Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/SHMtTf2dL6vMOhLEhSlMOvaexL0.roa
File: SHMtTf2dL6vMOhLEhSlMOvaexL0.roa (raw, json)
Hash identifier: 95CLC9BzOIa2jseZjOp7xFJYciPt/IIAiHNlI3LsGXE=
Subject key identifier: 48:73:2D:4D:FD:9D:2F:AB:CC:3A:12:C4:85:29:4C:3A:F6:9E:C4:BD
Certificate issuer: /CN=b0adf05afef6f65fa19a61c30ae4fb11c7cf25b6
Certificate serial: 01856F5DD6A8AACE75C4F15B94B1744AF4F0
Authority key identifier: B0:AD:F0:5A:FE:F6:F6:5F:A1:9A:61:C3:0A:E4:FB:11:C7:CF:25:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sK3wWv729l-hmmHDCuT7EcfPJbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/SHMtTf2dL6vMOhLEhSlMOvaexL0.roa
Signing time: Sun 01 Jan 2023 22:04:58 +0000
ROA not before: Sun 01 Jan 2023 22:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2116
IP address blocks: 185.67.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d6:a8:aa:ce:75:c4:f1:5b:94:b1:74:4a:f4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0adf05afef6f65fa19a61c30ae4fb11c7cf25b6
Validity
Not Before: Jan 1 22:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48732d4dfd9d2fabcc3a12c485294c3af69ec4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:29:7e:40:9f:9c:84:72:c4:84:d3:2f:c3:
85:00:9a:b7:e6:19:ad:72:ed:c8:85:d6:d6:ab:0b:
6c:15:01:f2:72:83:89:8d:5b:83:f8:8d:f3:b7:b8:
12:62:4c:bf:5b:2b:f3:34:42:7e:6a:c1:a5:5a:0b:
74:64:2a:ba:b4:b2:a5:f7:b3:f9:b9:09:0e:4f:01:
f8:f4:2d:6a:c6:6e:67:93:d3:5e:e1:63:e4:df:ca:
e0:df:02:fb:8a:93:e6:f9:5f:51:8f:b0:08:59:0a:
80:15:21:94:c6:1d:13:d0:41:e2:56:c5:f4:81:89:
6a:1a:0f:ab:6a:00:be:26:da:58:4d:55:6c:41:d7:
e7:c7:c2:e6:fd:0c:cc:5a:48:26:5a:0d:e5:13:da:
b4:39:9b:b0:a9:d9:3f:7a:53:be:1b:a9:b1:f4:87:
4c:19:ab:5e:6c:05:cc:fe:88:c4:9f:32:91:5c:c9:
18:6c:ab:19:5a:d0:9e:cf:e1:46:be:ab:0e:eb:93:
b4:c7:af:6a:58:20:c4:36:68:1b:a7:51:69:6a:b6:
c8:a3:21:c5:0b:05:38:52:b8:97:5f:0d:d8:46:de:
dd:de:bb:3e:39:7d:15:26:82:5c:eb:d6:17:e5:68:
92:da:c5:2b:4a:fc:a6:9a:20:f6:f5:3a:e3:9c:56:
96:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:73:2D:4D:FD:9D:2F:AB:CC:3A:12:C4:85:29:4C:3A:F6:9E:C4:BD
X509v3 Authority Key Identifier:
keyid:B0:AD:F0:5A:FE:F6:F6:5F:A1:9A:61:C3:0A:E4:FB:11:C7:CF:25:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK3wWv729l-hmmHDCuT7EcfPJbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/SHMtTf2dL6vMOhLEhSlMOvaexL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/70959b-d79b-42dc-b893-5f2d0e2ae714/1/sK3wWv729l-hmmHDCuT7EcfPJbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.40.0/22
