Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/b3019c-66cf-4f98-a856-134c47b94913/1/SdfDN7p4F5GVSlc2zZ6seKwPiwM.roa
File: SdfDN7p4F5GVSlc2zZ6seKwPiwM.roa (raw, json)
Hash identifier: P6/umCz46H87G1dl9PXtZc7T8FfdLMWnoebFR2afA8A=
Subject key identifier: 49:D7:C3:37:BA:78:17:91:95:4A:57:36:CD:9E:AC:78:AC:0F:8B:03
Certificate issuer: /CN=dd29c370460bec753010fc7e68365c5770bf45e4
Certificate serial: 018573716F253B2A48AB7A20FFA436E2D806
Authority key identifier: DD:29:C3:70:46:0B:EC:75:30:10:FC:7E:68:36:5C:57:70:BF:45:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SnDcEYL7HUwEPx-aDZcV3C_ReQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/b3019c-66cf-4f98-a856-134c47b94913/1/SdfDN7p4F5GVSlc2zZ6seKwPiwM.roa
Signing time: Mon 02 Jan 2023 17:04:51 +0000
ROA not before: Mon 02 Jan 2023 17:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 185.243.161.0/24 maxlen: 24
185.243.160.0/24 maxlen: 24
2a09:900:2::/47 maxlen: 47
2a09:900:200::/40 maxlen: 40
2a09:900:100::/40 maxlen: 40
2a09:900::/47 maxlen: 47
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:6f:25:3b:2a:48:ab:7a:20:ff:a4:36:e2:d8:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd29c370460bec753010fc7e68365c5770bf45e4
Validity
Not Before: Jan 2 17:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49d7c337ba781791954a5736cd9eac78ac0f8b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b8:a8:12:05:c8:4c:f8:14:27:45:ef:3c:1c:
03:6a:9c:fc:9a:36:80:47:7f:47:00:0d:52:61:99:
3b:8f:51:f8:fc:65:77:fa:7b:ca:b0:f3:56:6b:44:
eb:de:b0:21:2c:34:06:db:0c:99:91:97:c6:c2:be:
36:20:58:88:fb:b1:67:9c:5c:e9:c8:95:b9:14:85:
9e:08:15:2f:e3:75:ab:9a:42:0a:5c:5b:7f:bc:bc:
17:b5:3f:bd:d5:fc:a0:0b:19:e5:ee:81:a7:db:6d:
6c:8f:54:ad:0a:25:ce:95:dc:cb:9c:cc:16:3b:5f:
6f:ca:41:c8:a3:52:91:c2:8f:cc:fe:9f:a6:81:af:
f1:be:26:ee:3a:d8:a1:f6:4e:ac:80:6c:c8:18:7f:
51:76:84:0e:60:7b:6d:d8:40:e0:90:34:cb:f5:60:
0c:cc:94:d4:c5:16:0a:2c:7b:1f:b3:96:e4:35:ee:
95:fb:47:cc:c4:c1:34:6d:b4:2f:2d:8b:99:13:ca:
81:1c:f8:f7:58:97:c8:dd:de:d9:b7:ff:cf:27:f4:
cd:eb:42:65:ce:57:d9:d7:71:8f:56:47:9c:d9:13:
a2:e2:26:e7:a8:69:22:b2:ef:93:d3:42:29:8d:bc:
a7:57:b7:32:0c:4f:49:54:86:2d:96:c1:bf:27:b4:
c6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D7:C3:37:BA:78:17:91:95:4A:57:36:CD:9E:AC:78:AC:0F:8B:03
X509v3 Authority Key Identifier:
keyid:DD:29:C3:70:46:0B:EC:75:30:10:FC:7E:68:36:5C:57:70:BF:45:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SnDcEYL7HUwEPx-aDZcV3C_ReQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/b3019c-66cf-4f98-a856-134c47b94913/1/SdfDN7p4F5GVSlc2zZ6seKwPiwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/b3019c-66cf-4f98-a856-134c47b94913/1/3SnDcEYL7HUwEPx-aDZcV3C_ReQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.160.0/23
