Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/1WnbMxT2YIgOvDmNyDa3fSOsxNI.roa
File: 1WnbMxT2YIgOvDmNyDa3fSOsxNI.roa (raw, json)
Hash identifier: hJS51mcuYrDkKmBQfMFUCKCuPrL0wlRorlR/iB6nib4=
Subject key identifier: D5:69:DB:33:14:F6:60:88:0E:BC:39:8D:C8:36:B7:7D:23:AC:C4:D2
Certificate issuer: /CN=8f5ea8379bca44f4f6a7f4b69864cd9b02a27b12
Certificate serial: 0BB7209E
Authority key identifier: 8F:5E:A8:37:9B:CA:44:F4:F6:A7:F4:B6:98:64:CD:9B:02:A2:7B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j16oN5vKRPT2p_S2mGTNmwKiexI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/1WnbMxT2YIgOvDmNyDa3fSOsxNI.roa
Signing time: Sat 01 Jan 2022 04:55:27 +0000
ROA not before: Sat 01 Jan 2022 04:55:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43395
IP address blocks: 185.46.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196550814 (0xbb7209e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f5ea8379bca44f4f6a7f4b69864cd9b02a27b12
Validity
Not Before: Jan 1 04:55:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d569db3314f660880ebc398dc836b77d23acc4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:42:dd:8e:c1:ca:c9:2f:c8:f8:22:3e:4a:9d:
9c:bc:74:ca:73:99:08:7e:89:5e:3d:81:40:36:57:
57:44:f4:e3:c4:8b:5c:5b:b6:d0:8f:eb:3c:6d:4b:
f9:46:18:35:ba:2e:23:59:dd:13:2e:8d:55:df:19:
f0:3a:d0:bf:9b:e2:44:6f:76:aa:9d:99:51:f1:00:
b7:14:fc:4c:5c:c3:1c:e9:ff:d4:ce:7a:8c:ba:7b:
d0:8e:60:bf:48:ba:5b:90:34:aa:72:ef:10:76:65:
e1:a4:a3:10:04:99:e3:bf:72:a8:21:5a:45:14:e8:
40:ff:f2:2c:87:f8:43:20:c4:bf:ce:6a:1f:bc:3d:
65:a2:b8:ac:6d:7a:7e:fc:30:5c:7b:99:ec:c3:75:
65:2d:2a:f5:14:d1:c1:6b:ce:ba:ef:3c:e7:88:8c:
fa:33:43:de:8d:8d:80:45:00:a9:85:a7:ae:5a:a2:
74:bf:73:d8:ad:90:3c:32:8d:8d:c2:8b:b1:7c:9f:
5b:0c:3f:86:bb:53:fa:71:8b:46:e9:72:af:94:85:
1a:04:14:ae:b6:cc:c5:d9:ab:5f:48:7a:59:12:1d:
fb:64:88:d9:18:51:77:ed:0f:8f:33:c5:c9:51:b2:
5d:22:1b:88:82:5e:24:33:b9:36:73:7f:9b:69:df:
e4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:69:DB:33:14:F6:60:88:0E:BC:39:8D:C8:36:B7:7D:23:AC:C4:D2
X509v3 Authority Key Identifier:
keyid:8F:5E:A8:37:9B:CA:44:F4:F6:A7:F4:B6:98:64:CD:9B:02:A2:7B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j16oN5vKRPT2p_S2mGTNmwKiexI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/1WnbMxT2YIgOvDmNyDa3fSOsxNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/j16oN5vKRPT2p_S2mGTNmwKiexI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.108.0/22
Signature Algorithm: sha256WithRSAEncryption
