Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/xEj1wKnIvnuTu7ELCNOG5U7vO5Y.roa
File: xEj1wKnIvnuTu7ELCNOG5U7vO5Y.roa (raw, json)
Hash identifier: qWW4mGZenaZga91kzCnE8gCag4MiuqJT8nBkxpZp7CM=
Subject key identifier: C4:48:F5:C0:A9:C8:BE:7B:93:BB:B1:0B:08:D3:86:E5:4E:EF:3B:96
Certificate issuer: /CN=500151e464b29791376c0c57beb40c584ef5a1cf
Certificate serial: 018572FA90AC3AF1502FFF7447207E7EA536
Authority key identifier: 50:01:51:E4:64:B2:97:91:37:6C:0C:57:BE:B4:0C:58:4E:F5:A1:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UAFR5GSyl5E3bAxXvrQMWE71oc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/xEj1wKnIvnuTu7ELCNOG5U7vO5Y.roa
Signing time: Mon 02 Jan 2023 14:55:01 +0000
ROA not before: Mon 02 Jan 2023 14:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41068
IP address blocks: 185.222.48.0/24 maxlen: 24
185.222.51.0/24 maxlen: 24
185.222.49.0/24 maxlen: 24
185.222.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:90:ac:3a:f1:50:2f:ff:74:47:20:7e:7e:a5:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=500151e464b29791376c0c57beb40c584ef5a1cf
Validity
Not Before: Jan 2 14:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c448f5c0a9c8be7b93bbb10b08d386e54eef3b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:95:05:3e:15:59:6e:13:33:13:7b:cc:b4:7f:
09:1c:b9:97:91:df:89:4c:47:58:c4:1d:61:55:8a:
f9:9c:d8:fe:9f:a7:a6:20:2f:65:12:c1:bd:92:df:
92:e2:a9:4e:be:a9:e4:b7:85:39:2c:94:1e:c9:ad:
9f:2a:fe:6a:56:a6:92:9e:d0:93:2c:a8:8b:47:af:
f5:d1:17:36:2c:26:8e:f3:4d:c5:2d:07:78:20:5c:
5c:91:38:1e:d7:00:14:72:8d:60:ad:6b:7d:79:c9:
74:6c:8f:5b:68:41:13:c1:eb:c2:51:36:a2:8a:0b:
e8:39:39:61:13:59:a0:c6:8d:5d:85:01:0a:27:a9:
6b:85:de:39:20:73:f7:fb:95:78:2b:be:49:38:53:
e5:97:b0:37:e2:87:50:10:10:64:40:01:40:41:05:
bd:11:e1:15:f1:b4:b7:46:9e:a7:15:0b:95:69:42:
7b:c5:9f:ca:39:ec:9d:f3:fc:6b:63:2e:25:d0:e8:
63:cf:40:5e:68:b6:39:44:4c:45:e0:d0:c1:02:18:
63:6b:38:19:c0:af:1a:a6:a6:ea:74:74:c9:f2:e2:
1d:6f:99:35:3e:ec:dd:70:59:a7:79:41:b0:7e:f5:
ef:90:74:4b:89:60:1b:85:55:79:28:9e:c6:8f:ac:
e7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:48:F5:C0:A9:C8:BE:7B:93:BB:B1:0B:08:D3:86:E5:4E:EF:3B:96
X509v3 Authority Key Identifier:
keyid:50:01:51:E4:64:B2:97:91:37:6C:0C:57:BE:B4:0C:58:4E:F5:A1:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UAFR5GSyl5E3bAxXvrQMWE71oc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/xEj1wKnIvnuTu7ELCNOG5U7vO5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4a12c2-9bed-45dd-863c-0b9fb97e529d/1/UAFR5GSyl5E3bAxXvrQMWE71oc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.48.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:05:44:46:a3:a0:9e:1c:0f:26:4d:34:7f:94:0c:3b:d4:dd:
4f:a0:6c:9f:43:4b:b0:b5:a1:e5:f7:b7:95:d8:f2:e8:af:98:
7b:90:ac:3b:10:ed:75:61:44:df:ed:9c:f5:9a:14:d2:eb:8b:
b8:0e:93:3c:f9:86:10:cc:28:4c:5d:23:20:ce:1e:a6:5a:5c:
8e:de:fa:07:ee:50:0b:b0:c3:76:84:d0:93:57:6c:fe:ff:16:
83:ad:b2:7d:37:b9:50:34:ee:61:06:bd:ed:e3:1d:04:85:45:
2d:3b:c9:8e:35:56:be:c7:2e:01:33:2f:e3:9f:94:23:a6:cb:
94:93:fa:0e:60:19:2c:3d:b4:0c:12:50:e8:92:69:94:c5:a3:
73:d9:0c:13:88:85:86:1f:3d:c0:8c:fd:ac:aa:e0:bc:4a:f2:
bc:5c:9a:a2:a7:af:de:7a:9f:49:bc:ce:2f:ac:d7:6f:14:04:
17:e1:a9:5e:0d:35:f8:08:ea:2e:e9:07:9f:76:b7:dc:6d:61:
0b:ae:a6:ae:49:d5:6f:b0:81:82:3c:27:8d:ac:f9:8a:5b:9d:
d7:6d:3a:84:a4:32:de:58:ed:a6:00:7a:77:48:f1:62:fa:aa:
6b:9b:8d:82:60:68:d1:41:a4:2b:7a:5e:d0:e0:c0:93:ea:14:
b7:71:ac:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+pCsOvFQL/90RyB+fqU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMDE1MWU0NjRiMjk3OTEzNzZjMGM1N2JlYjQwYzU4NGVm
NWExY2YwHhcNMjMwMTAyMTQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ4ZjVjMGE5YzhiZTdiOTNiYmIxMGIwOGQzODZlNTRlZWYzYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pUFPhVZbhMzE3vMtH8JHLmXkd+J
TEdYxB1hVYr5nNj+n6emIC9lEsG9kt+S4qlOvqnkt4U5LJQeya2fKv5qVqaSntCT
LKiLR6/10Rc2LCaO803FLQd4IFxckTge1wAUco1grWt9ecl0bI9baEETwevCUTai
igvoOTlhE1mgxo1dhQEKJ6lrhd45IHP3+5V4K75JOFPll7A34odQEBBkQAFAQQW9
EeEV8bS3Rp6nFQuVaUJ7xZ/KOeyd8/xrYy4l0Ohjz0BeaLY5RExF4NDBAhhjazgZ
wK8apqbqdHTJ8uIdb5k1PuzdcFmneUGwfvXvkHRLiWAbhVV5KJ7Gj6zngwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRI9cCpyL57k7uxCwjThuVO7zuWMB8GA1UdIwQY
MBaAFFABUeRkspeRN2wMV760DFhO9aHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUFGUjVHU3lsNUUzYkF4WHZyUU1XRTcxb2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80YTEyYzItOWJlZC00NWRkLTg2M2Mt
MGI5ZmI5N2U1MjlkLzEveEVqMXdLbkl2bnVUdTdFTENOT0c1VTd2TzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80YTEyYzItOWJlZC00NWRkLTg2M2MtMGI5ZmI5N2U1Mjlk
LzEvVUFGUjVHU3lsNUUzYkF4WHZyUU1XRTcxb2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud4wMA0G
CSqGSIb3DQEBCwUAA4IBAQBOBURGo6CeHA8mTTR/lAw71N1PoGyfQ0uwtaHl97eV
2PLor5h7kKw7EO11YUTf7Zz1mhTS64u4DpM8+YYQzChMXSMgzh6mWlyO3voH7lAL
sMN2hNCTV2z+/xaDrbJ9N7lQNO5hBr3t4x0EhUUtO8mONVa+xy4BMy/jn5QjpsuU
k/oOYBksPbQMElDokmmUxaNz2QwTiIWGHz3AjP2squC8SvK8XJqip6/eep9JvM4v
rNdvFAQX4aleDTX4COou6QefdrfcbWELrqauSdVvsIGCPCeNrPmKW53XbTqEpDLe
WO2mAHp3SPFi+qprm42CYGjRQaQrel7Q4MCT6hS3cayq
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:00 2025 by rpki-client