Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/X2zPIZjnZfpjtB-dTyZ6pA7EiF0.roa
File: X2zPIZjnZfpjtB-dTyZ6pA7EiF0.roa (raw, json)
Hash identifier: 7plzjdN9C6wAu9eEnncixYRZPajcgwsIq0Jbk/pBWc0=
Subject key identifier: 5F:6C:CF:21:98:E7:65:FA:63:B4:1F:9D:4F:26:7A:A4:0E:C4:88:5D
Certificate issuer: /CN=ac4bdd9e97f210370cc301257ac15faeb8fa524e
Certificate serial: 0184528887A2601214E649EE7580648F7D7F
Authority key identifier: AC:4B:DD:9E:97:F2:10:37:0C:C3:01:25:7A:C1:5F:AE:B8:FA:52:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rEvdnpfyEDcMwwElesFfrrj6Uk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/X2zPIZjnZfpjtB-dTyZ6pA7EiF0.roa
Signing time: Mon 07 Nov 2022 14:39:49 +0000
ROA not before: Mon 07 Nov 2022 14:39:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199708
IP address blocks: 185.48.201.0/24 maxlen: 24
185.48.202.0/23 maxlen: 23
185.48.203.0/24 maxlen: 24
185.48.200.0/23 maxlen: 23
2a04:b280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:88:87:a2:60:12:14:e6:49:ee:75:80:64:8f:7d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac4bdd9e97f210370cc301257ac15faeb8fa524e
Validity
Not Before: Nov 7 14:39:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f6ccf2198e765fa63b41f9d4f267aa40ec4885d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b3:1a:21:63:b7:b4:c3:11:ce:77:08:40:83:
7d:e4:6d:65:1d:a9:65:60:69:c1:e4:e2:d7:bc:6c:
0e:51:d0:72:c2:ed:ba:2f:27:fb:05:20:1e:e1:2d:
2e:96:45:60:e2:1f:82:2d:b9:94:e6:c8:e4:d3:20:
c5:4d:6c:19:a1:29:28:c8:d5:09:3d:ff:9a:f2:5f:
3b:53:73:28:5d:6e:54:7a:b5:bf:69:5c:50:78:50:
66:08:b2:f7:48:c1:97:2f:5a:72:47:be:a5:55:3a:
18:42:33:5d:3d:0e:c4:f9:4e:38:c3:bd:4d:e0:20:
5d:57:f4:57:9f:07:03:b3:8a:9d:06:68:a6:14:f0:
40:88:bf:8a:b1:01:20:35:3f:05:be:fc:b1:39:2a:
b7:d9:5c:f6:38:e9:3e:00:81:27:90:88:af:a1:02:
d3:99:98:76:0a:f1:44:ec:93:0e:a4:38:84:5c:a7:
34:b1:49:d9:2f:77:a3:6c:53:d9:a6:65:72:c0:c6:
49:05:4b:91:40:79:86:4c:67:47:ca:30:f4:84:3b:
d0:bc:29:2f:26:2f:dd:e5:41:9a:ec:3f:33:83:0a:
63:2a:9a:9b:d3:5c:60:14:5c:42:f9:ec:03:39:36:
f4:46:ae:1d:96:ba:94:7c:c3:fd:46:52:9d:4d:d2:
b8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6C:CF:21:98:E7:65:FA:63:B4:1F:9D:4F:26:7A:A4:0E:C4:88:5D
X509v3 Authority Key Identifier:
keyid:AC:4B:DD:9E:97:F2:10:37:0C:C3:01:25:7A:C1:5F:AE:B8:FA:52:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rEvdnpfyEDcMwwElesFfrrj6Uk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/X2zPIZjnZfpjtB-dTyZ6pA7EiF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/17490b-09a6-4e38-b084-14b0e8c4e8e7/1/rEvdnpfyEDcMwwElesFfrrj6Uk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.200.0/22