IPv6:
2a09:900::/46
2a09:900:100::-2a09:900:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:97:af:2f:85:a0:3c:8f:65:09:4b:ac:15:36:20:30:b0:e4:
8b:38:38:04:af:c4:c9:35:fd:03:46:56:fe:ce:eb:32:b2:be:
25:c8:55:39:35:1e:62:e4:be:18:46:d8:0b:6a:fd:b4:ba:95:
02:f4:e5:44:22:ec:f9:2e:93:95:ef:64:a3:be:ad:38:6e:a6:
5d:17:ad:55:4b:2b:e1:d1:d1:1d:08:75:42:8c:0a:d5:2c:99:
3d:92:d4:db:1a:84:77:62:4b:e3:87:38:e5:20:04:ad:ba:b1:
2f:b5:6b:93:aa:90:b6:fb:48:e9:a9:17:68:8d:95:51:69:96:
72:26:4d:7c:9d:82:5f:d3:11:d8:fe:ef:ed:36:96:11:51:44:
84:0c:1c:96:ae:28:80:50:e9:0d:83:49:09:92:eb:8b:7e:0e:
f1:24:b0:8c:ee:de:67:5a:de:c5:e8:65:e6:b2:57:4e:e9:63:
a8:16:bb:f4:ce:3e:d9:34:b5:6b:7e:01:be:40:17:28:14:c7:
dd:b5:03:56:a2:7e:02:b9:77:d8:a9:8d:c0:30:21:80:47:83:
7d:5b:aa:70:52:ce:25:18:5b:df:db:32:9b:67:32:d1:94:0b:
b3:3f:fa:a9:11:74:99:ef:79:af:9a:7c:51:cf:91:e9:f1:33:
93:ed:29:e4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVzcW8lOypIq3og/6Q24tgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMjljMzcwNDYwYmVjNzUzMDEwZmM3ZTY4MzY1YzU3NzBi
ZjQ1ZTQwHhcNMjMwMTAyMTcwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQ3YzMzN2JhNzgxNzkxOTU0YTU3MzZjZDllYWM3OGFjMGY4YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLioEgXITPgUJ0XvPBwDapz8mjaA
R39HAA1SYZk7j1H4/GV3+nvKsPNWa0Tr3rAhLDQG2wyZkZfGwr42IFiI+7FnnFzp
yJW5FIWeCBUv43WrmkIKXFt/vLwXtT+91fygCxnl7oGn221sj1StCiXOldzLnMwW
O19vykHIo1KRwo/M/p+mga/xvibuOtih9k6sgGzIGH9RdoQOYHtt2EDgkDTL9WAM
zJTUxRYKLHsfs5bkNe6V+0fMxME0bbQvLYuZE8qBHPj3WJfI3d7Zt//PJ/TN60Jl
zlfZ13GPVkec2ROi4ibnqGkisu+T00IpjbynV7cyDE9JVIYtlsG/J7TGfwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEnXwze6eBeRlUpXNs2erHisD4sDMB8GA1UdIwQY
MBaAFN0pw3BGC+x1MBD8fmg2XFdwv0XkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1NuRGNFWUw3SFV3RVB4LWFEWmNWM0NfUmVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iMzAxOWMtNjZjZi00Zjk4LWE4NTYt
MTM0YzQ3Yjk0OTEzLzEvU2RmRE43cDRGNUdWU2xjMnpaNnNlS3dQaXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iMzAxOWMtNjZjZi00Zjk4LWE4NTYtMTM0YzQ3Yjk0OTEz
LzEvM1NuRGNFWUw3SFV3RVB4LWFEWmNWM0NfUmVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQBufOgMCEE
AgACMBsDBwIqCQkAAAAwEAMGACoJCQABAwYAKgkJAAIwDQYJKoZIhvcNAQELBQAD
ggEBAC6Xry+FoDyPZQlLrBU2IDCw5Is4OASvxMk1/QNGVv7O6zKyviXIVTk1HmLk
vhhG2Atq/bS6lQL05UQi7Pkuk5XvZKO+rThupl0XrVVLK+HR0R0IdUKMCtUsmT2S
1NsahHdiS+OHOOUgBK26sS+1a5OqkLb7SOmpF2iNlVFplnImTXydgl/TEdj+7+02
lhFRRIQMHJauKIBQ6Q2DSQmS64t+DvEksIzu3mda3sXoZeayV07pY6gWu/TOPtk0
tWt+Ab5AFygUx921A1aifgK5d9ipjcAwIYBHg31bqnBSziUYW9/bMptnMtGUC7M/
+qkRdJnvea+afFHPkenxM5PtKeQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:08 2025 by rpki-client