Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/byYPSW9fURTmzSyojZhfawR2e6g.roa
File: byYPSW9fURTmzSyojZhfawR2e6g.roa (raw, json)
Hash identifier: NYL3s2DqB415DbNlbVAKBaV6lbkk3SDjbLQTwRZzhAE=
Subject key identifier: 6F:26:0F:49:6F:5F:51:14:E6:CD:2C:A8:8D:98:5F:6B:04:76:7B:A8
Certificate issuer: /CN=68c6adf8eecabc1052e1f783d3bce4a1c5db5410
Certificate serial: 2E17D5
Authority key identifier: 68:C6:AD:F8:EE:CA:BC:10:52:E1:F7:83:D3:BC:E4:A1:C5:DB:54:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/byYPSW9fURTmzSyojZhfawR2e6g.roa
Signing time: Wed 09 Mar 2022 11:10:25 +0000
ROA not before: Wed 09 Mar 2022 11:10:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51795
IP address blocks: 185.25.36.0/24 maxlen: 24
185.25.37.0/24 maxlen: 24
185.25.38.0/24 maxlen: 24
185.25.39.0/24 maxlen: 24
46.18.244.0/24 maxlen: 24
46.18.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3020757 (0x2e17d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c6adf8eecabc1052e1f783d3bce4a1c5db5410
Validity
Not Before: Mar 9 11:10:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f260f496f5f5114e6cd2ca88d985f6b04767ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a2:16:2a:a4:c1:bb:2a:b6:04:1b:97:a5:77:
3e:04:65:4f:22:54:67:50:31:9f:20:2f:b4:97:72:
c6:17:d8:5b:b7:d0:56:89:95:74:c9:ce:49:1f:7e:
3d:2d:e7:75:e8:01:5b:e9:55:89:82:42:a9:c8:00:
0e:0a:ab:a6:fb:d6:22:96:6c:c8:5a:90:9a:ed:f1:
24:ec:9e:13:49:a1:be:19:b8:4d:3b:ad:3d:24:06:
16:b3:b3:f5:e1:7d:90:ac:79:7a:16:58:c6:10:c2:
3b:86:7d:3e:32:f3:3a:ec:80:53:4b:fa:2c:e3:e3:
86:81:fb:56:cf:0c:05:80:89:03:a1:cd:c2:55:e1:
65:2e:fe:c9:d2:a3:5e:50:6b:83:85:0c:42:14:76:
95:bb:69:b1:a7:08:a7:46:9b:ed:e3:63:18:19:b0:
36:53:ee:8b:c1:c1:a0:2c:f9:d0:38:54:75:e2:11:
0b:2f:37:3f:06:50:69:be:15:77:36:0b:67:55:6b:
24:d2:ad:f7:04:1f:51:b6:23:e0:9c:5a:a9:ee:10:
10:a9:d1:e6:63:e1:4a:6b:62:97:b5:2a:2b:1e:fd:
49:a5:6a:62:4e:30:8d:2d:db:45:e4:fc:25:10:16:
3e:6c:aa:61:8b:57:6f:ee:9f:93:0d:67:51:86:fa:
ca:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:26:0F:49:6F:5F:51:14:E6:CD:2C:A8:8D:98:5F:6B:04:76:7B:A8
X509v3 Authority Key Identifier:
keyid:68:C6:AD:F8:EE:CA:BC:10:52:E1:F7:83:D3:BC:E4:A1:C5:DB:54:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/byYPSW9fURTmzSyojZhfawR2e6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/aMat-O7KvBBS4feD07zkocXbVBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.244.0/23
185.25.36.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:68:9e:49:bf:d7:c3:3e:c2:be:e1:06:27:6d:0b:35:6d:0f:
