1/SstWBVx53Nty8iKV61-urMPWDrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e22980-d5e5-41e8-a06a-7469ef203f82/1/yHx4tbBqb5AsUQ-bSo-AO6Mt-oQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.248.0/22
185.136.96.0/22
IPv6:
2a06:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
74:63:ad:e9:6a:3d:db:4d:05:c8:d9:e6:44:c9:81:1f:39:e4:
57:e1:5d:b2:f0:1b:c7:4b:93:7a:7a:e4:58:8b:74:d9:b1:37:
69:60:f0:fe:2b:f5:51:a3:db:43:1c:ab:bc:8b:04:17:40:52:
0e:8d:6c:66:de:9d:3f:99:10:3d:a9:8a:54:49:8f:fe:b7:b9:
03:41:36:c6:b7:5c:1e:f2:35:ba:47:c9:cf:96:eb:38:75:dd:
6d:1b:06:cd:a4:7f:7f:b7:3d:6b:c4:cc:19:16:71:c3:18:af:
a1:16:d8:b6:e4:02:bc:49:65:89:af:be:2f:d8:34:9a:ed:e4:
84:90:83:1c:35:03:2a:11:2a:26:62:01:74:56:34:c6:2c:fe:
4d:c2:fc:20:dd:5b:62:d7:9e:67:cb:a0:f7:5f:17:bd:09:23:
69:1c:48:ab:91:70:b8:5c:e9:b3:92:27:79:d2:78:2b:ec:ad:
21:19:d7:54:d1:e7:2e:1e:32:1d:0e:fc:bb:8d:44:c7:4c:e0:
4b:b5:a1:c7:32:8b:6d:bd:73:c4:9a:17:d1:ac:81:8a:cd:4e:
3d:e6:ef:00:34:e2:12:95:ac:cd:bc:e6:6c:ea:aa:35:70:02:
37:40:fb:55:18:1e:7e:ce:81:65:b6:a1:2d:fa:4c:47:78:14:
0b:b7:86:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuU0qr/VNgp51lm6+1CKaLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2M3OGI1YjA2YTZmOTAyYzUxMGY5YjRhOGY4MDNiYTMy
ZGZhODQwHhcNMjMxMTAzMTA1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWNiNTYwNTVjNzlkY2RiNzJmMjIyOTVlYjVmYWVhY2MzZDYwZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgiu0P6uvrjJwhgy9mCUDmY8Ei1J
pD6ec0RbDuAPzar4mXg4Zq44p+lk3RNILJdx1Ik8gpgwUuNA/fooe4HpaRSMilRY
ZnVve5wad30Pxy7H4JiAlkXvEpC3e/98v22LXt9wO8f2BvswluZrM7KtQ45JYV1Q
DIBjrv8w1zVNSzB1NEQAC8zc9S/iYXpse9nlxjcAoKt/kxqcqg3LWhivl7YEISpo
sS9GtEW1baM7jC+QEBXoUPzohna9lwz301Maaw7SM2Gnl0TrwI8ZZL+4jReciTOh
M8HxEQqD8gQNhp8ddG2lnhN8YxCYyGCWkfhFtKbgjhOdL6cc+Uc3Va2CDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFErLVgVcedzbcvIiletfrqzD1g62MB8GA1UdIwQY
MBaAFMh8eLWwam+QLFEPm0qPgDujLfqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh4NHRiQnFiNUFzVVEtYlNvLUFPNk10LW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lMjI5ODAtZDVlNS00MWU4LWEwNmEt
NzQ2OWVmMjAzZjgyLzEvU3N0V0JWeDUzTnR5OGlLVjYxLXVyTVBXRHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lMjI5ODAtZDVlNS00MWU4LWEwNmEtNzQ2OWVmMjAzZjgy
LzEveUh4NHRiQnFiNUFzVVEtYlNvLUFPNk10LW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVP4AwQC
uYhgMA0EAgACMAcDBQMqBvsAMA0GCSqGSIb3DQEBCwUAA4IBAQB0Y63paj3bTQXI
2eZEyYEfOeRX4V2y8BvHS5N6euRYi3TZsTdpYPD+K/VRo9tDHKu8iwQXQFIOjWxm
3p0/mRA9qYpUSY/+t7kDQTbGt1we8jW6R8nPlus4dd1tGwbNpH9/tz1rxMwZFnHD
GK+hFti25AK8SWWJr74v2DSa7eSEkIMcNQMqESomYgF0VjTGLP5Nwvwg3Vti155n
y6D3Xxe9CSNpHEirkXC4XOmzkid50ngr7K0hGddU0ecuHjIdDvy7jUTHTOBLtaHH
MottvXPEmhfRrIGKzU495u8ANOISlazNvOZs6qo1cAI3QPtVGB5+zoFltqEt+kxH
eBQLt4Zi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:13 2025 by rpki-client