Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/4swMnqmmnES06r6Qryrn2S-pWCI.roa
File: 4swMnqmmnES06r6Qryrn2S-pWCI.roa (raw, json)
Hash identifier: wmlT5Z1yFlzAOzCjTwQNMt6dAzGNvAOG9jnniG5ncDs=
Subject key identifier: E2:CC:0C:9E:A9:A6:9C:44:B4:EA:BE:90:AF:2A:E7:D9:2F:A9:58:22
Certificate issuer: /CN=607e5caff4f47b2b8dc81cc36c8e346662639898
Certificate serial: 018573284C896E407D77FFE8C541DFE7F6FA
Authority key identifier: 60:7E:5C:AF:F4:F4:7B:2B:8D:C8:1C:C3:6C:8E:34:66:62:63:98:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YH5cr_T0eyuNyBzDbI40ZmJjmJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/4swMnqmmnES06r6Qryrn2S-pWCI.roa
Signing time: Mon 02 Jan 2023 15:44:58 +0000
ROA not before: Mon 02 Jan 2023 15:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211953
IP address blocks: 185.189.52.0/24 maxlen: 24
185.189.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:4c:89:6e:40:7d:77:ff:e8:c5:41:df:e7:f6:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607e5caff4f47b2b8dc81cc36c8e346662639898
Validity
Not Before: Jan 2 15:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2cc0c9ea9a69c44b4eabe90af2ae7d92fa95822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:13:3d:af:0e:1b:58:88:9d:5c:be:a9:a1:8b:
24:bb:b9:14:16:b3:c1:97:13:93:f5:b7:e6:b1:7c:
5a:7b:8c:1d:a0:f6:48:02:f4:28:26:ea:f3:4e:a0:
fc:9f:5a:c1:18:44:0f:30:e2:17:90:e8:4d:ec:f2:
e0:39:d5:da:7d:c6:05:6d:34:16:5f:04:b5:c9:c9:
73:01:e0:62:32:82:09:e9:47:d7:46:9a:8d:6b:6e:
93:7a:f8:88:2a:7d:01:64:46:cf:f4:2a:37:76:13:
97:b9:a3:55:fc:04:2a:70:56:b9:97:03:9b:68:1d:
38:a4:6e:28:00:78:23:a1:62:78:1b:e8:96:48:26:
25:d3:09:c3:1a:1b:34:5e:f6:f9:cb:1f:aa:ab:a3:
49:82:3e:77:2b:0a:6c:5b:5e:c4:c8:94:93:88:da:
24:03:9f:50:07:3c:1b:52:8b:ba:7b:e2:4a:76:b2:
c1:71:39:92:23:6f:7e:85:3f:2e:c6:7d:53:e9:62:
7e:84:e7:e8:64:5f:53:fa:ca:37:c4:bf:9e:37:32:
d1:80:1f:8d:34:89:6f:ab:21:17:e6:b1:80:28:cf:
1d:88:38:8a:81:eb:9d:9a:77:24:4f:cc:6d:27:29:
da:b6:22:ff:1c:36:dd:3b:9a:30:63:6f:09:bb:5c:
2b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CC:0C:9E:A9:A6:9C:44:B4:EA:BE:90:AF:2A:E7:D9:2F:A9:58:22
X509v3 Authority Key Identifier:
keyid:60:7E:5C:AF:F4:F4:7B:2B:8D:C8:1C:C3:6C:8E:34:66:62:63:98:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YH5cr_T0eyuNyBzDbI40ZmJjmJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/4swMnqmmnES06r6Qryrn2S-pWCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/YH5cr_T0eyuNyBzDbI40ZmJjmJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.52.0/24