2a:c6:a5:8d:7d:7c:1d:31:a1:19:13:32:08:ba:d6:c8:21:46:
60:8c:0f:49:1f:f5:6e:2c:4d:27:53:5a:b2:76:07:13:c5:8b:
a4:1e:e2:b7:d1:8e:31:90:06:1c:5c:80:0b:6b:4e:49:dc:b5:
7b:18:5c:65:5a:25:fb:27:33:e7:67:07:fb:bf:dc:80:1e:e3:
6d:50:43:65:52:4f:3c:fd:63:56:fc:9d:5c:69:b8:5d:08:7d:
f9:eb:72:fb:ae:0e:4f:ac:9d:02:15:8a:4a:6f:50:5c:e1:73:
3a:d4:25:5a:44:ec:69:5f:83:8c:35:f8:7a:f0:e4:0e:11:72:
b4:94:f1:f2:f2:29:0a:3a:51:07:d9:fa:a7:ed:77:15:ee:14:
41:22:48:13:9b:05:fc:bb:fc:1d:71:0a:c8:30:d2:3e:1b:b8:
77:69:4b:58:72:b9:ab:5e:d0:8a:23:09:c1:6c:84:c5:74:fd:
7b:d9:d1:fb:4a:76:3b:d4:f3:fb:c7:bc:82:0f:85:90:7a:ed:
c5:d4:42:c6:f8:af:b1:df:40:09:f4:18:cc:2d:77:9b:d9:47:
7b:16:9e:cc:9b:c1:83:d3:fb:69:f8:5e:d2:de:26:a2:8e:1a:
1f:11:98:21
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDLhfVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY4
YzZhZGY4ZWVjYWJjMTA1MmUxZjc4M2QzYmNlNGExYzVkYjU0MTAwHhcNMjIwMzA5
MTExMDI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZjI2MGY0OTZmNWY1
MTE0ZTZjZDJjYTg4ZDk4NWY2YjA0NzY3YmE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3aIWKqTBuyq2BBuXpXc+BGVPIlRnUDGfIC+0l3LGF9hbt9BW
iZV0yc5JH349Led16AFb6VWJgkKpyAAOCqum+9YilmzIWpCa7fEk7J4TSaG+GbhN
O609JAYWs7P14X2QrHl6FljGEMI7hn0+MvM67IBTS/os4+OGgftWzwwFgIkDoc3C
VeFlLv7J0qNeUGuDhQxCFHaVu2mxpwinRpvt42MYGbA2U+6LwcGgLPnQOFR14hEL
Lzc/BlBpvhV3NgtnVWsk0q33BB9RtiPgnFqp7hAQqdHmY+FKa2KXtSorHv1JpWpi
TjCNLdtF5PwlEBY+bKphi1dv7p+TDWdRhvrKswIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFG8mD0lvX1EU5s0sqI2YX2sEdnuoMB8GA1UdIwQYMBaAFGjGrfjuyrwQUuH3
g9O85KHF21QQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YU1hdC1PN0t2QkJTNGZlRDA3emtvY1hiVkJBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZS9lNWQ4NjktMzBiYy00NDY1LWJkNmYtNDc3M2I2NjY5NzE2LzEv
YnlZUFNXOWZVUlRtelN5b2paaGZhd1IyZTZnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9l
NWQ4NjktMzBiYy00NDY1LWJkNmYtNDc3M2I2NjY5NzE2LzEvYU1hdC1PN0t2QkJT
NGZlRDA3emtvY1hiVkJBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhL0AwQCuRkkMA0GCSqGSIb3DQEB
CwUAA4IBAQBeaJ5Jv9fDPsK+4QYnbQs1bQ8qxqWNfXwdMaEZEzIIutbIIUZgjA9J
H/VuLE0nU1qydgcTxYukHuK30Y4xkAYcXIALa05J3LV7GFxlWiX7JzPnZwf7v9yA
HuNtUENlUk88/WNW/J1cabhdCH3563L7rg5PrJ0CFYpKb1Bc4XM61CVaROxpX4OM
Nfh68OQOEXK0lPHy8ikKOlEH2fqn7XcV7hRBIkgTmwX8u/wdcQrIMNI+G7h3aUtY
crmrXtCKIwnBbITFdP172dH7SnY71PP7x7yCD4WQeu3F1ELG+K+x30AJ9BjMLXeb
2Ud7Fp7Mm8GD0/tp+F7S3iaijhofEZgh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:43 2025 by rpki-client