Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/376662-87eb-4c97-9373-a1dce6ad150c/1/Rl3k6M0oZZzKK0i6WYCFErTRHp8.roa
File: Rl3k6M0oZZzKK0i6WYCFErTRHp8.roa (raw, json)
Hash identifier: sTDVt4C0wxlY2Ev8DLyydraPtVv3ka7uFjSze29lh/o=
Subject key identifier: 46:5D:E4:E8:CD:28:65:9C:CA:2B:48:BA:59:80:85:12:B4:D1:1E:9F
Certificate issuer: /CN=e858338dea6ae4ddbb24850a0707f43aa1794c3f
Certificate serial: 018441FE38B61401AC6C14D4B679EF58000D
Authority key identifier: E8:58:33:8D:EA:6A:E4:DD:BB:24:85:0A:07:07:F4:3A:A1:79:4C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Fgzjepq5N27JIUKBwf0OqF5TD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/376662-87eb-4c97-9373-a1dce6ad150c/1/Rl3k6M0oZZzKK0i6WYCFErTRHp8.roa
Signing time: Fri 04 Nov 2022 09:34:50 +0000
ROA not before: Fri 04 Nov 2022 09:34:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205262
IP address blocks: 185.246.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:41:fe:38:b6:14:01:ac:6c:14:d4:b6:79:ef:58:00:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e858338dea6ae4ddbb24850a0707f43aa1794c3f
Validity
Not Before: Nov 4 09:34:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=465de4e8cd28659cca2b48ba59808512b4d11e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:db:16:95:87:c3:3f:a3:34:72:34:9b:a8:0d:
79:83:3a:10:fc:f3:4f:82:c9:16:fa:c5:40:2a:c1:
f2:da:a3:8e:30:02:dd:01:dc:6a:88:1e:5e:0a:fd:
02:d5:41:e7:e0:8c:d7:f7:a5:76:38:7d:f4:58:0c:
a7:81:2d:04:34:16:af:a3:8c:37:ef:60:e0:00:2c:
2b:94:3e:b8:95:05:35:cd:ea:aa:02:89:83:3f:ce:
8a:9b:da:d8:e2:99:18:b4:ff:91:f4:d2:20:c9:0e:
0a:72:34:53:89:b2:c0:2a:67:1b:77:dc:fe:e9:39:
91:d2:16:5e:83:f7:0d:72:af:76:97:17:d1:aa:b8:
36:9c:cd:ca:42:23:bd:0f:1b:7f:ac:52:a7:d2:fb:
37:0f:56:a8:45:20:73:e7:3d:c9:a6:9b:5f:f2:54:
ad:9b:fc:b8:cc:35:e5:29:6c:0b:c1:f5:e0:20:93:
c3:18:73:53:86:9c:37:51:7c:f0:ec:fa:ba:a2:94:
a3:da:63:02:c3:b3:4e:ce:60:02:8d:1c:15:4d:e2:
be:8c:50:6e:30:b0:e1:b5:6a:a0:ec:f4:e9:36:2d:
f8:9c:f2:a9:ae:9e:7d:8a:40:b6:e9:b9:b4:06:35:
09:8d:d6:8e:82:af:63:d9:ea:82:d0:61:59:b8:d6:
80:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5D:E4:E8:CD:28:65:9C:CA:2B:48:BA:59:80:85:12:B4:D1:1E:9F
X509v3 Authority Key Identifier:
keyid:E8:58:33:8D:EA:6A:E4:DD:BB:24:85:0A:07:07:F4:3A:A1:79:4C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Fgzjepq5N27JIUKBwf0OqF5TD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/376662-87eb-4c97-9373-a1dce6ad150c/1/Rl3k6M0oZZzKK0i6WYCFErTRHp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/376662-87eb-4c97-9373-a1dce6ad150c/1/6Fgzjepq5N27JIUKBwf0OqF5TD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.100.0/22