08:05:d3:7c:28:3d:a1:64:e0:1a:0a:22:b4:9d:4c:32:b6:af:
ad:57:50:c0:08:57:93:05:63:b1:50:d8:a2:54:bd:15:4b:a1:
51:ee:fc:13:3f:28:58:5a:8d:3b:11:d7:f0:fd:8d:91:1e:92:
e7:a3:e9:36:07:85:3c:52:18:72:76:da:a9:00:14:37:4c:e8:
57:78:a2:04:b9:de:5f:8d:ac:b9:95:ca:8e:a1:ea:29:1c:0d:
b5:37:e1:35:9e:40:2d:09:d9:a5:2d:d0:fb:fa:67:4f:f4:43:
84:0f:56:31:86:f6:d4:3d:d0:a0:dc:59:f3:08:d0:af:a1:80:
05:d0:16:58:e5:d8:97:71:4a:ab:ce:18:ab:b4:29:e3:f4:1b:
e6:07:b9:d2:cf:5c:19:04:9a:95:f3:14:86:d1:13:23:b7:43:
d1:02:35:be:31:2c:d7:3e:68:77:b6:65:d0:49:a6:32:24:9e:
dd:10:b7:b5:32:c6:be:51:ae:63:a1:bd:0c:17:bb:a9:cc:32:
db:ba:d0:4b:a7:26:f0:03:db:bb:9a:93:34:f4:4d:d1:c9:99:
28:1a:24:f3:9e:57:b3:37:03:85:8d:47:4e:67:dd:85:00:35:
28:75:78:db:75:ec:58:92:f5:73:21:91:57:cd:56:75:b2:ac:
0c:3d:ab:5c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC7cgnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjVlYTgzNzliY2E0NGY0ZjZhN2Y0YjY5ODY0Y2Q5YjAyYTI3YjEyMB4XDTIyMDEw
MTA0NTUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU2OWRiMzMxNGY2
NjA4ODBlYmMzOThkYzgzNmI3N2QyM2FjYzRkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdC3Y7ByskvyPgiPkqdnLx0ynOZCH6JXj2BQDZXV0T048SL
XFu20I/rPG1L+UYYNbouI1ndEy6NVd8Z8DrQv5viRG92qp2ZUfEAtxT8TFzDHOn/
1M56jLp70I5gv0i6W5A0qnLvEHZl4aSjEASZ479yqCFaRRToQP/yLIf4QyDEv85q
H7w9ZaK4rG16fvwwXHuZ7MN1ZS0q9RTRwWvOuu8854iM+jND3o2NgEUAqYWnrlqi
dL9z2K2QPDKNjcKLsXyfWww/hrtT+nGLRulyr5SFGgQUrrbMxdmrX0h6WRId+2SI
2RhRd+0PjzPFyVGyXSIbiIJeJDO5NnN/m2nf5FkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVadszFPZgiA68OY3INrd9I6zE0jAfBgNVHSMEGDAWgBSPXqg3m8pE9Pan
9LaYZM2bAqJ7EjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2oxNm9ONXZLUlBUMnBfUzJtR1RObXdLaWV4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvNDAyZDQzLWU5OWMtNDExMi1hMDM4LWVjYmI5NDQyZjU4OS8x
LzFXbmJNeFQyWUlnT3ZEbU55RGEzZlNPc3hOSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
NDAyZDQzLWU5OWMtNDExMi1hMDM4LWVjYmI5NDQyZjU4OS8xL2oxNm9ONXZLUlBU
MnBfUzJtR1RObXdLaWV4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkubDANBgkqhkiG9w0BAQsFAAOC
AQEACAXTfCg9oWTgGgoitJ1MMravrVdQwAhXkwVjsVDYolS9FUuhUe78Ez8oWFqN
OxHX8P2NkR6S56PpNgeFPFIYcnbaqQAUN0zoV3iiBLneX42suZXKjqHqKRwNtTfh
NZ5ALQnZpS3Q+/pnT/RDhA9WMYb21D3QoNxZ8wjQr6GABdAWWOXYl3FKq84Yq7Qp
4/Qb5ge50s9cGQSalfMUhtETI7dD0QI1vjEs1z5od7Zl0EmmMiSe3RC3tTLGvlGu
Y6G9DBe7qcwy27rQS6cm8APbu5qTNPRN0cmZKBok855XszcDhY1HTmfdhQA1KHV4
23XsWJL1cyGRV81WdbKsDD2rXA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:48 2025 by rpki-client