Signature Algorithm: sha256WithRSAEncryption
27:da:e4:e7:b1:da:13:23:42:4a:8c:a4:cc:43:0a:48:23:6e:
92:e2:e5:b9:ae:c4:d6:4d:a7:f9:df:f0:05:21:db:13:40:c7:
f3:94:df:9d:c8:5e:b7:ec:33:87:59:a2:d1:fb:81:0a:a9:61:
ee:52:9d:06:76:df:fa:20:d0:f7:3e:09:7a:ee:66:3d:0b:68:
cb:04:9d:72:20:2c:04:09:11:28:6c:4d:36:13:f3:b9:2d:c9:
f3:45:77:f3:72:52:39:1d:02:35:e0:c8:f9:b1:11:3a:29:9b:
6d:48:25:d2:df:b7:80:df:3e:55:2d:e8:c0:1d:50:64:cb:e3:
97:c4:94:a3:23:c0:6d:2d:77:c2:9d:a5:e6:29:f4:6c:dc:f2:
cb:79:3d:6e:67:55:f2:b1:95:95:fb:e0:13:85:b4:84:44:89:
36:1e:85:be:e5:e9:3a:b3:9d:a7:59:82:e6:fe:22:da:8d:a1:
08:d4:40:3f:b3:0e:65:8a:55:fb:64:9d:39:59:7c:7a:ce:ea:
55:2f:5b:06:2d:46:3a:cf:fc:f9:80:4f:24:47:d0:a5:4f:eb:
b3:dc:77:a3:3f:4f:48:bc:d5:f8:fd:1b:61:46:d5:31:05:d0:
c7:7d:9b:f2:b3:39:99:4f:2d:42:7c:7f:1a:5f:35:79:b4:c8:
3e:18:0d:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXdaoqs51xPFblLF0SvTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWRmMDVhZmVmNmY2NWZhMTlhNjFjMzBhZTRmYjExYzdj
ZjI1YjYwHhcNMjMwMTAxMjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODczMmQ0ZGZkOWQyZmFiY2MzYTEyYzQ4NTI5NGMzYWY2OWVjNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlacpfkCfnIRyxITTL8OFAJq35hmt
cu3IhdbWqwtsFQHycoOJjVuD+I3zt7gSYky/WyvzNEJ+asGlWgt0ZCq6tLKl97P5
uQkOTwH49C1qxm5nk9Ne4WPk38rg3wL7ipPm+V9Rj7AIWQqAFSGUxh0T0EHiVsX0
gYlqGg+ragC+JtpYTVVsQdfnx8Lm/QzMWkgmWg3lE9q0OZuwqdk/elO+G6mx9IdM
GatebAXM/ojEnzKRXMkYbKsZWtCez+FGvqsO65O0x69qWCDENmgbp1FparbIoyHF
CwU4UriXXw3YRt7d3rs+OX0VJoJc69YX5WiS2sUrSvymmiD29TrjnFaW3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhzLU39nS+rzDoSxIUpTDr2nsS9MB8GA1UdIwQY
MBaAFLCt8Fr+9vZfoZphwwrk+xHHzyW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0szd1d2NzI5bC1obW1IREN1VDdFY2ZQSmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDk1OWItZDc5Yi00MmRjLWI4OTMt
NWYyZDBlMmFlNzE0LzEvU0hNdFRmMmRMNnZNT2hMRWhTbE1PdmFleEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDk1OWItZDc5Yi00MmRjLWI4OTMtNWYyZDBlMmFlNzE0
LzEvc0szd1d2NzI5bC1obW1IREN1VDdFY2ZQSmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUMoMA0G
CSqGSIb3DQEBCwUAA4IBAQAn2uTnsdoTI0JKjKTMQwpII26S4uW5rsTWTaf53/AF
IdsTQMfzlN+dyF637DOHWaLR+4EKqWHuUp0Gdt/6IND3Pgl67mY9C2jLBJ1yICwE
CREobE02E/O5LcnzRXfzclI5HQI14Mj5sRE6KZttSCXS37eA3z5VLejAHVBky+OX
xJSjI8BtLXfCnaXmKfRs3PLLeT1uZ1XysZWV++AThbSERIk2HoW+5ek6s52nWYLm
/iLajaEI1EA/sw5lilX7ZJ05WXx6zupVL1sGLUY6z/z5gE8kR9ClT+uz3HejP09I
vNX4/RthRtUxBdDHfZvyszmZTy1CfH8aXzV5tMg+GA2H
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:41 2025 by rpki-client