Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/sEvidmaWl_SYYHy6KLmUbgHelzE.roa
File: sEvidmaWl_SYYHy6KLmUbgHelzE.roa (raw, json)
Hash identifier: Yi84wbL6KIYwTeYPL95V9CESEQYvkTSUhmCC1XiTEIc=
Subject key identifier: B0:4B:E2:76:66:96:97:F4:98:60:7C:BA:28:B9:94:6E:01:DE:97:31
Certificate issuer: /CN=9c1cd1b3c8772956fa85535a8464b4ca19663ade
Certificate serial: 01856F797045B4E1B753E3D1F341AD8C1CBE
Authority key identifier: 9C:1C:D1:B3:C8:77:29:56:FA:85:53:5A:84:64:B4:CA:19:66:3A:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBzRs8h3KVb6hVNahGS0yhlmOt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/sEvidmaWl_SYYHy6KLmUbgHelzE.roa
Signing time: Sun 01 Jan 2023 22:35:07 +0000
ROA not before: Sun 01 Jan 2023 22:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203374
IP address blocks: 185.136.240.0/22 maxlen: 22
185.136.240.0/23 maxlen: 23
185.136.240.0/24 maxlen: 24
185.136.243.0/24 maxlen: 24
185.136.242.0/24 maxlen: 24
185.136.242.0/23 maxlen: 23
185.136.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:70:45:b4:e1:b7:53:e3:d1:f3:41:ad:8c:1c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1cd1b3c8772956fa85535a8464b4ca19663ade
Validity
Not Before: Jan 1 22:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b04be276669697f498607cba28b9946e01de9731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:04:d0:62:68:c0:23:0f:eb:91:38:12:c7:6d:
c9:8a:62:1c:20:64:f0:b9:b6:4b:ac:87:fd:10:4c:
49:1a:93:dc:60:87:c4:55:50:00:5b:71:0b:81:e9:
69:4f:20:5e:71:fe:17:84:98:fe:40:40:c5:7f:de:
aa:24:fa:fe:cd:8d:53:d3:c0:b8:78:5f:13:42:09:
6a:09:91:db:4c:bd:65:5c:1e:60:6d:42:6e:37:21:
a9:d5:3f:51:b0:68:3e:9f:21:77:87:b5:44:78:da:
0d:f9:9f:ad:a1:be:c2:db:fd:d0:65:8e:dd:aa:b3:
4e:11:8e:dc:de:bd:f1:a7:6b:18:4b:b5:7e:bd:d0:
5b:a0:1b:71:f6:e2:7b:35:40:44:07:50:04:15:73:
01:83:17:31:8e:bb:87:ba:4e:59:59:39:d2:26:3f:
26:d2:02:33:6d:e1:47:c5:00:d9:52:38:91:42:20:
3b:79:ee:17:22:ce:38:0f:b5:2e:3c:71:c0:d6:fb:
dd:f6:1d:e8:84:e6:f6:a7:c9:53:08:96:e5:b2:14:
23:59:10:ed:60:c2:25:d7:e2:54:e3:af:ae:d2:39:
f8:78:37:a0:eb:21:8a:ad:79:b5:57:82:3c:30:b1:
da:97:57:c1:15:aa:c7:79:a6:08:a3:c1:47:99:67:
cf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:4B:E2:76:66:96:97:F4:98:60:7C:BA:28:B9:94:6E:01:DE:97:31
X509v3 Authority Key Identifier:
keyid:9C:1C:D1:B3:C8:77:29:56:FA:85:53:5A:84:64:B4:CA:19:66:3A:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBzRs8h3KVb6hVNahGS0yhlmOt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/sEvidmaWl_SYYHy6KLmUbgHelzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/nBzRs8h3KVb6hVNahGS0yhlmOt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.240.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:d5:c5:e7:be:3f:63:01:2a:84:4f:fc:c3:02:17:c8:00:25:
