Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/L4biqUw4DfwO0fpiMeB4prStNqE.roa
File: L4biqUw4DfwO0fpiMeB4prStNqE.roa (raw, json)
Hash identifier: 8E8wv17HpDkToTnB48O1kxORVOy3hSk4Do16pJd0j4k=
Subject key identifier: 2F:86:E2:A9:4C:38:0D:FC:0E:D1:FA:62:31:E0:78:A6:B4:AD:36:A1
Certificate issuer: /CN=500151e464b29791376c0c57beb40c584ef5a1cf
Certificate serial: 018572FA9163E15AA6A4004AEE33B640C6F9
Authority key identifier: 50:01:51:E4:64:B2:97:91:37:6C:0C:57:BE:B4:0C:58:4E:F5:A1:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UAFR5GSyl5E3bAxXvrQMWE71oc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/L4biqUw4DfwO0fpiMeB4prStNqE.roa
Signing time: Mon 02 Jan 2023 14:55:01 +0000
ROA not before: Mon 02 Jan 2023 14:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43824
IP address blocks: 185.222.49.0/24 maxlen: 24
185.222.48.0/24 maxlen: 24
185.222.51.0/24 maxlen: 24
185.222.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:91:63:e1:5a:a6:a4:00:4a:ee:33:b6:40:c6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=500151e464b29791376c0c57beb40c584ef5a1cf
Validity
Not Before: Jan 2 14:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f86e2a94c380dfc0ed1fa6231e078a6b4ad36a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e8:49:d4:7e:eb:de:b0:fe:ed:0e:82:33:12:
8a:7e:c6:91:f9:6d:31:c9:48:c0:df:ff:91:50:e7:
29:e0:0d:08:21:42:2a:54:ec:f1:72:38:22:2f:f9:
de:6c:2c:ac:af:a0:25:ed:4b:eb:7a:3b:d0:27:b3:
58:22:a3:1d:92:d9:30:96:92:c8:15:69:06:2c:d2:
8a:e1:e2:73:70:16:99:ec:07:2e:dd:2d:19:cc:23:
aa:83:4e:06:90:30:3c:6b:87:ae:14:27:b7:a3:4f:
62:bf:d0:64:ee:4a:79:86:e5:6c:f2:ef:d8:a2:6c:
a8:3a:99:77:88:97:12:d0:40:89:a7:de:9b:48:fd:
b0:77:75:b9:f7:ec:25:9d:05:1e:99:c2:d2:a8:95:
e9:52:f4:7d:85:ab:a8:be:f1:99:1f:5a:8c:f7:be:
24:dd:48:9c:28:1c:07:da:7f:f8:54:d0:d8:38:4f:
17:55:87:d0:4e:5a:e0:57:15:05:88:89:3d:6c:3c:
01:6c:9f:95:9e:5d:da:65:1e:d8:07:e5:79:ca:72:
52:78:83:e6:c0:88:f4:76:19:b7:ce:2c:d2:93:e7:
86:36:54:da:72:2a:43:53:0d:18:a1:99:d3:25:8f:
7a:79:79:89:bb:0a:8c:49:93:2f:67:80:a5:ab:45:
e1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:86:E2:A9:4C:38:0D:FC:0E:D1:FA:62:31:E0:78:A6:B4:AD:36:A1
X509v3 Authority Key Identifier:
keyid:50:01:51:E4:64:B2:97:91:37:6C:0C:57:BE:B4:0C:58:4E:F5:A1:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UAFR5GSyl5E3bAxXvrQMWE71oc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/L4biqUw4DfwO0fpiMeB4prStNqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/UAFR5GSyl5E3bAxXvrQMWE71oc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.48.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:4b:e2:f7:3a:85:5c:44:3a:38:84:cc:bb:26:53:16:b5:04:
21:45:36:68:79:73:00:80:f4:5b:b5:a1:f3:a6:fd:0a:8b:6f:
8a:75:b3:bf:ca:3e:2d:21:1a:93:44:43:c0:ea:19:a6:12:92:
08:c0:0c:95:07:0c:c9:ff:6c:8f:3b:c6:40:b7:26:dc:33:25:
9c:f0:b9:02:9a:a5:09:03:39:9e:17:16:67:af:3e:d2:52:ac:
63:a1:df:de:d6:5a:4c:a0:19:a3:41:ba:e5:61:17:04:51:fb:
13:f3:8c:8f:c7:08:f9:cd:64:f6:65:1d:58:01:3e:e4:82:0b:
48:d7:0a:e5:d6:23:1c:db:bb:e5:78:2f:43:01:f6:a9:d0:48:
84:70:0d:ba:df:08:4f:73:8c:6f:33:db:84:7b:99:5d:94:fd:
d4:80:90:ec:49:68:6d:3b:76:36:e0:f6:93:b2:90:ca:6a:d9:
e3:82:bb:ec:64:5c:cf:6d:d5:d2:ce:7d:8c:77:8e:c1:03:ad:
3b:f6:ef:c3:c5:cf:f5:41:46:ad:84:52:08:0b:a2:4d:74:f6:
bf:8c:aa:81:d7:6b:c4:54:68:05:af:9e:2d:9c:aa:a1:f8:10:
30:a1:b5:bf:79:96:d9:f7:1a:ad:d5:fb:31:31:e7:c2:cb:d6:
dd:59:62:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+pFj4VqmpABK7jO2QMb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMDE1MWU0NjRiMjk3OTEzNzZjMGM1N2JlYjQwYzU4NGVm
NWExY2YwHhcNMjMwMTAyMTQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg2ZTJhOTRjMzgwZGZjMGVkMWZhNjIzMWUwNzhhNmI0YWQzNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmehJ1H7r3rD+7Q6CMxKKfsaR+W0x
yUjA3/+RUOcp4A0IIUIqVOzxcjgiL/nebCysr6Al7UvrejvQJ7NYIqMdktkwlpLI
FWkGLNKK4eJzcBaZ7Acu3S0ZzCOqg04GkDA8a4euFCe3o09iv9Bk7kp5huVs8u/Y
omyoOpl3iJcS0ECJp96bSP2wd3W59+wlnQUemcLSqJXpUvR9hauovvGZH1qM974k
3UicKBwH2n/4VNDYOE8XVYfQTlrgVxUFiIk9bDwBbJ+Vnl3aZR7YB+V5ynJSeIPm
wIj0dhm3zizSk+eGNlTacipDUw0YoZnTJY96eXmJuwqMSZMvZ4Clq0XhDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+G4qlMOA38DtH6YjHgeKa0rTahMB8GA1UdIwQY
MBaAFFABUeRkspeRN2wMV760DFhO9aHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUFGUjVHU3lsNUUzYkF4WHZyUU1XRTcxb2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80YTEyYzItOWJlZC00NWRkLTg2M2Mt
MGI5ZmI5N2U1MjlkLzEvTDRiaXFVdzREZndPMGZwaU1lQjRwclN0TnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80YTEyYzItOWJlZC00NWRkLTg2M2MtMGI5ZmI5N2U1Mjlk
LzEvVUFGUjVHU3lsNUUzYkF4WHZyUU1XRTcxb2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud4wMA0G
CSqGSIb3DQEBCwUAA4IBAQB8S+L3OoVcRDo4hMy7JlMWtQQhRTZoeXMAgPRbtaHz
pv0Ki2+KdbO/yj4tIRqTREPA6hmmEpIIwAyVBwzJ/2yPO8ZAtybcMyWc8LkCmqUJ
AzmeFxZnrz7SUqxjod/e1lpMoBmjQbrlYRcEUfsT84yPxwj5zWT2ZR1YAT7kggtI
1wrl1iMc27vleC9DAfap0EiEcA263whPc4xvM9uEe5ldlP3UgJDsSWhtO3Y24PaT
spDKatnjgrvsZFzPbdXSzn2Md47BA6079u/Dxc/1QUathFIIC6JNdPa/jKqB12vE
VGgFr54tnKqh+BAwobW/eZbZ9xqt1fsxMefCy9bdWWKG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:12 2025 by rpki-client