Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/RxRRhTcTpIzoJhv0lLVeiIwuayY.roa
File: RxRRhTcTpIzoJhv0lLVeiIwuayY.roa (raw, json)
Hash identifier: 08t3bdfhsCh9XS2aU9d/XQmKIoSKr+10tgcwtCKWC+c=
Subject key identifier: 47:14:51:85:37:13:A4:8C:E8:26:1B:F4:94:B5:5E:88:8C:2E:6B:26
Certificate issuer: /CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Certificate serial: 01856F700D8D9C8C8604BF121428BAEB961E
Authority key identifier: D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/RxRRhTcTpIzoJhv0lLVeiIwuayY.roa
Signing time: Sun 01 Jan 2023 22:24:52 +0000
ROA not before: Sun 01 Jan 2023 22:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39500
IP address blocks: 185.154.68.0/24 maxlen: 24
193.47.191.0/24 maxlen: 24
185.154.69.0/24 maxlen: 24
185.154.70.0/24 maxlen: 24
2a07:7f40::/29 maxlen: 29
2001:67c:1f4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:70:0d:8d:9c:8c:86:04:bf:12:14:28:ba:eb:96:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Validity
Not Before: Jan 1 22:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=471451853713a48ce8261bf494b55e888c2e6b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e1:88:e5:04:11:47:bb:70:ef:b7:2b:90:e3:
66:f3:d6:99:c2:87:78:63:62:86:93:85:5e:b0:f8:
4b:90:98:9b:0e:43:91:df:83:f5:c2:6d:c1:9f:db:
86:34:7d:29:c2:30:c9:0c:61:9a:fa:5d:b1:da:a4:
88:2d:74:54:e7:fa:d3:dc:2d:ed:90:c7:33:23:94:
4d:4e:77:1a:1b:42:89:1f:37:4c:82:9d:fc:f3:81:
57:81:f9:f7:90:39:e9:24:e3:0b:7c:86:38:dd:56:
76:68:24:88:51:1a:42:56:f7:70:36:af:34:21:7b:
62:70:e7:4c:29:4b:f3:e6:5d:b7:61:39:8a:4d:fd:
a1:8a:10:7a:11:5f:91:69:7a:e3:f7:48:29:66:30:
0b:5b:dd:45:3b:fa:fb:8e:e0:ab:37:e1:d2:e5:10:
79:67:7f:7a:4f:11:41:b4:a8:b6:38:de:de:22:11:
f8:17:f2:33:d7:f3:98:59:59:f3:47:00:b7:ee:6a:
b4:e7:3f:ed:3a:d2:32:c8:80:27:59:c9:e0:f5:61:
80:3b:2a:7d:2a:10:5d:4f:c6:8f:ea:76:d3:be:ab:
69:60:91:49:8f:7e:38:f6:b0:24:50:f1:d2:f1:d3:
43:9e:5c:40:dd:11:e8:cb:31:87:6e:f4:57:e7:d9:
5e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:14:51:85:37:13:A4:8C:E8:26:1B:F4:94:B5:5E:88:8C:2E:6B:26
X509v3 Authority Key Identifier:
keyid:D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/RxRRhTcTpIzoJhv0lLVeiIwuayY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.68.0-185.154.70.255
193.47.191.0/24
IPv6:
2001:67c:1f4::/48
2a07:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
00:be:e3:9c:df:67:97:34:64:48:7b:86:0f:f6:6e:dd:8f:f0:
b3:48:44:2f:ee:99:82:83:7a:3c:b6:92:a1:33:00:1b:2c:4c:
34:76:fd:1b:eb:0f:21:67:ed:d8:75:b0:cb:69:cb:38:c3:ac:
08:36:30:f9:4e:7f:5a:9f:c4:94:b0:60:bd:1e:74:07:f0:68:
41:8e:08:2e:0f:0e:63:10:6a:66:00:98:fb:7f:bd:db:2d:4a:
61:d0:1c:2a:18:43:30:fd:53:17:54:3b:d0:fb:27:d4:b1:85:
ed:2f:8d:d2:6d:80:2a:90:4c:63:b5:9c:f9:be:b9:d3:7c:37:
4f:67:45:27:6d:e7:c1:a2:dc:46:85:91:dd:78:f4:81:75:5a:
ef:7f:07:99:ef:71:64:6f:18:b8:7f:be:7e:e2:f1:2f:ff:f0:
18:23:83:4f:74:0e:93:29:a5:6e:93:b6:1e:9b:e0:26:ca:18:
69:f1:5a:d6:3e:a9:e1:06:fb:54:bb:12:7b:98:4e:5e:bf:7c:
f7:ac:ee:d4:48:4a:14:4f:99:ca:23:fc:b9:ad:56:cd:e2:4d:
0f:51:11:b6:b4:c3:4a:30:00:a8:0a:c2:1d:55:42:53:36:59:
31:3d:7c:52:fc:f5:98:c3:4d:08:bc:3d:6c:83:e4:56:2a:2c:
5f:ef:e7:21
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvcA2NnIyGBL8SFCi665YeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MjJkOGQ0NWY5ODVkYzM4OTZjOTE3NmE3ZDQ4ZDc2NThj
YjRmNjgwHhcNMjMwMTAxMjIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzE0NTE4NTM3MTNhNDhjZTgyNjFiZjQ5NGI1NWU4ODhjMmU2YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeGI5QQRR7tw77crkONm89aZwod4
Y2KGk4VesPhLkJibDkOR34P1wm3Bn9uGNH0pwjDJDGGa+l2x2qSILXRU5/rT3C3t
kMczI5RNTncaG0KJHzdMgp3884FXgfn3kDnpJOMLfIY43VZ2aCSIURpCVvdwNq80
IXticOdMKUvz5l23YTmKTf2hihB6EV+RaXrj90gpZjALW91FO/r7juCrN+HS5RB5
Z396TxFBtKi2ON7eIhH4F/Iz1/OYWVnzRwC37mq05z/tOtIyyIAnWcng9WGAOyp9
KhBdT8aP6nbTvqtpYJFJj3449rAkUPHS8dNDnlxA3RHoyzGHbvRX59lelQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEcUUYU3E6SM6CYb9JS1XoiMLmsmMB8GA1UdIwQY
MBaAFNki2NRfmF3DiWyRdqfUjXZYy09oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUt
NTRkNWQwNGUzNDZkLzEvUnhSUmhUY1RwSXpvSmh2MGxMVmVpSXd1YXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUtNTRkNWQwNGUzNDZk
LzEvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBAK5mkQD
BAC5mkYDBADBL78wFgQCAAIwEAMHACABBnwB9AMFAyoHf0AwDQYJKoZIhvcNAQEL
BQADggEBAAC+45zfZ5c0ZEh7hg/2bt2P8LNIRC/umYKDejy2kqEzABssTDR2/Rvr
DyFn7dh1sMtpyzjDrAg2MPlOf1qfxJSwYL0edAfwaEGOCC4PDmMQamYAmPt/vdst
SmHQHCoYQzD9UxdUO9D7J9Sxhe0vjdJtgCqQTGO1nPm+udN8N09nRSdt58Gi3EaF
kd149IF1Wu9/B5nvcWRvGLh/vn7i8S//8Bgjg090DpMppW6Tth6b4CbKGGnxWtY+
qeEG+1S7EnuYTl6/fPes7tRIShRPmcoj/LmtVs3iTQ9REba0w0owAKgKwh1VQlM2
WTE9fFL89ZjDTQi8PWyD5FYqLF/v5yE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:12 2025 by rpki-client