Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/f13f98-4e7a-435d-b1b0-8386e70bdc58/1/6kpSvtdxErJWdO4W5ckJ9g0zivw.roa
File: 6kpSvtdxErJWdO4W5ckJ9g0zivw.roa (raw, json)
Hash identifier: m21kVpShTRsMXsAeBD1Mt+bRarZZOzbTWXt36qxGHLI=
Subject key identifier: EA:4A:52:BE:D7:71:12:B2:56:74:EE:16:E5:C9:09:F6:0D:33:8A:FC
Certificate issuer: /CN=de6ed0579c3fd253597ec82f0939111ba9d8c88d
Certificate serial: 018571032A378E3F3F58D4FF9AB2C7B46499
Authority key identifier: DE:6E:D0:57:9C:3F:D2:53:59:7E:C8:2F:09:39:11:1B:A9:D8:C8:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3m7QV5w_0lNZfsgvCTkRG6nYyI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/f13f98-4e7a-435d-b1b0-8386e70bdc58/1/6kpSvtdxErJWdO4W5ckJ9g0zivw.roa
Signing time: Mon 02 Jan 2023 05:45:10 +0000
ROA not before: Mon 02 Jan 2023 05:45:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30758
IP address blocks: 185.48.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:2a:37:8e:3f:3f:58:d4:ff:9a:b2:c7:b4:64:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6ed0579c3fd253597ec82f0939111ba9d8c88d
Validity
Not Before: Jan 2 05:45:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea4a52bed77112b25674ee16e5c909f60d338afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:96:ac:3d:17:16:52:f4:2d:f1:03:0f:e6:7b:
e0:75:3a:34:9f:de:18:fb:e8:44:96:ed:5e:dc:51:
77:17:a3:91:4a:18:9c:97:f6:49:4d:10:62:6a:0d:
90:ee:63:40:c5:89:39:cb:f3:bd:40:80:e0:cf:17:
ff:b9:77:7d:37:13:a6:37:d4:de:87:22:76:7c:a2:
46:cd:ed:19:7a:5c:f6:db:29:90:e9:04:5c:7f:e6:
26:1f:16:11:4e:49:d3:6f:a8:1a:74:f8:b9:44:db:
ae:cb:7a:4c:08:26:db:b9:4a:0c:63:56:cd:c3:ca:
d8:65:5a:93:5b:82:c1:60:37:56:8b:fa:a0:af:2e:
2d:6e:b6:d2:6b:ea:e3:a0:f7:bc:2f:e0:8c:32:2e:
be:23:52:b7:d7:6a:e2:25:04:dd:f9:1e:e5:d9:05:
f1:79:36:e0:64:44:10:11:97:ff:d9:f8:fd:64:4c:
48:d5:b0:8a:92:f9:29:60:88:5c:50:4f:c6:fc:5b:
df:75:55:67:84:08:ac:09:a3:02:83:85:44:5e:e6:
f9:46:a7:74:a5:89:29:ba:e0:68:3c:d8:6d:aa:5e:
1b:fb:cf:0f:81:8b:4d:9d:10:26:b3:bc:ee:93:5f:
ad:33:1b:c8:04:62:4f:40:18:4d:d8:cc:b6:49:a3:
fb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:4A:52:BE:D7:71:12:B2:56:74:EE:16:E5:C9:09:F6:0D:33:8A:FC
X509v3 Authority Key Identifier:
keyid:DE:6E:D0:57:9C:3F:D2:53:59:7E:C8:2F:09:39:11:1B:A9:D8:C8:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3m7QV5w_0lNZfsgvCTkRG6nYyI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f13f98-4e7a-435d-b1b0-8386e70bdc58/1/6kpSvtdxErJWdO4W5ckJ9g0zivw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f13f98-4e7a-435d-b1b0-8386e70bdc58/1/3m7QV5w_0lNZfsgvCTkRG6nYyI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.25.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:ae:76:b7:24:63:50:63:7f:bf:31:2c:55:f0:97:3b:08:25:
1e:f8:b7:6d:c8:ac:40:60:e9:e7:22:5e:b1:8a:5a:5e:2e:d1:
b0:45:97:9a:cc:1f:9f:aa:5e:b5:e8:95:f7:fe:f9:ac:3f:6c:
c7:1b:ba:fc:7f:db:91:4c:ed:90:a3:f8:5f:96:bb:a1:42:5a:
3c:22:d5:77:bf:86:17:93:dc:6d:cc:42:f9:1c:c7:08:b2:ea:
ca:ae:92:52:55:97:dd:3d:89:e5:68:32:75:c4:52:78:22:e9:
c2:9f:6e:f8:f1:94:77:b4:a3:f2:3d:d9:55:11:34:2d:14:50:
19:5e:f3:b8:87:7c:f7:fa:82:51:a2:5e:1a:af:22:bb:02:4e:
c7:e2:04:5c:51:8d:74:05:6d:0e:4f:9b:c8:6c:be:52:25:58:
f2:c3:c7:ff:cb:c9:ed:08:c6:98:6d:be:8a:a1:3e:ad:7f:90:
ec:69:a8:de:07:7f:92:46:d2:47:c1:72:47:6b:7e:11:1e:9b:
b0:d4:b8:d3:bc:2b:5e:a1:e9:29:0e:01:72:26:46:04:27:aa:
37:c7:7e:4e:26:70:95:4c:0c:b6:91:d1:f5:8d:2c:c2:63:39:
20:d6:a5:30:e6:71:e7:f6:37:a2:1c:fc:07:f9:b4:25:4f:a9:
e9:5c:2a:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAyo3jj8/WNT/mrLHtGSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNmVkMDU3OWMzZmQyNTM1OTdlYzgyZjA5MzkxMTFiYTlk
OGM4OGQwHhcNMjMwMTAyMDU0NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTRhNTJiZWQ3NzExMmIyNTY3NGVlMTZlNWM5MDlmNjBkMzM4YWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JasPRcWUvQt8QMP5nvgdTo0n94Y
++hElu1e3FF3F6ORShicl/ZJTRBiag2Q7mNAxYk5y/O9QIDgzxf/uXd9NxOmN9Te
hyJ2fKJGze0Zelz22ymQ6QRcf+YmHxYRTknTb6gadPi5RNuuy3pMCCbbuUoMY1bN
w8rYZVqTW4LBYDdWi/qgry4tbrbSa+rjoPe8L+CMMi6+I1K312riJQTd+R7l2QXx
eTbgZEQQEZf/2fj9ZExI1bCKkvkpYIhcUE/G/FvfdVVnhAisCaMCg4VEXub5Rqd0
pYkpuuBoPNhtql4b+88PgYtNnRAms7zuk1+tMxvIBGJPQBhN2My2SaP7ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOpKUr7XcRKyVnTuFuXJCfYNM4r8MB8GA1UdIwQY
MBaAFN5u0FecP9JTWX7ILwk5ERup2MiNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM203UVY1d18wbE5aZnNndkNUa1JHNm5ZeUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9mMTNmOTgtNGU3YS00MzVkLWIxYjAt
ODM4NmU3MGJkYzU4LzEvNmtwU3Z0ZHhFckpXZE80VzVja0o5ZzB6aXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9mMTNmOTgtNGU3YS00MzVkLWIxYjAtODM4NmU3MGJkYzU4
LzEvM203UVY1d18wbE5aZnNndkNUa1JHNm5ZeUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTAZMA0G
CSqGSIb3DQEBCwUAA4IBAQC9rna3JGNQY3+/MSxV8Jc7CCUe+LdtyKxAYOnnIl6x
ilpeLtGwRZeazB+fql616JX3/vmsP2zHG7r8f9uRTO2Qo/hflruhQlo8ItV3v4YX
k9xtzEL5HMcIsurKrpJSVZfdPYnlaDJ1xFJ4IunCn2748ZR3tKPyPdlVETQtFFAZ
XvO4h3z3+oJRol4aryK7Ak7H4gRcUY10BW0OT5vIbL5SJVjyw8f/y8ntCMaYbb6K
oT6tf5DsaajeB3+SRtJHwXJHa34RHpuw1LjTvCteoekpDgFyJkYEJ6o3x35OJnCV
TAy2kdH1jSzCYzkg1qUw5nHn9jeiHPwH+bQlT6npXCqc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:05 2025 by rpki-client