Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/d0n9mTMYu-4Ai4yf8FXIViE0BC4.roa
File: d0n9mTMYu-4Ai4yf8FXIViE0BC4.roa (raw, json)
Hash identifier: zFiKT4BmFXn9eM1G9KuIBi4b7+XQJTOHBCkA0JreBpU=
Subject key identifier: 77:49:FD:99:33:18:BB:EE:00:8B:8C:9F:F0:55:C8:56:21:34:04:2E
Certificate issuer: /CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Certificate serial: 062FAA42
Authority key identifier: B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/d0n9mTMYu-4Ai4yf8FXIViE0BC4.roa
Signing time: Sat 01 Jan 2022 00:50:18 +0000
ROA not before: Sat 01 Jan 2022 00:50:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48095
IP address blocks: 185.204.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103787074 (0x62faa42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Validity
Not Before: Jan 1 00:50:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7749fd993318bbee008b8c9ff055c8562134042e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:02:4e:72:ff:38:f5:de:44:40:ac:59:89:44:
2b:65:79:9b:65:58:ca:19:df:d4:cd:4a:28:5a:99:
ac:1f:62:25:eb:25:80:96:89:60:00:10:3d:6f:02:
3c:5f:31:b2:05:d5:95:98:3d:0e:dc:79:36:08:c4:
9c:94:d4:ed:bd:18:ad:00:cf:c1:60:8c:47:c7:0f:
36:b0:fa:58:a4:2a:85:07:c5:a1:48:d5:dd:5b:5c:
46:1b:df:20:7e:a6:97:68:ec:7b:9d:28:27:30:a7:
69:14:72:79:d8:3c:58:07:15:cc:c1:22:d5:03:9c:
f9:7e:8f:7a:47:12:87:43:0c:c0:94:6c:0b:b3:7e:
ed:d7:1b:78:4d:b9:c9:cf:72:cb:8a:7a:44:29:18:
f0:d5:ae:71:20:ab:af:0f:10:b4:5a:99:37:3f:ad:
05:ae:7c:33:ea:ba:84:02:48:51:8f:74:c5:28:b7:
4f:5f:7a:2b:0c:0a:21:6b:8f:11:1e:a5:8e:90:9d:
bf:c8:8e:9e:b2:13:6b:83:2a:c8:b4:a3:73:24:75:
10:4d:a9:a5:e0:46:bf:e7:2e:67:fd:b6:a6:89:ae:
4d:8b:5c:91:da:43:13:87:4b:14:3c:c3:bf:b1:70:
e3:96:49:8a:d5:4f:4f:f4:26:8d:14:37:04:4d:03:
c9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:49:FD:99:33:18:BB:EE:00:8B:8C:9F:F0:55:C8:56:21:34:04:2E
X509v3 Authority Key Identifier:
keyid:B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/d0n9mTMYu-4Ai4yf8FXIViE0BC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.148.0/22
Signature Algorithm: sha256WithRSAEncryption
86:95:66:5e:5d:ae:27:4c:7c:65:cc:15:f2:0f:0d:3b:25:e7:
20:80:a3:52:72:1a:d9:d0:f2:59:fd:96:3e:24:f1:0e:ae:8a:
2a:18:fe:6e:97:33:64:14:c0:d9:e8:eb:84:c6:59:9a:f9:39:
61:dc:f0:c2:ef:c8:d4:a3:58:27:ee:e1:49:e1:4e:25:a1:6f:
f5:e5:32:0d:a7:33:32:0c:ba:7a:40:69:31:0e:c9:38:c6:c5:
3c:e2:83:80:2a:8e:e9:59:50:7e:55:04:53:d5:f5:de:d5:91:
45:6c:6c:cf:8f:2a:e4:e2:3e:41:78:2d:ef:df:a3:1f:41:49:
2b:f4:1c:64:20:7e:8a:17:e9:39:15:ad:a0:d3:d4:1d:3a:20:
de:29:ac:06:ab:0f:24:b2:77:fe:07:45:ab:e5:30:d2:6c:e3:
02:c9:3e:9c:40:9c:0a:0b:7a:25:fe:ef:b8:74:cd:0b:0f:9e:
62:ae:45:79:94:66:41:5d:e9:82:c6:af:7c:a7:2f:aa:0f:bc:
6f:c2:92:2b:2e:84:1d:db:89:14:2b:ba:bb:5f:0a:ff:fd:42:
2c:ca:b8:5f:a4:5c:07:2f:2a:83:85:a1:e1:5b:a6:86:fb:f7:
95:86:3a:5d:12:88:8b:0b:76:46:73:6c:a6:0f:c6:95:b4:1c:
22:bb:e5:14
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBi+qQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MzNkY2QyMGI1YWU5NWMxNzJkMzJlZDcyOWViZjMwNjE5N2IyM2U3MB4XDTIyMDEw
MTAwNTAxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc0OWZkOTkzMzE4
YmJlZTAwOGI4YzlmZjA1NWM4NTYyMTM0MDQyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIMCTnL/OPXeRECsWYlEK2V5m2VYyhnf1M1KKFqZrB9iJesl
gJaJYAAQPW8CPF8xsgXVlZg9Dtx5NgjEnJTU7b0YrQDPwWCMR8cPNrD6WKQqhQfF
oUjV3VtcRhvfIH6ml2jse50oJzCnaRRyedg8WAcVzMEi1QOc+X6PekcSh0MMwJRs
C7N+7dcbeE25yc9yy4p6RCkY8NWucSCrrw8QtFqZNz+tBa58M+q6hAJIUY90xSi3
T196KwwKIWuPER6ljpCdv8iOnrITa4MqyLSjcyR1EE2ppeBGv+cuZ/22pomuTYtc
kdpDE4dLFDzDv7Fw45ZJitVPT/QmjRQ3BE0DyR0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR3Sf2ZMxi77gCLjJ/wVchWITQELjAfBgNVHSMEGDAWgBSzPc0gta6VwXLT
Ltcp6/MGGXsj5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N6M05JTFd1bGNGeTB5N1hLZXZ6QmhsN0ktYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvMGFjM2JhLTU0ZDMtNDkxZi05MDQ4LTU1NWExOTgzM2Q4ZS8x
L2QwbjltVE1ZdS00QWk0eWY4RlhJVmlFMEJDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
MGFjM2JhLTU0ZDMtNDkxZi05MDQ4LTU1NWExOTgzM2Q4ZS8xL3N6M05JTFd1bGNG
eTB5N1hLZXZ6QmhsN0ktYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnMlDANBgkqhkiG9w0BAQsFAAOC
AQEAhpVmXl2uJ0x8ZcwV8g8NOyXnIICjUnIa2dDyWf2WPiTxDq6KKhj+bpczZBTA
2ejrhMZZmvk5Ydzwwu/I1KNYJ+7hSeFOJaFv9eUyDaczMgy6ekBpMQ7JOMbFPOKD
gCqO6VlQflUEU9X13tWRRWxsz48q5OI+QXgt79+jH0FJK/QcZCB+ihfpORWtoNPU
HTog3imsBqsPJLJ3/gdFq+Uw0mzjAsk+nECcCgt6Jf7vuHTNCw+eYq5FeZRmQV3p
gsavfKcvqg+8b8KSKy6EHduJFCu6u18K//1CLMq4X6RcBy8qg4Wh4Vumhvv3lYY6
XRKIiwt2RnNspg/GlbQcIrvlFA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:42 2025 by rpki-client