Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/lYLuHYi3qQvK5RVWGRUzaNdl7Bg.roa
File: lYLuHYi3qQvK5RVWGRUzaNdl7Bg.roa (raw, json)
Hash identifier: WoVmOeZ3NDTB0BP+zLK+htCpfUk95B8/ND+fp7QyJbg=
Subject key identifier: 95:82:EE:1D:88:B7:A9:0B:CA:E5:15:56:19:15:33:68:D7:65:EC:18
Certificate issuer: /CN=cbffc771f2ed58fc2821ee74cda853fd2e36c428
Certificate serial: 01856F26BD1219C3E750B6978E81A25F131A
Authority key identifier: CB:FF:C7:71:F2:ED:58:FC:28:21:EE:74:CD:A8:53:FD:2E:36:C4:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y__HcfLtWPwoIe50zahT_S42xCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/lYLuHYi3qQvK5RVWGRUzaNdl7Bg.roa
Signing time: Sun 01 Jan 2023 21:04:47 +0000
ROA not before: Sun 01 Jan 2023 21:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25516
IP address blocks: 185.49.16.0/23 maxlen: 24
185.49.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:bd:12:19:c3:e7:50:b6:97:8e:81:a2:5f:13:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbffc771f2ed58fc2821ee74cda853fd2e36c428
Validity
Not Before: Jan 1 21:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9582ee1d88b7a90bcae5155619153368d765ec18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:02:2e:c4:18:70:bd:a6:c2:a9:f0:52:21:6c:
41:97:89:bc:c0:56:f0:63:32:a3:aa:67:d2:69:27:
c2:5f:45:92:d5:f1:fd:5c:ca:fb:95:a6:14:5e:2e:
4c:20:6b:7b:14:c1:98:44:8c:e0:9f:9b:8e:12:0d:
e2:6a:df:35:d3:7d:3c:f4:6b:5c:7d:29:93:01:14:
07:90:63:e0:14:94:54:fe:5c:78:2a:89:4a:6b:58:
ff:08:a3:02:c6:e4:37:65:d8:aa:ae:8a:a5:52:68:
84:b8:c3:de:f0:c1:0d:e7:db:11:5c:dc:88:99:1a:
4d:6d:3b:7d:3b:1f:27:47:73:57:e2:31:6a:ac:f9:
ff:b0:34:95:f9:33:74:b4:5b:55:26:aa:d5:e1:34:
1f:d4:fb:4e:83:e3:76:86:67:e5:9e:54:b0:e2:ee:
1e:bd:cb:88:66:9a:ec:6c:b4:0b:92:20:b6:89:f5:
ce:23:cf:c6:82:84:2d:e5:54:30:67:18:31:41:4e:
82:61:5f:23:e3:e4:4a:ec:44:19:9e:ed:b5:81:aa:
33:2c:18:30:d7:51:cd:56:25:1c:78:74:15:7d:a6:
d6:15:c7:cb:f3:4d:90:bd:e6:e2:fb:14:1a:36:b8:
26:08:ba:1c:23:a2:c7:4f:49:e2:cd:99:10:09:6a:
78:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:82:EE:1D:88:B7:A9:0B:CA:E5:15:56:19:15:33:68:D7:65:EC:18
X509v3 Authority Key Identifier:
keyid:CB:FF:C7:71:F2:ED:58:FC:28:21:EE:74:CD:A8:53:FD:2E:36:C4:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y__HcfLtWPwoIe50zahT_S42xCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/lYLuHYi3qQvK5RVWGRUzaNdl7Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/e52e14-7aad-43e4-88c4-7a4054551fd4/1/y__HcfLtWPwoIe50zahT_S42xCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:f2:2d:f3:36:6e:35:f9:e4:10:57:44:42:2f:01:93:cb:0e:
0c:0b:ee:55:55:92:b0:3f:33:19:0b:c1:35:fa:64:e3:1e:9e:
04:43:af:09:6c:4c:fd:4b:c1:a3:43:c2:23:40:0c:08:f6:79:
ff:fa:91:f8:68:51:dc:54:d5:8b:8f:34:9a:7b:0b:4e:7c:1f:
31:8e:6c:7d:48:59:f3:8d:69:fb:c3:0a:b2:d1:17:6a:cf:a6:
ea:e4:3d:93:f3:8e:38:67:33:0f:bc:6f:56:82:7f:09:28:8e:
e3:c3:c5:fb:94:91:80:14:56:83:ca:3f:bc:d6:a1:f4:f1:46:
f9:5d:bc:b1:64:02:7a:07:66:11:70:85:c0:22:89:c9:53:90:
25:34:4d:09:68:21:ca:4e:85:ec:eb:30:39:a8:fd:d2:74:22:
18:f8:8d:b1:a2:14:93:45:cf:4a:00:f8:e7:0f:40:04:45:32:
4f:17:09:77:b5:cd:d3:c7:09:8d:30:3e:bc:0e:6e:11:84:cf:
8a:29:25:1d:9a:b7:a9:9d:65:f4:25:ff:f2:14:d4:40:16:1a:
97:ae:6e:a7:8b:04:0b:6a:c8:2b:5c:b3:a8:32:c0:18:0c:05:
c3:de:e9:dc:5a:f0:6e:79:6c:78:c9:b1:dd:ce:ed:40:83:0c:
2d:f9:50:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJr0SGcPnULaXjoGiXxMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZmZjNzcxZjJlZDU4ZmMyODIxZWU3NGNkYTg1M2ZkMmUz
NmM0MjgwHhcNMjMwMTAxMjEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTgyZWUxZDg4YjdhOTBiY2FlNTE1NTYxOTE1MzM2OGQ3NjVlYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAIuxBhwvabCqfBSIWxBl4m8wFbw
YzKjqmfSaSfCX0WS1fH9XMr7laYUXi5MIGt7FMGYRIzgn5uOEg3iat8103089Gtc
fSmTARQHkGPgFJRU/lx4KolKa1j/CKMCxuQ3ZdiqroqlUmiEuMPe8MEN59sRXNyI
mRpNbTt9Ox8nR3NX4jFqrPn/sDSV+TN0tFtVJqrV4TQf1PtOg+N2hmflnlSw4u4e
vcuIZprsbLQLkiC2ifXOI8/GgoQt5VQwZxgxQU6CYV8j4+RK7EQZnu21gaozLBgw
11HNViUceHQVfabWFcfL802Qvebi+xQaNrgmCLocI6LHT0nizZkQCWp4JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWC7h2It6kLyuUVVhkVM2jXZewYMB8GA1UdIwQY
MBaAFMv/x3Hy7Vj8KCHudM2oU/0uNsQoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9fSGNmTHRXUHdvSWU1MHphaFRfUzQyeENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9lNTJlMTQtN2FhZC00M2U0LTg4YzQt
N2E0MDU0NTUxZmQ0LzEvbFlMdUhZaTNxUXZLNVJWV0dSVXphTmRsN0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9lNTJlMTQtN2FhZC00M2U0LTg4YzQtN2E0MDU0NTUxZmQ0
LzEveV9fSGNmTHRXUHdvSWU1MHphaFRfUzQyeENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTEQMA0G
CSqGSIb3DQEBCwUAA4IBAQAq8i3zNm41+eQQV0RCLwGTyw4MC+5VVZKwPzMZC8E1
+mTjHp4EQ68JbEz9S8GjQ8IjQAwI9nn/+pH4aFHcVNWLjzSaewtOfB8xjmx9SFnz
jWn7wwqy0Rdqz6bq5D2T8444ZzMPvG9Wgn8JKI7jw8X7lJGAFFaDyj+81qH08Ub5
XbyxZAJ6B2YRcIXAIonJU5AlNE0JaCHKToXs6zA5qP3SdCIY+I2xohSTRc9KAPjn
D0AERTJPFwl3tc3TxwmNMD68Dm4RhM+KKSUdmrepnWX0Jf/yFNRAFhqXrm6niwQL
asgrXLOoMsAYDAXD3uncWvBueWx4ybHdzu1Agwwt+VBC
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:27:20 2025 by rpki-client