Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/257932-c18f-411d-9b6f-6d42257c8f6b/1/dMIREq9XnVoWBdO6Yqz8xkkeAeQ.roa
File: dMIREq9XnVoWBdO6Yqz8xkkeAeQ.roa (raw, json)
Hash identifier: JIfadhxI/lTuEMCkjWgaKCjT22gUcqfEMjxpmCS9MJ4=
Subject key identifier: 74:C2:11:12:AF:57:9D:5A:16:05:D3:BA:62:AC:FC:C6:49:1E:01:E4
Certificate issuer: /CN=a96e2341d783e5934f87d05c473fc6d2b30d9d45
Certificate serial: 018B375EE0C58EFAF6312818EF9A15537E12
Authority key identifier: A9:6E:23:41:D7:83:E5:93:4F:87:D0:5C:47:3F:C6:D2:B3:0D:9D:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qW4jQdeD5ZNPh9BcRz_G0rMNnUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/257932-c18f-411d-9b6f-6d42257c8f6b/1/dMIREq9XnVoWBdO6Yqz8xkkeAeQ.roa
Signing time: Mon 16 Oct 2023 07:24:06 +0000
ROA not before: Mon 16 Oct 2023 07:24:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34373
IP address blocks: 185.171.163.0/24 maxlen: 24
185.82.152.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:5e:e0:c5:8e:fa:f6:31:28:18:ef:9a:15:53:7e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a96e2341d783e5934f87d05c473fc6d2b30d9d45
Validity
Not Before: Oct 16 07:24:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74c21112af579d5a1605d3ba62acfcc6491e01e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8c:ec:b8:3b:33:ba:1a:91:92:64:5b:64:ea:
2f:45:a1:de:95:53:c8:a8:47:bb:a8:99:4e:d5:79:
9f:a7:b2:11:4c:45:65:9f:c0:ef:dd:12:77:7f:77:
5e:f2:a9:b5:ce:3b:1a:3c:4e:cf:ad:d6:2b:39:34:
cc:ec:a7:6b:09:28:90:9e:47:ae:c8:84:d0:8d:66:
3c:72:6d:8f:9f:cf:16:06:c1:3e:57:d0:a9:03:f0:
b1:e1:a3:e0:32:7d:a6:29:88:20:93:79:00:77:22:
c9:af:03:64:64:b6:89:7d:34:59:64:72:e9:39:3b:
fe:51:e8:05:0e:3c:8f:0c:5a:a1:54:4e:07:a3:d4:
ce:39:d1:58:3b:cd:db:6b:99:4a:a9:87:1d:2e:10:
a6:10:79:dc:00:2e:52:ea:c5:57:a6:22:47:5d:e3:
bb:a8:b8:5e:5d:ae:c4:31:18:dd:c6:6b:98:eb:8d:
33:7a:fb:f6:71:83:67:1b:9d:f6:ee:00:63:7d:a7:
56:d9:52:a8:bd:ec:9b:01:c3:54:de:27:71:54:07:
30:e8:85:a5:68:0c:12:5f:09:64:54:17:20:9c:54:
5f:60:95:5e:a6:83:20:44:6e:1d:c3:a3:e9:23:9f:
c9:ef:a0:99:e7:30:6d:9d:c6:10:6f:b6:ba:da:17:
9f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C2:11:12:AF:57:9D:5A:16:05:D3:BA:62:AC:FC:C6:49:1E:01:E4
X509v3 Authority Key Identifier:
keyid:A9:6E:23:41:D7:83:E5:93:4F:87:D0:5C:47:3F:C6:D2:B3:0D:9D:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qW4jQdeD5ZNPh9BcRz_G0rMNnUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/257932-c18f-411d-9b6f-6d42257c8f6b/1/dMIREq9XnVoWBdO6Yqz8xkkeAeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/257932-c18f-411d-9b6f-6d42257c8f6b/1/qW4jQdeD5ZNPh9BcRz_G0rMNnUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.152.0/23
