Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/IMZhu6eAbMA7meznIK2ZkyC9mks.roa
File: IMZhu6eAbMA7meznIK2ZkyC9mks.roa (raw, json)
Hash identifier: WE369Xybq+DN+PPxGp06o2NtK5KvGcX0c23espoWRpc=
Subject key identifier: 20:C6:61:BB:A7:80:6C:C0:3B:99:EC:E7:20:AD:99:93:20:BD:9A:4B
Certificate issuer: /CN=68c6adf8eecabc1052e1f783d3bce4a1c5db5410
Certificate serial: 0806D0
Authority key identifier: 68:C6:AD:F8:EE:CA:BC:10:52:E1:F7:83:D3:BC:E4:A1:C5:DB:54:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/IMZhu6eAbMA7meznIK2ZkyC9mks.roa
Signing time: Wed 23 Feb 2022 08:40:19 +0000
ROA not before: Wed 23 Feb 2022 08:40:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51795
IP address blocks: 185.25.36.0/24 maxlen: 24
185.25.37.0/24 maxlen: 24
185.25.38.0/24 maxlen: 24
185.25.39.0/24 maxlen: 24
46.18.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 526032 (0x806d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c6adf8eecabc1052e1f783d3bce4a1c5db5410
Validity
Not Before: Feb 23 08:40:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20c661bba7806cc03b99ece720ad999320bd9a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:76:18:09:78:23:c2:4f:d2:bc:07:72:ea:
58:d1:d2:bb:83:aa:a7:41:b2:70:53:33:a1:d9:16:
f0:c9:9c:49:e8:a6:45:f6:00:3a:3d:40:1d:b0:78:
50:df:cf:2e:e8:f2:aa:c4:44:1e:b6:e4:ce:4b:67:
aa:e2:1a:17:1f:52:c6:f2:3d:3b:29:27:7b:a5:59:
55:3b:b3:83:06:62:75:68:e8:e4:22:c2:c7:71:68:
b1:53:bf:7b:ec:d7:dc:12:d8:d9:16:e5:aa:e1:b5:
bf:9c:06:77:0e:e3:31:a2:64:0a:88:3e:c9:48:2d:
30:e9:48:ae:5c:73:8a:a6:b4:92:fc:fc:09:56:8b:
45:56:dd:8b:85:48:ce:4a:94:bf:07:ac:e1:05:d4:
e5:3b:3d:18:3a:4d:31:42:3e:1e:da:0a:3a:00:88:
41:3b:a0:bd:b8:99:d2:02:fa:0c:8f:f7:c8:02:c9:
8e:a8:ec:f1:2f:24:b1:ec:51:9e:7f:d4:e1:97:82:
4f:70:7a:14:91:5d:71:63:4b:33:11:ff:7b:23:97:
a4:9f:16:da:a2:85:48:48:c4:9d:82:d4:a0:ac:ad:
de:f7:44:43:49:8d:40:bb:33:86:f8:ca:3a:90:8a:
dd:2a:5b:50:d1:04:1e:e3:44:f8:b2:93:00:f2:9f:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C6:61:BB:A7:80:6C:C0:3B:99:EC:E7:20:AD:99:93:20:BD:9A:4B
X509v3 Authority Key Identifier:
keyid:68:C6:AD:F8:EE:CA:BC:10:52:E1:F7:83:D3:BC:E4:A1:C5:DB:54:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/IMZhu6eAbMA7meznIK2ZkyC9mks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/aMat-O7KvBBS4feD07zkocXbVBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.245.0/24
185.25.36.0/22
Signature Algorithm: sha256WithRSAEncryption
62:89:3b:cb:ee:51:81:17:f2:ce:60:9d:61:89:4d:2f:e6:92:
