Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/deb97b-def1-4646-a5ed-d89e641183f3/1/H5sZRnX2d3EXOrSahJxa6zO43jg.roa
File: H5sZRnX2d3EXOrSahJxa6zO43jg.roa (raw, json)
Hash identifier: So08b/WEFSZGXBx2m31L0I5IPNjS+vPmUjeTEOk/aks=
Subject key identifier: 1F:9B:19:46:75:F6:77:71:17:3A:B4:9A:84:9C:5A:EB:33:B8:DE:38
Certificate issuer: /CN=7dec279b0501730698a30bcdcea3ae477c957331
Certificate serial: 01856E2FC741C90118F2A4DDA4D99F4CC3EF
Authority key identifier: 7D:EC:27:9B:05:01:73:06:98:A3:0B:CD:CE:A3:AE:47:7C:95:73:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fewnmwUBcwaYowvNzqOuR3yVczE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/deb97b-def1-4646-a5ed-d89e641183f3/1/H5sZRnX2d3EXOrSahJxa6zO43jg.roa
Signing time: Sun 01 Jan 2023 16:35:02 +0000
ROA not before: Sun 01 Jan 2023 16:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41605
IP address blocks: 185.82.148.0/22 maxlen: 22
185.82.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:c7:41:c9:01:18:f2:a4:dd:a4:d9:9f:4c:c3:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dec279b0501730698a30bcdcea3ae477c957331
Validity
Not Before: Jan 1 16:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f9b194675f67771173ab49a849c5aeb33b8de38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8d:5e:0a:23:ad:b3:13:ce:ce:b6:94:fa:c5:
58:16:f4:32:58:83:78:38:e3:13:68:11:72:0b:5c:
0c:a1:62:96:0b:a4:71:e6:40:dd:8f:d8:87:f4:0e:
b0:b7:d5:39:ae:03:6d:18:dc:32:0a:37:26:d9:50:
47:f4:58:de:20:ec:97:80:99:c4:20:ab:bf:8a:59:
0f:1a:2c:8d:bf:d1:3e:8a:7b:db:92:97:03:77:df:
b5:86:29:94:1a:f5:c3:53:b2:55:3b:77:92:b5:a7:
4d:38:ab:4e:75:b0:0e:12:a5:89:e1:df:d1:48:47:
7e:38:e7:9a:26:00:d8:08:21:e4:11:6c:43:c4:38:
b3:6b:2e:e2:46:87:50:ab:cb:93:b7:11:ff:98:7d:
af:50:0e:4b:cc:c6:4f:68:b8:fe:c5:e6:d4:ea:fe:
8f:d3:14:50:c8:9e:f1:50:9b:ba:4d:1f:37:ad:b7:
ef:57:e5:8d:a7:69:73:25:23:28:f5:6e:87:ae:ab:
fb:7e:0d:2d:ae:67:da:ba:d3:2c:36:f4:3e:2a:6b:
37:96:a3:62:22:03:b4:f9:39:1a:a1:d9:ac:63:5e:
89:8c:8c:17:4c:a9:47:7d:05:c5:1c:81:57:79:ea:
40:2b:9e:1b:9b:16:54:49:ad:9b:26:cf:3b:58:db:
6c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9B:19:46:75:F6:77:71:17:3A:B4:9A:84:9C:5A:EB:33:B8:DE:38
X509v3 Authority Key Identifier:
keyid:7D:EC:27:9B:05:01:73:06:98:A3:0B:CD:CE:A3:AE:47:7C:95:73:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fewnmwUBcwaYowvNzqOuR3yVczE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/deb97b-def1-4646-a5ed-d89e641183f3/1/H5sZRnX2d3EXOrSahJxa6zO43jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/deb97b-def1-4646-a5ed-d89e641183f3/1/fewnmwUBcwaYowvNzqOuR3yVczE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.148.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:3d:f4:59:59:95:82:2f:c5:e0:80:b0:c1:68:a5:e9:c5:16:
6e:fc:aa:79:b7:ce:0f:0e:97:57:1b:2b:33:08:36:9e:54:86:
37:3c:ab:cf:3c:2f:78:16:1a:41:f1:7e:bb:fd:8b:30:d9:52:
60:59:98:94:95:29:7f:2f:d4:c2:db:a9:34:5e:15:dc:d6:dd:
e8:11:37:db:dc:df:63:17:c8:bd:4b:24:43:5c:99:1b:1c:cb:
29:71:c8:29:d1:81:d3:1c:d8:d7:e1:3e:8a:45:b5:23:ee:f3:
ee:bf:86:b5:50:98:f5:03:61:a6:3b:60:96:e4:6b:f5:71:d1:
bc:f5:90:72:38:60:a2:ae:f9:97:c6:72:9a:ed:42:4a:80:4e:
eb:99:e3:91:85:22:7f:bb:f9:24:02:96:ad:c2:e7:76:1c:d5:
4b:c4:30:f5:15:37:50:2c:6f:90:b5:69:e6:a4:ad:e7:88:7e:
1a:43:6b:a6:77:0d:1b:d5:8f:40:55:c6:b6:4a:b5:c6:9b:14:
35:56:6a:f3:fa:7a:db:1d:78:95:5b:3d:c6:8a:d7:ae:f5:a8:
dc:fa:9d:d2:f2:80:7a:3c:7b:7b:9b:9e:a4:8b:cb:f3:cd:7d:
5b:f5:0f:a1:b6:69:0c:43:fc:81:f7:86:7c:e6:62:9f:32:76:
cf:2b:52:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL8dByQEY8qTdpNmfTMPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZWMyNzliMDUwMTczMDY5OGEzMGJjZGNlYTNhZTQ3N2M5
NTczMzEwHhcNMjMwMTAxMTYzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjliMTk0Njc1ZjY3NzcxMTczYWI0OWE4NDljNWFlYjMzYjhkZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw41eCiOtsxPOzraU+sVYFvQyWIN4
OOMTaBFyC1wMoWKWC6Rx5kDdj9iH9A6wt9U5rgNtGNwyCjcm2VBH9FjeIOyXgJnE
IKu/ilkPGiyNv9E+invbkpcDd9+1himUGvXDU7JVO3eStadNOKtOdbAOEqWJ4d/R
SEd+OOeaJgDYCCHkEWxDxDizay7iRodQq8uTtxH/mH2vUA5LzMZPaLj+xebU6v6P
0xRQyJ7xUJu6TR83rbfvV+WNp2lzJSMo9W6Hrqv7fg0trmfautMsNvQ+Kms3lqNi
IgO0+TkaodmsY16JjIwXTKlHfQXFHIFXeepAK54bmxZUSa2bJs87WNtsJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+bGUZ19ndxFzq0moScWuszuN44MB8GA1UdIwQY
MBaAFH3sJ5sFAXMGmKMLzc6jrkd8lXMxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmV3bm13VUJjd2FZb3d2TnpxT3VSM3lWY3pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kZWI5N2ItZGVmMS00NjQ2LWE1ZWQt
ZDg5ZTY0MTE4M2YzLzEvSDVzWlJuWDJkM0VYT3JTYWhKeGE2ek80M2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kZWI5N2ItZGVmMS00NjQ2LWE1ZWQtZDg5ZTY0MTE4M2Yz
LzEvZmV3bm13VUJjd2FZb3d2TnpxT3VSM3lWY3pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVKUMA0G
CSqGSIb3DQEBCwUAA4IBAQCrPfRZWZWCL8XggLDBaKXpxRZu/Kp5t84PDpdXGysz
CDaeVIY3PKvPPC94FhpB8X67/Ysw2VJgWZiUlSl/L9TC26k0XhXc1t3oETfb3N9j
F8i9SyRDXJkbHMspccgp0YHTHNjX4T6KRbUj7vPuv4a1UJj1A2GmO2CW5Gv1cdG8
9ZByOGCirvmXxnKa7UJKgE7rmeORhSJ/u/kkApatwud2HNVLxDD1FTdQLG+QtWnm
pK3niH4aQ2umdw0b1Y9AVca2SrXGmxQ1Vmrz+nrbHXiVWz3Giteu9ajc+p3S8oB6
PHt7m56ki8vzzX1b9Q+htmkMQ/yB94Z85mKfMnbPK1IO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:27 2025 by rpki-client