Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/dc35eb-6ecf-4452-8599-70d59cc4f7cc/1/Y7LCldyRjwXpHWfe-OC5fLm9W_Y.roa
File: Y7LCldyRjwXpHWfe-OC5fLm9W_Y.roa (raw, json)
Hash identifier: Nwk3P1FF9XF/ntgL5oDc9mMWeMnMv+QaVSMDG15zIrQ=
Subject key identifier: 63:B2:C2:95:DC:91:8F:05:E9:1D:67:DE:F8:E0:B9:7C:B9:BD:5B:F6
Certificate issuer: /CN=f0bfad31c14c93daa5344ba04f4b52354696dfaf
Certificate serial: 01856D4AC7D81A5AADB871461B4B74E0F2B1
Authority key identifier: F0:BF:AD:31:C1:4C:93:DA:A5:34:4B:A0:4F:4B:52:35:46:96:DF:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8L-tMcFMk9qlNEugT0tSNUaW368.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/dc35eb-6ecf-4452-8599-70d59cc4f7cc/1/Y7LCldyRjwXpHWfe-OC5fLm9W_Y.roa
Signing time: Sun 01 Jan 2023 12:24:55 +0000
ROA not before: Sun 01 Jan 2023 12:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43181
IP address blocks: 185.169.149.0/24 maxlen: 24
185.169.148.0/22 maxlen: 24
185.169.151.0/24 maxlen: 24
185.169.148.0/24 maxlen: 24
185.169.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:c7:d8:1a:5a:ad:b8:71:46:1b:4b:74:e0:f2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0bfad31c14c93daa5344ba04f4b52354696dfaf
Validity
Not Before: Jan 1 12:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63b2c295dc918f05e91d67def8e0b97cb9bd5bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:59:3a:69:b9:a8:86:8e:16:4b:9b:32:13:65:
96:e6:73:ba:d3:0d:2c:77:bd:41:96:d1:84:e9:55:
8d:7d:74:ee:a1:c3:c0:3b:19:ed:f4:70:3d:35:1d:
1d:30:b5:24:f9:2f:9f:09:6f:00:d1:94:e0:8d:ff:
2e:02:4e:5f:d9:e7:e6:8a:62:b2:aa:0e:53:a4:f0:
1e:49:86:fc:62:54:46:e8:ef:dc:f6:42:f7:1e:92:
cd:13:54:d6:db:98:63:43:3f:f5:b6:a0:35:2f:46:
91:c0:11:6e:6a:34:c4:41:69:f0:38:4b:67:f4:0c:
d3:97:2e:d6:65:9a:15:44:32:dd:ea:47:90:61:6b:
3f:ae:10:9c:73:b9:2c:88:48:8c:32:cb:45:6b:ef:
cb:f1:02:d4:fd:b8:64:83:5a:1e:6f:41:6c:6e:b2:
e0:3d:70:5c:69:d4:16:03:91:99:3d:2b:21:98:ec:
42:7b:5c:01:89:1d:0f:50:82:fc:e8:72:3f:42:b1:
25:11:98:04:89:e0:7d:b8:c9:73:5b:1b:f2:f2:90:
ff:e9:0d:5a:42:e8:48:28:a3:64:fc:2d:21:ff:6b:
ae:05:f5:62:0a:4d:22:f8:81:85:e0:dc:43:48:5b:
ea:62:07:6e:36:a6:c2:bd:83:64:05:d2:46:93:13:
44:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B2:C2:95:DC:91:8F:05:E9:1D:67:DE:F8:E0:B9:7C:B9:BD:5B:F6
X509v3 Authority Key Identifier:
keyid:F0:BF:AD:31:C1:4C:93:DA:A5:34:4B:A0:4F:4B:52:35:46:96:DF:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8L-tMcFMk9qlNEugT0tSNUaW368.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/dc35eb-6ecf-4452-8599-70d59cc4f7cc/1/Y7LCldyRjwXpHWfe-OC5fLm9W_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/dc35eb-6ecf-4452-8599-70d59cc4f7cc/1/8L-tMcFMk9qlNEugT0tSNUaW368.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.148.0/22