185.171.163.0/24
Signature Algorithm: sha256WithRSAEncryption
be:44:f4:84:83:38:e0:2b:38:6e:46:19:04:6b:02:a6:89:3b:
52:43:5e:64:ba:37:10:59:5d:18:d1:22:01:27:0a:f5:e6:45:
c0:7f:4d:51:12:90:ac:2a:cc:40:ce:4c:86:e8:66:bc:16:e1:
e3:4b:46:40:a6:71:08:72:99:2a:28:2e:43:fd:d9:be:01:5c:
ed:6d:5c:81:42:bb:db:78:76:30:0e:f7:1e:bf:8e:b7:64:5f:
5f:40:5d:ad:48:d4:bc:49:32:49:18:77:4f:3e:4e:3e:22:4f:
d4:b4:0a:35:92:26:bf:2f:3a:72:1b:f0:09:e2:39:b8:49:1b:
80:2d:8c:9c:46:05:4a:d7:08:35:48:3f:a5:75:7a:f9:8f:11:
90:9b:75:d8:12:24:6e:e1:58:3f:e0:1b:3f:5c:af:2a:32:52:
81:bc:0b:4b:dc:56:24:36:f9:38:df:6f:1f:d4:9d:0a:15:96:
9c:ed:93:6a:e5:d1:06:75:65:5b:3d:5d:73:1c:f0:62:c5:c0:
4f:f7:0c:09:f6:65:f2:17:6e:a3:1c:2d:27:3a:7f:b0:cc:07:
e5:be:c1:fa:d1:f8:b5:57:57:e0:54:d1:6d:07:6f:af:f6:7e:
9b:33:21:3f:c4:0d:5d:81:d3:fc:42:13:f9:d1:38:9e:03:7e:
d8:18:3b:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs3XuDFjvr2MSgY75oVU34SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NmUyMzQxZDc4M2U1OTM0Zjg3ZDA1YzQ3M2ZjNmQyYjMw
ZDlkNDUwHhcNMjMxMDE2MDcyNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGMyMTExMmFmNTc5ZDVhMTYwNWQzYmE2MmFjZmNjNjQ5MWUwMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4zsuDszuhqRkmRbZOovRaHelVPI
qEe7qJlO1Xmfp7IRTEVln8Dv3RJ3f3de8qm1zjsaPE7PrdYrOTTM7KdrCSiQnkeu
yITQjWY8cm2Pn88WBsE+V9CpA/Cx4aPgMn2mKYggk3kAdyLJrwNkZLaJfTRZZHLp
OTv+UegFDjyPDFqhVE4Ho9TOOdFYO83ba5lKqYcdLhCmEHncAC5S6sVXpiJHXeO7
qLheXa7EMRjdxmuY640zevv2cYNnG5327gBjfadW2VKoveybAcNU3idxVAcw6IWl
aAwSXwlkVBcgnFRfYJVepoMgRG4dw6PpI5/J76CZ5zBtncYQb7a62hefhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTCERKvV51aFgXTumKs/MZJHgHkMB8GA1UdIwQY
MBaAFKluI0HXg+WTT4fQXEc/xtKzDZ1FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVc0alFkZUQ1Wk5QaDlCY1J6X0cwck1OblVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yNTc5MzItYzE4Zi00MTFkLTliNmYt
NmQ0MjI1N2M4ZjZiLzEvZE1JUkVxOVhuVm9XQmRPNllxejh4a2tlQWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yNTc5MzItYzE4Zi00MTFkLTliNmYtNmQ0MjI1N2M4ZjZi
LzEvcVc0alFkZUQ1Wk5QaDlCY1J6X0cwck1OblVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuVKYAwQA
uaujMA0GCSqGSIb3DQEBCwUAA4IBAQC+RPSEgzjgKzhuRhkEawKmiTtSQ15kujcQ
WV0Y0SIBJwr15kXAf01REpCsKsxAzkyG6Ga8FuHjS0ZApnEIcpkqKC5D/dm+AVzt
bVyBQrvbeHYwDvcev463ZF9fQF2tSNS8STJJGHdPPk4+Ik/UtAo1kia/LzpyG/AJ
4jm4SRuALYycRgVK1wg1SD+ldXr5jxGQm3XYEiRu4Vg/4Bs/XK8qMlKBvAtL3FYk
Nvk4328f1J0KFZac7ZNq5dEGdWVbPV1zHPBixcBP9wwJ9mXyF26jHC0nOn+wzAfl
vsH60fi1V1fgVNFtB2+v9n6bMyE/xA1dgdP8QhP50TieA37YGDvJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:15 2025 by rpki-client