d9:af:5e:4e:43:b5:0c:66:de:c6:32:5c:5c:fc:51:2e:0e:5a:
84:e9:32:b4:5f:c8:b4:a1:56:09:a5:7f:79:ce:02:3e:a9:d1:
3e:18:0c:a4:ff:36:f0:46:e3:fe:d4:4e:ec:dc:84:81:bc:76:
ef:f0:02:78:09:bf:8a:0b:c1:2e:e6:0d:56:b1:d4:7c:2a:98:
a4:2d:db:a3:32:22:69:fc:30:c2:4b:ed:3f:53:70:8a:a2:54:
f6:72:0e:1a:de:b1:81:60:76:08:78:ec:ee:36:ef:c3:77:ee:
4c:61:cf:56:81:d3:90:6c:59:26:7b:ad:de:fb:6b:14:46:36:
ee:c3:8c:f9:8a:19:12:95:87:a2:53:0a:65:01:c6:fe:e1:20:
c2:87:a7:e4:f5:ed:1e:c0:7f:0c:98:40:6b:ad:70:51:3c:47:
81:5b:81:14:e2:75:6f:c5:e5:25:af:6d:c8:f6:09:74:72:58:
91:b7:b8:9e:95:b4:e9:83:a5:f3:30:fa:31:5e:d4:3f:19:79:
7d:62:6e:0c:45:ca:68:6b:c6:e2:65:6d:6f:2a:4e:4f:64:4d:
c3:5c:57:09:ff:14:ea:14:33:67:63:e5:37:27:42:c1:93:4d:
62:fa:fd:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveXBFtOG3U+PR80GtjBy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWNkMWIzYzg3NzI5NTZmYTg1NTM1YTg0NjRiNGNhMTk2
NjNhZGUwHhcNMjMwMTAxMjIzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDRiZTI3NjY2OTY5N2Y0OTg2MDdjYmEyOGI5OTQ2ZTAxZGU5NzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgTQYmjAIw/rkTgSx23JimIcIGTw
ubZLrIf9EExJGpPcYIfEVVAAW3ELgelpTyBecf4XhJj+QEDFf96qJPr+zY1T08C4
eF8TQglqCZHbTL1lXB5gbUJuNyGp1T9RsGg+nyF3h7VEeNoN+Z+tob7C2/3QZY7d
qrNOEY7c3r3xp2sYS7V+vdBboBtx9uJ7NUBEB1AEFXMBgxcxjruHuk5ZWTnSJj8m
0gIzbeFHxQDZUjiRQiA7ee4XIs44D7UuPHHA1vvd9h3ohOb2p8lTCJblshQjWRDt
YMIl1+JU46+u0jn4eDeg6yGKrXm1V4I8MLHal1fBFarHeaYIo8FHmWfPlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBL4nZmlpf0mGB8uii5lG4B3pcxMB8GA1UdIwQY
MBaAFJwc0bPIdylW+oVTWoRktMoZZjreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJ6UnM4aDNLVmI2aFZOYWhHUzB5aGxtT3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8wNmVhYjAtNmM2ZS00Yzk1LWJiZGMt
OTE2MDQ3MDYyYTIyLzEvc0V2aWRtYVdsX1NZWUh5NktMbVViZ0hlbHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8wNmVhYjAtNmM2ZS00Yzk1LWJiZGMtOTE2MDQ3MDYyYTIy
LzEvbkJ6UnM4aDNLVmI2aFZOYWhHUzB5aGxtT3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYjwMA0G
CSqGSIb3DQEBCwUAA4IBAQA71cXnvj9jASqET/zDAhfIACXZr15OQ7UMZt7GMlxc
/FEuDlqE6TK0X8i0oVYJpX95zgI+qdE+GAyk/zbwRuP+1E7s3ISBvHbv8AJ4Cb+K
C8Eu5g1WsdR8KpikLdujMiJp/DDCS+0/U3CKolT2cg4a3rGBYHYIeOzuNu/Dd+5M
Yc9WgdOQbFkme63e+2sURjbuw4z5ihkSlYeiUwplAcb+4SDCh6fk9e0ewH8MmEBr
rXBRPEeBW4EU4nVvxeUlr23I9gl0cliRt7ielbTpg6XzMPoxXtQ/GXl9Ym4MRcpo
a8biZW1vKk5PZE3DXFcJ/xTqFDNnY+U3J0LBk01i+v0n
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:51 2025 by rpki-client