Signature Algorithm: sha256WithRSAEncryption
28:93:02:3f:0d:3d:8f:1e:12:09:b5:d2:6b:cc:57:ea:2e:7f:
7f:3e:9f:0f:90:6c:18:62:42:5d:ae:f5:cf:4e:e1:ee:c9:83:
1e:99:5c:a5:e0:0a:be:52:66:8d:7b:91:b9:c6:85:7b:82:86:
24:b5:f4:85:65:76:39:e5:15:ed:c9:c8:cd:14:a5:a3:dc:a0:
b5:21:8c:aa:27:eb:6b:e1:6a:22:71:41:bc:94:ed:c0:de:b4:
1f:e3:15:b7:f4:63:73:ab:f9:d2:cc:df:bc:47:41:57:94:09:
48:55:60:ae:ad:d1:84:a7:37:9f:14:9a:60:3f:28:37:9e:9c:
55:17:52:17:98:f3:4b:cc:51:d3:17:c3:5e:9a:0f:01:f3:49:
8f:3f:ca:45:3d:19:36:4b:46:4d:7f:69:e6:93:ad:d3:90:1f:
12:3e:7e:0a:4b:76:84:e5:76:91:ab:0e:00:e8:65:0d:07:cc:
da:ff:48:f8:d1:c5:2a:73:f1:67:0d:93:0b:df:21:4c:7b:d8:
94:52:19:c7:d3:5a:e6:82:74:df:f5:bc:88:66:79:b3:e2:19:
44:db:97:7e:df:68:55:9b:c4:56:69:c4:11:a6:2f:1a:53:41:
67:de:af:cd:06:bd:f1:fb:8d:f3:99:5e:9d:97:04:c9:75:dd:
fd:c2:36:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSsfYGlqtuHFGG0t04PKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYmZhZDMxYzE0YzkzZGFhNTM0NGJhMDRmNGI1MjM1NDY5
NmRmYWYwHhcNMjMwMTAxMTIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2IyYzI5NWRjOTE4ZjA1ZTkxZDY3ZGVmOGUwYjk3Y2I5YmQ1YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslk6abmoho4WS5syE2WW5nO60w0s
d71BltGE6VWNfXTuocPAOxnt9HA9NR0dMLUk+S+fCW8A0ZTgjf8uAk5f2efmimKy
qg5TpPAeSYb8YlRG6O/c9kL3HpLNE1TW25hjQz/1tqA1L0aRwBFuajTEQWnwOEtn
9AzTly7WZZoVRDLd6keQYWs/rhCcc7ksiEiMMstFa+/L8QLU/bhkg1oeb0FsbrLg
PXBcadQWA5GZPSshmOxCe1wBiR0PUIL86HI/QrElEZgEieB9uMlzWxvy8pD/6Q1a
QuhIKKNk/C0h/2uuBfViCk0i+IGF4NxDSFvqYgduNqbCvYNkBdJGkxNEqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOywpXckY8F6R1n3vjguXy5vVv2MB8GA1UdIwQY
MBaAFPC/rTHBTJPapTRLoE9LUjVGlt+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEwtdE1jRk1rOXFsTkV1Z1QwdFNOVWFXMzY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9kYzM1ZWItNmVjZi00NDUyLTg1OTkt
NzBkNTljYzRmN2NjLzEvWTdMQ2xkeVJqd1hwSFdmZS1PQzVmTG05V19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9kYzM1ZWItNmVjZi00NDUyLTg1OTktNzBkNTljYzRmN2Nj
LzEvOEwtdE1jRk1rOXFsTkV1Z1QwdFNOVWFXMzY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuamUMA0G
CSqGSIb3DQEBCwUAA4IBAQAokwI/DT2PHhIJtdJrzFfqLn9/Pp8PkGwYYkJdrvXP
TuHuyYMemVyl4Aq+UmaNe5G5xoV7goYktfSFZXY55RXtycjNFKWj3KC1IYyqJ+tr
4WoicUG8lO3A3rQf4xW39GNzq/nSzN+8R0FXlAlIVWCurdGEpzefFJpgPyg3npxV
F1IXmPNLzFHTF8Nemg8B80mPP8pFPRk2S0ZNf2nmk63TkB8SPn4KS3aE5XaRqw4A
6GUNB8za/0j40cUqc/FnDZML3yFMe9iUUhnH01rmgnTf9byIZnmz4hlE25d+32hV
m8RWacQRpi8aU0Fn3q/NBr3x+43zmV6dlwTJdd39wjbc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:54 2025 by rpki-client