81:19:3a:0b:3d:24:85:83:ad:3a:1b:31:65:7e:e4:23:a8:b6:
2b:5a:a2:b5:2b:36:82:fb:af:cf:1f:8d:a6:54:da:39:9d:4c:
85:7c:54:03:26:f4:03:82:61:62:9a:93:70:05:b1:f1:a8:a4:
36:21:91:87:7d:a3:54:cc:7e:43:f9:b3:1b:f9:f9:1b:44:da:
f2:df:72:c0:7c:76:bc:88:e2:4d:d6:b3:7e:69:68:bc:d4:1c:
ed:5a:04:3c:4d:52:dd:b3:2d:27:f0:c9:28:ae:96:09:73:52:
1f:b9:a3:55:e1:e9:21:ef:d5:84:25:d5:f6:67:11:86:82:2f:
50:0c:4f:32:a1:d7:11:c0:93:6a:fa:97:da:7f:af:38:f2:e9:
ae:bd:0f:23:43:03:d1:88:e9:15:5e:e5:81:d1:7a:fb:67:67:
3c:14:da:32:c8:f4:12:56:50:10:30:d7:f0:5f:6b:9c:cd:a6:
3a:49:2b:00:af:f6:2a:ad:f3:dc:cc:20:47:30:25:f2:5e:3e:
f9:8e:21:c9:7a:40:4b:63:83:c6:cd:82:16:58:fc:db:b5:b9:
e6:3f:11:7c:fa:0d:83:3c:09:c3:2d:a7:4e:db:89:87:6a:c9:
d1:34:92:ef
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDCAbQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY4
YzZhZGY4ZWVjYWJjMTA1MmUxZjc4M2QzYmNlNGExYzVkYjU0MTAwHhcNMjIwMjIz
MDg0MDE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMGM2NjFiYmE3ODA2
Y2MwM2I5OWVjZTcyMGFkOTk5MzIwYmQ5YTRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAs9F2GAl4I8JP0rwHcupY0dK7g6qnQbJwUzOh2RbwyZxJ6KZF
9gA6PUAdsHhQ388u6PKqxEQetuTOS2eq4hoXH1LG8j07KSd7pVlVO7ODBmJ1aOjk
IsLHcWixU7977NfcEtjZFuWq4bW/nAZ3DuMxomQKiD7JSC0w6UiuXHOKprSS/PwJ
VotFVt2LhUjOSpS/B6zhBdTlOz0YOk0xQj4e2go6AIhBO6C9uJnSAvoMj/fIAsmO
qOzxLySx7FGef9Thl4JPcHoUkV1xY0szEf97I5eknxbaooVISMSdgtSgrK3e90RD
SY1AuzOG+Mo6kIrdKltQ0QQe40T4spMA8p/gBwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFCDGYbungGzAO5ns5yCtmZMgvZpLMB8GA1UdIwQYMBaAFGjGrfjuyrwQUuH3
g9O85KHF21QQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YU1hdC1PN0t2QkJTNGZlRDA3emtvY1hiVkJBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZS9lNWQ4NjktMzBiYy00NDY1LWJkNmYtNDc3M2I2NjY5NzE2LzEv
SU1aaHU2ZUFiTUE3bWV6bklLMlpreUM5bWtzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9l
NWQ4NjktMzBiYy00NDY1LWJkNmYtNDc3M2I2NjY5NzE2LzEvYU1hdC1PN0t2QkJT
NGZlRDA3emtvY1hiVkJBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhL1AwQCuRkkMA0GCSqGSIb3DQEB
CwUAA4IBAQBiiTvL7lGBF/LOYJ1hiU0v5pKBGToLPSSFg606GzFlfuQjqLYrWqK1
KzaC+6/PH42mVNo5nUyFfFQDJvQDgmFimpNwBbHxqKQ2IZGHfaNUzH5D+bMb+fkb
RNry33LAfHa8iOJN1rN+aWi81BztWgQ8TVLdsy0n8MkorpYJc1IfuaNV4ekh79WE
JdX2ZxGGgi9QDE8yodcRwJNq+pfaf6848umuvQ8jQwPRiOkVXuWB0Xr7Z2c8FNoy
yPQSVlAQMNfwX2uczaY6SSsAr/YqrfPczCBHMCXyXj75jiHJekBLY4PGzYIWWPzb
tbnmPxF8+g2DPAnDLadO24mHasnRNJLv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:06 2025 by rpki-client