Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/50xMGbsf9x1wETZtwbuL1z7Bh98.roa
File: 50xMGbsf9x1wETZtwbuL1z7Bh98.roa (raw, json)
Hash identifier: nrG/PkjqkOqe/lOpExORMCvvnA1Fx8/CYZgvS6es6y4=
Subject key identifier: E7:4C:4C:19:BB:1F:F7:1D:70:11:36:6D:C1:BB:8B:D7:3E:C1:87:DF
Certificate issuer: /CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Certificate serial: 0226ABC1
Authority key identifier: 1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/50xMGbsf9x1wETZtwbuL1z7Bh98.roa
Signing time: Sat 01 Jan 2022 14:03:57 +0000
ROA not before: Sat 01 Jan 2022 14:03:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396982
IP address blocks: 185.146.175.0/24 maxlen: 24
185.146.174.0/24 maxlen: 24
185.146.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36088769 (0x226abc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Validity
Not Before: Jan 1 14:03:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e74c4c19bb1ff71d7011366dc1bb8bd73ec187df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:31:7a:2a:bd:6d:fd:01:36:be:33:cd:af:b4:
60:b1:41:6f:a6:9b:5a:de:77:1a:a3:ee:c2:67:a3:
41:bc:d4:67:09:62:b7:7f:4b:81:5d:f5:f1:4d:5a:
29:03:d8:5c:83:d1:75:4b:a5:0e:3e:ce:4e:19:91:
3d:c2:8b:e1:43:6d:98:b8:cc:c0:f8:40:b4:ce:63:
3f:44:3f:1f:65:00:e9:23:be:38:51:ae:45:b2:40:
09:38:aa:23:ea:bc:ec:01:57:0f:f3:45:7b:e0:87:
33:94:67:5d:dd:17:de:f3:18:b7:be:ae:ac:7d:85:
c6:b8:96:b1:b1:c6:49:9e:18:6e:e4:f1:c6:99:29:
b2:09:29:8a:6d:15:cb:97:bb:92:f0:19:b4:0a:e7:
df:e1:b0:d6:a0:18:3f:cc:82:65:e7:bb:60:58:67:
6b:dc:e4:d1:d5:0c:3c:e7:35:13:18:32:67:93:d1:
5e:b1:83:1b:30:27:c3:8e:eb:d7:be:64:b8:1c:a5:
22:f7:ed:c4:9d:58:36:63:6e:79:ee:16:b3:55:2c:
e1:26:3a:4a:34:d2:2f:6c:9c:76:b3:d2:ea:e9:d1:
80:39:bf:2b:16:04:e0:ba:95:bd:54:8f:c1:71:3d:
b2:b3:ea:fc:cd:51:16:8a:17:42:6c:15:63:8d:c0:
98:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4C:4C:19:BB:1F:F7:1D:70:11:36:6D:C1:BB:8B:D7:3E:C1:87:DF
X509v3 Authority Key Identifier:
keyid:1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/50xMGbsf9x1wETZtwbuL1z7Bh98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.173.0-185.146.175.255
Signature Algorithm: sha256WithRSAEncryption
a8:34:88:1f:f2:49:7b:5b:4d:c7:cc:5d:50:db:02:17:a3:12:
ef:97:52:22:ad:74:f5:a1:44:e9:48:1a:05:e7:03:60:fb:04:
68:59:8f:15:6f:a3:22:f9:24:8d:1c:2b:9c:42:ff:84:a7:89:
ee:9c:e6:dd:16:01:44:43:c5:ae:31:4e:3d:f1:01:18:66:56:
64:51:a5:99:7b:58:59:22:d0:8b:68:60:3b:10:15:40:5f:1d:
93:98:2e:fb:9c:e9:c6:5b:e0:b3:d0:17:8b:47:f1:35:7c:17:
8a:70:21:bf:bf:7c:75:30:04:00:d9:32:d2:69:0a:77:49:66:
c5:44:5f:f5:71:10:58:bf:99:a6:31:81:21:a0:51:13:44:63:
36:6a:6a:40:c5:04:a4:0e:d5:d1:9a:90:01:4f:43:22:98:64:
eb:3a:d0:80:49:64:f1:73:48:95:7d:5f:5b:d4:62:d5:ff:67:
91:d7:3f:61:63:7e:38:03:55:7e:95:4e:bc:4b:69:fc:74:b5:
e1:1d:95:a2:cc:85:f2:81:c9:f4:bc:06:a1:ff:6f:fd:0e:b3:
09:a3:80:9a:cb:a6:02:bf:48:0e:c2:e7:73:1f:11:7b:d9:5b:
fa:d4:6b:4b:d7:ba:eb:91:ce:d0:d8:09:1c:bd:38:51:31:54:
94:e7:fa:ca
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAiarwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTA0ODlkYzljMGE3NGMyZWQ1M2UxZDllMWZiZmRkOGM4NzczYjk0MB4XDTIyMDEw
MTE0MDM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTc0YzRjMTliYjFm
ZjcxZDcwMTEzNjZkYzFiYjhiZDczZWMxODdkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsxeiq9bf0BNr4zza+0YLFBb6abWt53GqPuwmejQbzUZwli
t39LgV318U1aKQPYXIPRdUulDj7OThmRPcKL4UNtmLjMwPhAtM5jP0Q/H2UA6SO+
OFGuRbJACTiqI+q87AFXD/NFe+CHM5RnXd0X3vMYt76urH2FxriWsbHGSZ4YbuTx
xpkpsgkpim0Vy5e7kvAZtArn3+Gw1qAYP8yCZee7YFhna9zk0dUMPOc1ExgyZ5PR
XrGDGzAnw47r175kuBylIvftxJ1YNmNuee4Ws1Us4SY6SjTSL2ycdrPS6unRgDm/
KxYE4LqVvVSPwXE9srPq/M1RFooXQmwVY43AmL0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTnTEwZux/3HXARNm3Bu4vXPsGH3zAfBgNVHSMEGDAWgBQaBIncnAp0wu1T
4dnh+/3YyHc7lDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dnU0ozSndLZE1MdFUtSFo0ZnY5Mk1oM081US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvMTFjNTJjLTQxYWEtNGU5NS1hZDY3LWEwMjFhNjNkZGZjMy8x
LzUweE1HYnNmOXgxd0VUWnR3YnVMMXo3Qmg5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
MTFjNTJjLTQxYWEtNGU5NS1hZDY3LWEwMjFhNjNkZGZjMy8xL0dnU0ozSndLZE1M
dFUtSFo0ZnY5Mk1oM081US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAuZKtAwQEuZKgMA0GCSqGSIb3
DQEBCwUAA4IBAQCoNIgf8kl7W03HzF1Q2wIXoxLvl1IirXT1oUTpSBoF5wNg+wRo
WY8Vb6Mi+SSNHCucQv+Ep4nunObdFgFEQ8WuMU498QEYZlZkUaWZe1hZItCLaGA7
EBVAXx2TmC77nOnGW+Cz0BeLR/E1fBeKcCG/v3x1MAQA2TLSaQp3SWbFRF/1cRBY
v5mmMYEhoFETRGM2ampAxQSkDtXRmpABT0MimGTrOtCASWTxc0iVfV9b1GLV/2eR
1z9hY344A1V+lU68S2n8dLXhHZWizIXygcn0vAah/2/9DrMJo4Cay6YCv0gOwudz
HxF72Vv61GtL17rrkc7Q2AkcvThRMVSU5/rK
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:04:25 2025 by rpki-client