Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/pU46iBwZCFtZYjjpl-Q5jSnuUM4.roa
File: pU46iBwZCFtZYjjpl-Q5jSnuUM4.roa (raw, json)
Hash identifier: 4NBOs16kSz6dU/zw7TIkbQqkMeoebch9cvjMtnGwSoQ=
Subject key identifier: A5:4E:3A:88:1C:19:08:5B:59:62:38:E9:97:E4:39:8D:29:EE:50:CE
Certificate issuer: /CN=ea53f33ccdfc5fe84b84c15f04322906991af9e7
Certificate serial: 01857169C6A2F11453B0F34D012101E97B2D
Authority key identifier: EA:53:F3:3C:CD:FC:5F:E8:4B:84:C1:5F:04:32:29:06:99:1A:F9:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6lPzPM38X-hLhMFfBDIpBpka-ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/pU46iBwZCFtZYjjpl-Q5jSnuUM4.roa
Signing time: Mon 02 Jan 2023 07:37:15 +0000
ROA not before: Mon 02 Jan 2023 07:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205581
IP address blocks: 185.213.37.0/24 maxlen: 24
185.213.36.0/24 maxlen: 24
185.213.38.0/24 maxlen: 24
185.213.39.0/24 maxlen: 24
2a0b:8240::/32 maxlen: 32
2a0b:8246::/32 maxlen: 32
2a0b:8245::/32 maxlen: 32
2a0b:8242::/32 maxlen: 32
2a0b:8241::/32 maxlen: 32
2a0b:8243::/32 maxlen: 32
2a0b:8244::/32 maxlen: 32
2a0b:8247::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:c6:a2:f1:14:53:b0:f3:4d:01:21:01:e9:7b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea53f33ccdfc5fe84b84c15f04322906991af9e7
Validity
Not Before: Jan 2 07:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a54e3a881c19085b596238e997e4398d29ee50ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:32:e1:3b:60:d8:64:8f:7a:1f:b0:13:fb:79:
08:4f:55:52:d2:7a:45:1b:c9:c9:42:da:54:bd:0f:
cd:3e:ce:1c:0c:03:ea:b6:6e:7a:2b:72:18:2e:26:
8a:f3:16:6f:3c:bd:cb:bd:b8:b1:62:09:2d:8e:34:
37:91:62:18:34:81:46:cf:80:45:55:4d:ca:2a:7d:
51:2d:4f:0c:95:b4:d9:87:77:45:6b:0f:25:07:3c:
2b:df:50:8f:a2:95:22:4a:b3:5a:72:6d:89:08:39:
b4:df:61:b2:6b:93:4f:3e:49:22:c2:e8:ec:4a:f5:
f6:9e:0c:cc:b2:d3:6a:f5:f2:7b:0f:92:55:73:fb:
49:75:fc:87:a8:cd:2b:2e:e9:47:3e:4b:96:0c:db:
bb:e9:85:a4:a2:2f:95:53:a9:73:1d:3a:0d:a7:44:
bb:2e:cd:dd:e5:5d:c9:68:3a:fa:69:08:2d:c2:73:
91:6d:7a:8d:44:f9:0a:2e:1a:c4:d7:93:3a:9f:08:
ca:a2:2e:78:0f:96:ce:d3:a9:f5:32:e2:02:af:3f:
9d:9e:e7:ac:36:9c:25:8e:7a:a4:8b:4a:f3:6e:3d:
43:6d:d1:e4:4f:1a:be:cf:10:ae:24:3b:87:7b:a4:
74:b1:7a:b4:ff:8b:ba:ca:ce:84:01:94:93:5e:51:
cd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4E:3A:88:1C:19:08:5B:59:62:38:E9:97:E4:39:8D:29:EE:50:CE
X509v3 Authority Key Identifier:
keyid:EA:53:F3:3C:CD:FC:5F:E8:4B:84:C1:5F:04:32:29:06:99:1A:F9:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6lPzPM38X-hLhMFfBDIpBpka-ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/pU46iBwZCFtZYjjpl-Q5jSnuUM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/6lPzPM38X-hLhMFfBDIpBpka-ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.36.0/22