Signature Algorithm: sha256WithRSAEncryption
82:fd:18:ab:99:86:a1:41:c6:13:53:85:d8:2c:b9:ff:04:c1:
ee:b9:f3:03:a9:53:41:d6:54:79:74:08:a1:be:1e:67:20:68:
ec:9d:be:7c:6c:02:d5:f1:6c:23:23:41:81:7c:b1:74:05:8d:
ac:44:b2:5b:54:e8:c7:fa:86:35:9e:7e:48:59:af:26:3e:0c:
9f:d4:80:cc:8f:6d:25:c8:59:85:89:7c:3f:41:84:32:e5:ac:
1b:f9:1b:f0:27:c9:a8:61:57:b5:e3:16:81:09:ad:02:43:66:
8e:0d:2b:d6:4c:7a:02:da:b2:9c:90:0b:c9:a0:53:9c:79:54:
9b:96:a8:64:3b:03:f2:a0:6a:6e:b4:85:7f:a5:df:45:39:7f:
3b:53:23:50:36:59:e5:cc:18:dd:0f:48:9a:fe:5c:52:f4:dd:
5e:64:f2:c2:ca:2b:e0:1a:8a:2f:60:80:fe:ad:ad:9c:1d:9e:
ae:d9:af:94:65:72:cd:d0:9f:2a:11:f4:20:a1:3c:ef:99:5d:
74:74:f1:1e:bd:d9:a5:aa:5c:55:40:28:30:1a:52:65:1b:c0:
19:6d:b1:15:9e:0f:4b:fa:72:09:c1:7e:74:f9:4b:a9:59:73:
13:f8:b7:bd:1a:ad:d2:bf:95:03:2a:1e:77:e2:6c:fd:73:d8:
8d:0d:68:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRB/ji2FAGsbBTUtnnvWAANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NTgzMzhkZWE2YWU0ZGRiYjI0ODUwYTA3MDdmNDNhYTE3
OTRjM2YwHhcNMjIxMTA0MDkzNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVkZTRlOGNkMjg2NTljY2EyYjQ4YmE1OTgwODUxMmI0ZDExZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNsWlYfDP6M0cjSbqA15gzoQ/PNP
gskW+sVAKsHy2qOOMALdAdxqiB5eCv0C1UHn4IzX96V2OH30WAyngS0ENBavo4w3
72DgACwrlD64lQU1zeqqAomDP86Km9rY4pkYtP+R9NIgyQ4KcjRTibLAKmcbd9z+
6TmR0hZeg/cNcq92lxfRqrg2nM3KQiO9Dxt/rFKn0vs3D1aoRSBz5z3Jpptf8lSt
m/y4zDXlKWwLwfXgIJPDGHNThpw3UXzw7Pq6opSj2mMCw7NOzmACjRwVTeK+jFBu
MLDhtWqg7PTpNi34nPKprp59ikC26bm0BjUJjdaOgq9j2eqC0GFZuNaAOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEZd5OjNKGWcyitIulmAhRK00R6fMB8GA1UdIwQY
MBaAFOhYM43qauTduySFCgcH9DqheUw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZnemplcHE1TjI3SklVS0J3ZjBPcUY1VEQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zNzY2NjItODdlYi00Yzk3LTkzNzMt
YTFkY2U2YWQxNTBjLzEvUmwzazZNMG9aWnpLSzBpNldZQ0ZFclRSSHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zNzY2NjItODdlYi00Yzk3LTkzNzMtYTFkY2U2YWQxNTBj
LzEvNkZnemplcHE1TjI3SklVS0J3ZjBPcUY1VEQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufZkMA0G
CSqGSIb3DQEBCwUAA4IBAQCC/RirmYahQcYTU4XYLLn/BMHuufMDqVNB1lR5dAih
vh5nIGjsnb58bALV8WwjI0GBfLF0BY2sRLJbVOjH+oY1nn5IWa8mPgyf1IDMj20l
yFmFiXw/QYQy5awb+RvwJ8moYVe14xaBCa0CQ2aODSvWTHoC2rKckAvJoFOceVSb
lqhkOwPyoGputIV/pd9FOX87UyNQNlnlzBjdD0ia/lxS9N1eZPLCyivgGoovYID+
ra2cHZ6u2a+UZXLN0J8qEfQgoTzvmV10dPEevdmlqlxVQCgwGlJlG8AZbbEVng9L
+nIJwX50+UupWXMT+Le9Gq3Sv5UDKh534mz9c9iNDWhO
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:04:15 2025 by rpki-client