Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a7568f-440b-4a9e-bb3a-3ee1e6991269/1/9shX4O_oKWGuHnZet5J1QukT0NE.roa
File: 9shX4O_oKWGuHnZet5J1QukT0NE.roa (raw, json)
Hash identifier: mFVCVM5EKO9c0Ugq9DUXyRjiXkE2TTW8ht395nVobW8=
Subject key identifier: F6:C8:57:E0:EF:E8:29:61:AE:1E:76:5E:B7:92:75:42:E9:13:D0:D1
Certificate issuer: /CN=cc7ac47a19f66f418397eea5fef15a07ff2c0023
Certificate serial: 018708F241692134671EBF616F1E409EBCD2
Authority key identifier: CC:7A:C4:7A:19:F6:6F:41:83:97:EE:A5:FE:F1:5A:07:FF:2C:00:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHrEehn2b0GDl-6l_vFaB_8sACM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/a7568f-440b-4a9e-bb3a-3ee1e6991269/1/9shX4O_oKWGuHnZet5J1QukT0NE.roa
Signing time: Wed 22 Mar 2023 10:51:46 +0000
ROA not before: Wed 22 Mar 2023 10:51:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62040
IP address blocks: 185.49.240.0/24 maxlen: 24
185.49.243.0/24 maxlen: 24
185.49.242.0/24 maxlen: 24
185.49.241.0/24 maxlen: 24
193.176.83.0/24 maxlen: 24
193.176.80.0/24 maxlen: 24
2a04:bb80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:f2:41:69:21:34:67:1e:bf:61:6f:1e:40:9e:bc:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc7ac47a19f66f418397eea5fef15a07ff2c0023
Validity
Not Before: Mar 22 10:51:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6c857e0efe82961ae1e765eb7927542e913d0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e6:3f:1d:52:04:3d:1d:3b:9c:d6:41:f2:32:
5f:d0:50:8b:15:26:3c:78:68:a9:9f:c3:16:80:04:
f2:1e:8a:3f:11:40:66:ec:59:8d:79:c2:09:9e:5b:
73:95:48:dd:a7:f8:80:f1:88:fb:13:b0:af:fb:f6:
29:3b:4d:64:98:ee:b8:fd:12:ad:31:c3:92:42:09:
12:c9:a0:47:8a:32:06:42:cf:50:3d:c9:98:d1:a7:
40:b4:0a:ea:e4:4d:80:84:ab:4f:4a:8d:1b:da:34:
b3:76:82:eb:df:d5:2a:e8:7c:49:12:9f:7f:0d:a1:
24:85:b6:5b:85:2c:22:9a:b0:04:71:01:af:74:c2:
81:61:19:7f:05:f5:cb:ee:09:73:22:b0:81:8e:7a:
88:9c:1e:f1:dd:50:4e:97:02:aa:cd:db:28:49:db:
d5:3a:aa:74:34:10:39:44:25:b9:f5:29:6a:6d:67:
f4:a8:c5:50:ef:39:01:63:d7:1f:dd:aa:f3:ba:2e:
54:b7:b7:ee:ad:8e:98:c6:c3:78:fe:09:68:75:9c:
83:70:6e:ea:3e:5f:c9:a4:0b:d4:78:66:47:fa:b0:
1c:78:61:cf:5a:32:3e:dc:0e:9c:ed:62:bb:fa:1c:
5a:71:08:39:e5:56:bc:9d:a2:e8:9a:0d:e4:b0:b7:
fa:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C8:57:E0:EF:E8:29:61:AE:1E:76:5E:B7:92:75:42:E9:13:D0:D1
X509v3 Authority Key Identifier:
keyid:CC:7A:C4:7A:19:F6:6F:41:83:97:EE:A5:FE:F1:5A:07:FF:2C:00:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHrEehn2b0GDl-6l_vFaB_8sACM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a7568f-440b-4a9e-bb3a-3ee1e6991269/1/9shX4O_oKWGuHnZet5J1QukT0NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a7568f-440b-4a9e-bb3a-3ee1e6991269/1/zHrEehn2b0GDl-6l_vFaB_8sACM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.240.0/22