IPv6:
2a0b:8240::/29
Signature Algorithm: sha256WithRSAEncryption
20:e7:fa:6f:b9:d4:86:5c:b8:3b:72:fa:ff:15:b5:57:f5:da:
cb:23:29:39:d1:44:d8:fd:87:5d:eb:22:74:7b:8e:11:80:0f:
dc:e4:89:6f:e5:e9:3b:06:dd:7f:a9:9b:94:85:a0:18:13:28:
21:53:70:8e:d3:a9:16:ea:ec:c3:c0:f3:13:42:56:61:94:6b:
08:6a:61:84:95:d8:b4:c2:7f:59:b8:d9:fe:ef:c0:af:94:36:
11:53:e4:ba:31:85:5c:93:68:dc:fb:ad:9e:f7:8a:53:cd:31:
03:10:56:36:82:9f:e5:db:b1:a7:1d:02:c1:a9:9b:9d:c4:b0:
cd:dc:01:a0:8d:fe:b9:75:b7:68:16:e5:5c:0e:9f:f1:34:36:
3a:63:ce:aa:2a:25:ea:3b:c3:8c:66:0d:57:95:ef:fa:7d:96:
40:6f:97:7b:a3:9c:00:cd:02:81:c9:b3:ef:99:63:b2:b1:0e:
b8:aa:23:f7:4a:66:1b:30:bd:b6:94:45:46:45:48:b3:db:b5:
e9:d2:c7:72:45:0b:08:ec:e8:46:e7:e4:81:5b:45:b5:52:01:
11:52:2f:77:57:a7:0f:c5:3c:4b:51:ca:50:3d:90:eb:d0:ac:
d6:db:2e:28:31:45:9b:2a:09:d2:8b:28:2a:b4:3d:8d:f1:30:
4f:d9:0b:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxacai8RRTsPNNASEB6XstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNTNmMzNjY2RmYzVmZTg0Yjg0YzE1ZjA0MzIyOTA2OTkx
YWY5ZTcwHhcNMjMwMTAyMDczNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTRlM2E4ODFjMTkwODViNTk2MjM4ZTk5N2U0Mzk4ZDI5ZWU1MGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDLhO2DYZI96H7AT+3kIT1VS0npF
G8nJQtpUvQ/NPs4cDAPqtm56K3IYLiaK8xZvPL3LvbixYgktjjQ3kWIYNIFGz4BF
VU3KKn1RLU8MlbTZh3dFaw8lBzwr31CPopUiSrNacm2JCDm032Gya5NPPkkiwujs
SvX2ngzMstNq9fJ7D5JVc/tJdfyHqM0rLulHPkuWDNu76YWkoi+VU6lzHToNp0S7
Ls3d5V3JaDr6aQgtwnORbXqNRPkKLhrE15M6nwjKoi54D5bO06n1MuICrz+dnues
Npwljnqki0rzbj1DbdHkTxq+zxCuJDuHe6R0sXq0/4u6ys6EAZSTXlHNOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKVOOogcGQhbWWI46ZfkOY0p7lDOMB8GA1UdIwQY
MBaAFOpT8zzN/F/oS4TBXwQyKQaZGvnnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmxQelBNMzhYLWhMaE1GZkJESXBCcGthLWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mOTUyOTgtZjkwOS00NWM5LTkxMDQt
OGE0ZjYzZWE5YmYxLzEvcFU0NmlCd1pDRnRaWWpqcGwtUTVqU251VU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mOTUyOTgtZjkwOS00NWM5LTkxMDQtOGE0ZjYzZWE5YmYx
LzEvNmxQelBNMzhYLWhMaE1GZkJESXBCcGthLWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudUkMA0E
AgACMAcDBQMqC4JAMA0GCSqGSIb3DQEBCwUAA4IBAQAg5/pvudSGXLg7cvr/FbVX
9drLIyk50UTY/Ydd6yJ0e44RgA/c5Ilv5ek7Bt1/qZuUhaAYEyghU3CO06kW6uzD
wPMTQlZhlGsIamGEldi0wn9ZuNn+78CvlDYRU+S6MYVck2jc+62e94pTzTEDEFY2
gp/l27GnHQLBqZudxLDN3AGgjf65dbdoFuVcDp/xNDY6Y86qKiXqO8OMZg1Xle/6
fZZAb5d7o5wAzQKBybPvmWOysQ64qiP3SmYbML22lEVGRUiz27Xp0sdyRQsI7OhG
5+SBW0W1UgERUi93V6cPxTxLUcpQPZDr0KzW2y4oMUWbKgnSiygqtD2N8TBP2Qvm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:51 2025 by rpki-client