185.189.55.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:ef:70:bb:12:60:87:c9:75:06:8e:e7:0a:d6:f4:f1:90:00:
60:13:b8:86:25:fe:d6:32:0b:de:10:11:f5:8f:0e:f8:22:58:
43:af:98:73:66:52:93:54:cc:0e:18:58:46:22:68:03:26:57:
3b:be:c7:f7:bc:32:05:56:4b:62:a3:51:58:c0:f7:8f:15:92:
c3:7f:40:2d:ef:a4:88:34:bb:32:b2:d3:4e:e6:f8:1a:56:2d:
5f:af:b9:4e:9f:82:70:64:51:06:3e:46:d2:4d:c3:57:8b:35:
e8:47:4b:bd:58:fc:d0:13:ba:09:e6:2c:11:ae:8e:1c:76:56:
f5:d6:d2:87:d3:15:ef:23:79:3e:8f:dc:ad:53:e5:7c:61:ad:
65:f5:2c:83:f0:89:62:2d:bc:53:1f:51:38:27:7d:47:a2:14:
fb:89:53:ae:8e:9f:31:14:e5:89:13:11:a7:81:63:8f:b1:8c:
e9:c7:a5:23:69:24:94:11:ed:75:74:53:25:11:40:c9:28:1b:
a4:b5:c4:4c:0c:c7:86:14:fa:48:f7:46:49:2c:05:72:e9:4b:
3e:27:0d:15:c0:1d:f5:84:22:19:15:5b:6c:93:d7:14:e8:d5:
56:2a:6e:54:78:5f:3b:06:a7:97:17:2a:16:a0:e9:be:e3:c8:
43:ad:61:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzKEyJbkB9d//oxUHf5/b6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwN2U1Y2FmZjRmNDdiMmI4ZGM4MWNjMzZjOGUzNDY2NjI2
Mzk4OTgwHhcNMjMwMTAyMTU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmNjMGM5ZWE5YTY5YzQ0YjRlYWJlOTBhZjJhZTdkOTJmYTk1ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohM9rw4bWIidXL6poYsku7kUFrPB
lxOT9bfmsXxae4wdoPZIAvQoJurzTqD8n1rBGEQPMOIXkOhN7PLgOdXafcYFbTQW
XwS1yclzAeBiMoIJ6UfXRpqNa26TeviIKn0BZEbP9Co3dhOXuaNV/AQqcFa5lwOb
aB04pG4oAHgjoWJ4G+iWSCYl0wnDGhs0Xvb5yx+qq6NJgj53KwpsW17EyJSTiNok
A59QBzwbUou6e+JKdrLBcTmSI29+hT8uxn1T6WJ+hOfoZF9T+so3xL+eNzLRgB+N
NIlvqyEX5rGAKM8diDiKgeudmnckT8xtJynatiL/HDbdO5owY28Ju1wrdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOLMDJ6pppxEtOq+kK8q59kvqVgiMB8GA1UdIwQY
MBaAFGB+XK/09Hsrjcgcw2yONGZiY5iYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUg1Y3JfVDBleXVOeUJ6RGJJNDBabUpqbUpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83ZDY2ZGUtNWYwYy00NzY1LWEwZjYt
NjdmYmYyMTU1ZTRlLzEvNHN3TW5xbW1uRVMwNnI2UXJ5cm4yUy1wV0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83ZDY2ZGUtNWYwYy00NzY1LWEwZjYtNjdmYmYyMTU1ZTRl
LzEvWUg1Y3JfVDBleXVOeUJ6RGJJNDBabUpqbUpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAub00AwQA
ub03MA0GCSqGSIb3DQEBCwUAA4IBAQCO73C7EmCHyXUGjucK1vTxkABgE7iGJf7W
MgveEBH1jw74IlhDr5hzZlKTVMwOGFhGImgDJlc7vsf3vDIFVktio1FYwPePFZLD
f0At76SINLsystNO5vgaVi1fr7lOn4JwZFEGPkbSTcNXizXoR0u9WPzQE7oJ5iwR
ro4cdlb11tKH0xXvI3k+j9ytU+V8Ya1l9SyD8IliLbxTH1E4J31HohT7iVOujp8x
FOWJExGngWOPsYzpx6UjaSSUEe11dFMlEUDJKBuktcRMDMeGFPpI90ZJLAVy6Us+
Jw0VwB31hCIZFVtsk9cU6NVWKm5UeF87BqeXFyoWoOm+48hDrWEL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:45 2025 by rpki-client