193.176.80.0/24
193.176.83.0/24
IPv6:
2a04:bb80::/29
Signature Algorithm: sha256WithRSAEncryption
77:db:e2:39:18:1f:09:4a:da:5f:a6:33:ed:7f:ab:86:c1:48:
20:26:e2:2a:0a:03:f8:41:57:fa:88:a0:5d:df:19:70:ec:a4:
7a:f3:51:09:d2:f7:97:0d:4b:88:38:21:ba:8f:82:7a:f2:5b:
4a:88:d2:50:73:4f:b7:07:57:de:7a:0c:64:9a:9d:a6:c2:7e:
de:6a:7c:de:35:8e:e5:8e:3e:81:c5:a8:70:63:f4:da:55:01:
43:5d:7c:fd:9e:61:d3:8d:16:16:15:26:ed:17:af:b2:30:6a:
6e:74:26:3a:b8:52:de:da:e1:a5:04:0f:02:c1:a0:7a:7f:8e:
3f:01:02:30:ec:e1:02:85:4b:5b:b8:a0:9a:b2:6d:c2:de:f9:
8e:ed:be:bc:c5:4c:ed:f8:a4:c5:e1:45:3a:61:a9:49:24:ec:
f4:4a:cd:d6:7a:de:93:92:43:82:02:ac:b6:b9:4e:f7:73:35:
54:73:1e:69:e6:9f:d0:3b:96:ea:64:83:c7:30:c4:f1:67:8c:
12:88:be:bc:46:52:ed:81:81:3c:f1:44:d8:ee:a9:e6:20:85:
c4:77:cc:4a:87:69:15:a7:3b:d0:03:0a:b7:0e:14:55:16:4d:
08:dc:7a:05:d5:00:a6:88:ed:9b:2e:17:84:90:46:f0:4d:6c:
e3:ed:4c:a2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYcI8kFpITRnHr9hbx5AnrzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjN2FjNDdhMTlmNjZmNDE4Mzk3ZWVhNWZlZjE1YTA3ZmYy
YzAwMjMwHhcNMjMwMzIyMTA1MTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmM4NTdlMGVmZTgyOTYxYWUxZTc2NWViNzkyNzU0MmU5MTNkMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Y/HVIEPR07nNZB8jJf0FCLFSY8
eGipn8MWgATyHoo/EUBm7FmNecIJnltzlUjdp/iA8Yj7E7Cv+/YpO01kmO64/RKt
McOSQgkSyaBHijIGQs9QPcmY0adAtArq5E2AhKtPSo0b2jSzdoLr39Uq6HxJEp9/
DaEkhbZbhSwimrAEcQGvdMKBYRl/BfXL7glzIrCBjnqInB7x3VBOlwKqzdsoSdvV
Oqp0NBA5RCW59SlqbWf0qMVQ7zkBY9cf3arzui5Ut7furY6YxsN4/glodZyDcG7q
Pl/JpAvUeGZH+rAceGHPWjI+3A6c7WK7+hxacQg55Va8naLomg3ksLf6AQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPbIV+Dv6Clhrh52XreSdULpE9DRMB8GA1UdIwQY
MBaAFMx6xHoZ9m9Bg5fupf7xWgf/LAAjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhyRWVobjJiMEdEbC02bF92RmFCXzhzQUNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hNzU2OGYtNDQwYi00YTllLWJiM2Et
M2VlMWU2OTkxMjY5LzEvOXNoWDRPX29LV0d1SG5aZXQ1SjFRdWtUME5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hNzU2OGYtNDQwYi00YTllLWJiM2EtM2VlMWU2OTkxMjY5
LzEvekhyRWVobjJiMEdEbC02bF92RmFCXzhzQUNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuTHwAwQA
wbBQAwQAwbBTMA0EAgACMAcDBQMqBLuAMA0GCSqGSIb3DQEBCwUAA4IBAQB32+I5
GB8JStpfpjPtf6uGwUggJuIqCgP4QVf6iKBd3xlw7KR681EJ0veXDUuIOCG6j4J6
8ltKiNJQc0+3B1feegxkmp2mwn7eanzeNY7ljj6BxahwY/TaVQFDXXz9nmHTjRYW
FSbtF6+yMGpudCY6uFLe2uGlBA8CwaB6f44/AQIw7OEChUtbuKCasm3C3vmO7b68
xUzt+KTF4UU6YalJJOz0Ss3Wet6TkkOCAqy2uU73czVUcx5p5p/QO5bqZIPHMMTx
Z4wSiL68RlLtgYE88UTY7qnmIIXEd8xKh2kVpzvQAwq3DhRVFk0I3HoF1QCmiO2b
LheEkEbwTWzj7Uyi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:20 2025 by rpki-client