IPv6:
2a04:b280::/29
Signature Algorithm: sha256WithRSAEncryption
0b:ed:8e:ee:56:39:ad:c7:6f:ab:5a:df:4d:8e:d7:c2:18:3c:
f2:c4:f1:27:5a:f3:0d:37:8c:81:19:56:69:c5:07:74:5c:c5:
4b:a6:fa:4c:88:09:52:da:2d:34:6c:a0:8d:99:9d:20:91:13:
6f:ef:9d:5e:05:83:9d:d6:df:be:d5:d7:75:c4:f5:4c:ac:b6:
a4:be:3f:3a:21:f1:26:00:6a:b6:20:a5:08:71:92:b1:94:54:
de:bf:f0:1c:d6:98:65:81:f2:91:bf:e1:f7:b6:07:b9:28:9d:
6d:5e:d7:3e:1c:40:70:53:e0:de:9d:88:00:56:c7:c3:5f:f3:
2d:2e:5e:19:1c:0c:d7:e8:ab:8e:75:6b:4c:6a:cc:7a:fa:5f:
80:ed:0b:1b:6e:52:16:44:d1:1c:f1:21:21:94:03:e9:d8:9a:
91:58:4d:e8:b6:3e:f9:0b:e0:47:c5:ce:bb:f8:e8:22:9b:af:
97:22:c0:a5:c9:40:51:58:5f:35:11:4e:60:2d:b3:0a:b3:95:
a0:30:9f:2f:4d:35:23:58:bd:ea:ea:52:81:49:da:6e:f6:27:
bc:78:48:17:e6:dc:91:09:3e:fe:16:77:1d:50:e3:2a:3a:99:
ba:6b:95:01:b6:5b:52:91:e2:11:60:0b:28:d0:68:e3:53:1b:
f1:e0:4e:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRSiIeiYBIU5knudYBkj31/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNGJkZDllOTdmMjEwMzcwY2MzMDEyNTdhYzE1ZmFlYjhm
YTUyNGUwHhcNMjIxMTA3MTQzOTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjZjY2YyMTk4ZTc2NWZhNjNiNDFmOWQ0ZjI2N2FhNDBlYzQ4ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLMaIWO3tMMRzncIQIN95G1lHall
YGnB5OLXvGwOUdBywu26Lyf7BSAe4S0ulkVg4h+CLbmU5sjk0yDFTWwZoSkoyNUJ
Pf+a8l87U3MoXW5UerW/aVxQeFBmCLL3SMGXL1pyR76lVToYQjNdPQ7E+U44w71N
4CBdV/RXnwcDs4qdBmimFPBAiL+KsQEgNT8FvvyxOSq32Vz2OOk+AIEnkIivoQLT
mZh2CvFE7JMOpDiEXKc0sUnZL3ejbFPZpmVywMZJBUuRQHmGTGdHyjD0hDvQvCkv
Ji/d5UGa7D8zgwpjKpqb01xgFFxC+ewDOTb0Rq4dlrqUfMP9RlKdTdK44QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF9szyGY52X6Y7QfnU8meqQOxIhdMB8GA1UdIwQY
MBaAFKxL3Z6X8hA3DMMBJXrBX664+lJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckV2ZG5wZnlFRGNNd3dFbGVzRmZycmo2VWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8xNzQ5MGItMDlhNi00ZTM4LWIwODQt
MTRiMGU4YzRlOGU3LzEvWDJ6UElaam5aZnBqdEItZFR5WjZwQTdFaUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8xNzQ5MGItMDlhNi00ZTM4LWIwODQtMTRiMGU4YzRlOGU3
LzEvckV2ZG5wZnlFRGNNd3dFbGVzRmZycmo2VWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTDIMA0E
AgACMAcDBQMqBLKAMA0GCSqGSIb3DQEBCwUAA4IBAQAL7Y7uVjmtx2+rWt9NjtfC
GDzyxPEnWvMNN4yBGVZpxQd0XMVLpvpMiAlS2i00bKCNmZ0gkRNv751eBYOd1t++
1dd1xPVMrLakvj86IfEmAGq2IKUIcZKxlFTev/Ac1phlgfKRv+H3tge5KJ1tXtc+
HEBwU+DenYgAVsfDX/MtLl4ZHAzX6KuOdWtMasx6+l+A7QsbblIWRNEc8SEhlAPp
2JqRWE3otj75C+BHxc67+Ogim6+XIsClyUBRWF81EU5gLbMKs5WgMJ8vTTUjWL3q
6lKBSdpu9ie8eEgX5tyRCT7+FncdUOMqOpm6a5UBtltSkeIRYAso0GjjUxvx4E6F
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:32 2025 by rpki-client