Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/RvgYWvRtTtaYklakqnAFOeurrJw.roa
File: RvgYWvRtTtaYklakqnAFOeurrJw.roa (raw, json)
Hash identifier: KizRh8VPVL/TZ+ykD/5KmT44ns5YFKWMgTon9aG2LbY=
Subject key identifier: 46:F8:18:5A:F4:6D:4E:D6:98:92:56:A4:AA:70:05:39:EB:AB:AC:9C
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 0184849678885D831A97969C6D699A93FB94
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/RvgYWvRtTtaYklakqnAFOeurrJw.roa
Signing time: Thu 17 Nov 2022 07:56:04 +0000
ROA not before: Thu 17 Nov 2022 07:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203593
IP address blocks: 185.129.253.0/24 maxlen: 24
185.129.252.0/24 maxlen: 24
185.129.254.0/24 maxlen: 24
185.129.255.0/24 maxlen: 24
213.244.41.0/24 maxlen: 24
157.97.163.0/24 maxlen: 24
213.244.40.0/24 maxlen: 24
193.254.202.0/24 maxlen: 24
193.254.203.0/24 maxlen: 24
2a06:d680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:96:78:88:5d:83:1a:97:96:9c:6d:69:9a:93:fb:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: Nov 17 07:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46f8185af46d4ed6989256a4aa700539ebabac9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6c:ca:47:76:f7:fa:81:5d:2a:e8:8e:ab:ca:
f1:73:12:a8:3a:c6:df:7f:3b:fd:f7:dc:57:bd:fe:
21:5a:a0:06:56:38:1f:d6:2e:33:ce:18:19:0b:0c:
0a:01:26:7f:d1:73:6d:8d:78:cd:e9:88:8d:cf:32:
16:26:35:29:ba:2a:16:c3:70:e8:39:40:df:2a:78:
38:38:f5:48:de:4e:ff:84:ce:28:7d:0a:9c:c8:65:
ef:54:4d:d4:68:fe:34:d1:3e:e3:cb:d6:d0:7f:f6:
77:43:1a:56:da:b2:fc:d9:82:f5:b2:9a:77:aa:c0:
af:29:29:8c:2c:0d:2f:ca:b8:4c:aa:95:5b:38:d2:
fc:49:9b:5a:90:2b:02:43:e8:36:3e:df:e5:98:ff:
07:f4:fc:0b:af:ca:16:a8:67:6d:94:c9:08:e9:e1:
c6:92:e4:10:52:9a:fa:52:ba:14:8d:47:12:84:ff:
17:9a:aa:52:fa:ea:7b:a7:f1:96:db:7c:49:70:05:
93:5b:33:e4:c3:ba:03:36:32:4b:da:16:b1:2a:93:
42:64:7a:12:47:ef:e3:33:6d:12:b4:be:52:12:7b:
a9:44:9f:a6:57:03:f6:8b:52:8a:41:eb:02:ae:21:
85:b7:29:90:f6:97:de:a2:19:13:20:8b:59:69:d4:
94:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F8:18:5A:F4:6D:4E:D6:98:92:56:A4:AA:70:05:39:EB:AB:AC:9C
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/RvgYWvRtTtaYklakqnAFOeurrJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.252.0/22
193.254.202.0/23
213.244.40.0/23
IPv6:
2a06:d680::/29
Signature Algorithm: sha256WithRSAEncryption
2e:3d:47:cf:3a:f1:de:66:ab:47:39:e8:13:29:21:38:ac:f0:
00:d8:7a:af:08:55:11:27:db:b3:64:04:92:13:ed:c1:c2:76:
26:3f:74:e4:eb:02:ff:e2:8c:45:f7:da:18:a7:59:97:3d:9e:
7b:6a:60:ac:2a:84:06:40:42:ef:0b:0c:5f:5f:d3:8a:47:37:
2d:fe:36:26:ff:dc:fd:ea:52:ad:ec:4d:2a:81:26:12:29:39:
4d:6b:87:36:d3:58:b5:c4:43:f6:8e:c4:bb:61:2a:7c:75:4c:
df:39:b6:c4:f9:00:aa:d0:25:f7:31:46:a6:d0:15:f8:5c:d5:
04:75:e4:8f:c9:ea:e1:6d:9a:e4:30:51:66:30:fa:b6:11:36:
39:c4:c5:68:b5:f8:01:c3:54:2d:00:7b:b0:fe:fc:1e:94:44:
79:d7:d7:4d:e6:a6:66:d9:10:51:50:0a:df:5c:f1:5c:bc:44:
9c:88:0d:8e:29:e1:47:63:49:77:aa:0c:50:2c:4a:bb:46:d1:
19:59:b1:89:dc:d1:ff:55:11:8d:4c:6f:52:30:ec:70:66:48:
9f:0d:85:16:95:1d:e5:62:7e:ea:d4:a1:43:75:91:96:67:7a:
c9:93:97:ec:aa:2c:9e:3f:59:d7:16:96:7a:30:43:7e:40:a5:
7f:66:c6:d1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYSElniIXYMal5acbWmak/uUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjIxMTE3MDc1NjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmY4MTg1YWY0NmQ0ZWQ2OTg5MjU2YTRhYTcwMDUzOWViYWJhYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGzKR3b3+oFdKuiOq8rxcxKoOsbf
fzv999xXvf4hWqAGVjgf1i4zzhgZCwwKASZ/0XNtjXjN6YiNzzIWJjUpuioWw3Do
OUDfKng4OPVI3k7/hM4ofQqcyGXvVE3UaP400T7jy9bQf/Z3QxpW2rL82YL1spp3
qsCvKSmMLA0vyrhMqpVbONL8SZtakCsCQ+g2Pt/lmP8H9PwLr8oWqGdtlMkI6eHG
kuQQUpr6UroUjUcShP8XmqpS+up7p/GW23xJcAWTWzPkw7oDNjJL2haxKpNCZHoS
R+/jM20StL5SEnupRJ+mVwP2i1KKQesCriGFtymQ9pfeohkTIItZadSUAQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEb4GFr0bU7WmJJWpKpwBTnrq6ycMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvUnZnWVd2UnRUdGFZa2xha3FuQUZPZXVyckp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAnWGjAwQC
uYH8AwQBwf7KAwQB1fQoMA0EAgACMAcDBQMqBtaAMA0GCSqGSIb3DQEBCwUAA4IB
AQAuPUfPOvHeZqtHOegTKSE4rPAA2HqvCFURJ9uzZASSE+3BwnYmP3Tk6wL/4oxF
99oYp1mXPZ57amCsKoQGQELvCwxfX9OKRzct/jYm/9z96lKt7E0qgSYSKTlNa4c2
01i1xEP2jsS7YSp8dUzfObbE+QCq0CX3MUam0BX4XNUEdeSPyerhbZrkMFFmMPq2
ETY5xMVotfgBw1QtAHuw/vwelER519dN5qZm2RBRUArfXPFcvESciA2OKeFHY0l3
qgxQLEq7RtEZWbGJ3NH/VRGNTG9SMOxwZkifDYUWlR3lYn7q1KFDdZGWZ3rJk5fs
qiyeP1nXFpZ6MEN+QKV/ZsbR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:01 2025 by rpki-client