Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/335yyEAk6nKrIMMb-lyciNzDJMw.roa
File: 335yyEAk6nKrIMMb-lyciNzDJMw.roa (raw, json)
Hash identifier: j0NTaFHjYaq+fd+voZhyc7qW7waLWHX4Rf+L2qsg5vA=
Subject key identifier: DF:7E:72:C8:40:24:EA:72:AB:20:C3:1B:FA:5C:9C:88:DC:C3:24:CC
Certificate issuer: /CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Certificate serial: 01856E78B357FDE60F890EEDD870C325EA21
Authority key identifier: A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/335yyEAk6nKrIMMb-lyciNzDJMw.roa
Signing time: Sun 01 Jan 2023 17:54:42 +0000
ROA not before: Sun 01 Jan 2023 17:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 185.131.48.0/24 maxlen: 24
185.131.49.0/24 maxlen: 24
185.131.51.0/24 maxlen: 24
185.131.50.0/24 maxlen: 24
185.241.137.0/24 maxlen: 24
185.241.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:b3:57:fd:e6:0f:89:0e:ed:d8:70:c3:25:ea:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Validity
Not Before: Jan 1 17:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df7e72c84024ea72ab20c31bfa5c9c88dcc324cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:12:9a:ad:f6:8c:70:22:c4:b0:01:40:12:4e:
61:09:f2:a9:81:38:7d:c3:ac:a5:aa:ad:0b:31:a6:
d9:f1:44:1d:6c:06:95:29:30:76:39:9d:25:a7:29:
40:b0:09:57:aa:46:a7:fe:a5:51:a4:28:97:ac:44:
fc:da:10:28:4a:10:8c:d4:8f:43:7d:04:4f:ad:00:
dc:b5:b1:46:18:45:90:1a:d9:86:02:c9:46:bd:cc:
9d:7b:1a:4a:e4:01:83:bb:ac:f8:f8:ae:51:5e:da:
33:a2:37:ea:72:6c:34:21:9d:c3:7a:1a:3d:bf:7c:
b0:9e:5a:97:59:f3:66:20:ee:9d:39:06:53:49:1b:
d4:c7:82:b2:c3:a3:21:50:0c:c4:30:f5:db:fa:8b:
10:5d:5b:7c:c1:aa:bf:43:a2:1b:7c:97:75:5c:de:
b0:88:a9:17:89:c6:61:a7:9e:9a:96:2e:6b:89:80:
40:a3:90:ec:c3:40:73:4e:df:7e:c4:ac:e0:b6:60:
dd:4d:59:50:c8:3b:87:7f:57:bd:31:55:bc:0a:00:
32:d5:ef:2e:15:c9:9a:83:be:b3:5d:73:5d:eb:ac:
6e:93:b6:b7:7d:fb:d7:55:8c:4a:17:5d:a5:12:be:
c6:36:f8:de:1a:ff:70:de:85:b8:fe:80:81:e0:61:
3c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7E:72:C8:40:24:EA:72:AB:20:C3:1B:FA:5C:9C:88:DC:C3:24:CC
X509v3 Authority Key Identifier:
keyid:A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/335yyEAk6nKrIMMb-lyciNzDJMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.48.0/22
185.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
07:1e:b1:a4:03:ab:5e:c1:de:5c:8a:81:52:3d:6a:be:5b:58:
87:8f:a7:ac:b4:1d:3a:b5:88:68:66:8f:f3:97:c8:a2:35:97:
50:e9:9e:29:54:e9:c7:8e:0c:fd:90:80:28:3b:12:d5:1d:58:
88:c5:52:bd:c2:17:8e:1e:71:be:6f:b7:ab:5f:3d:e0:a3:1a:
ce:74:32:f3:f2:73:8b:01:29:e4:b8:a5:60:50:11:48:26:d2:
2c:ee:60:6a:b3:77:4c:00:29:fd:8a:1e:15:13:c5:7a:de:f7:
c9:3a:db:fa:30:25:f2:d6:c7:5e:b8:51:bf:64:d2:e4:49:f6:
0c:d8:f7:6b:4f:2a:0f:6c:aa:cf:85:fb:4d:cb:14:e3:f8:07:
53:94:e8:a6:ed:be:70:50:95:ea:4e:75:d7:cb:31:3d:d7:6d:
b9:bd:17:90:d4:06:c1:a4:d4:be:b0:25:4c:2d:24:cd:c6:be:
0b:ed:5a:8f:8c:0f:48:97:bc:c7:96:2f:4f:46:52:b2:f7:49:
ac:d5:5f:d8:b0:52:32:8c:a5:b5:68:bb:94:39:2d:de:83:21:
d9:d1:74:04:04:e9:37:0b:c3:0e:c5:09:29:4f:32:c8:c3:07:
7a:6d:4f:d0:c2:f5:49:15:f4:ad:eb:4c:d2:35:04:75:58:6d:
d5:d8:c9:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVueLNX/eYPiQ7t2HDDJeohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTIxNjFkN2YwMWZhNmZkMDg0MmMyMTEwODA2MzNmM2Vk
MzZiYTUwHhcNMjMwMTAxMTc1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdlNzJjODQwMjRlYTcyYWIyMGMzMWJmYTVjOWM4OGRjYzMyNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBKarfaMcCLEsAFAEk5hCfKpgTh9
w6ylqq0LMabZ8UQdbAaVKTB2OZ0lpylAsAlXqkan/qVRpCiXrET82hAoShCM1I9D
fQRPrQDctbFGGEWQGtmGAslGvcydexpK5AGDu6z4+K5RXtozojfqcmw0IZ3Deho9
v3ywnlqXWfNmIO6dOQZTSRvUx4Kyw6MhUAzEMPXb+osQXVt8waq/Q6IbfJd1XN6w
iKkXicZhp56ali5riYBAo5Dsw0BzTt9+xKzgtmDdTVlQyDuHf1e9MVW8CgAy1e8u
Fcmag76zXXNd66xuk7a3ffvXVYxKF12lEr7GNvjeGv9w3oW4/oCB4GE8YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN9+cshAJOpyqyDDG/pcnIjcwyTMMB8GA1UdIwQY
MBaAFKPiFh1/Afpv0IQsIRCAYz8+02ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEt
N2UwMzQwZWM5NjY3LzEvMzM1eXlFQWs2bktySU1NYi1seWNpTnpESk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEtN2UwMzQwZWM5NjY3
LzEvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYMwAwQB
ufGIMA0GCSqGSIb3DQEBCwUAA4IBAQAHHrGkA6tewd5cioFSPWq+W1iHj6estB06
tYhoZo/zl8iiNZdQ6Z4pVOnHjgz9kIAoOxLVHViIxVK9wheOHnG+b7erXz3goxrO
dDLz8nOLASnkuKVgUBFIJtIs7mBqs3dMACn9ih4VE8V63vfJOtv6MCXy1sdeuFG/
ZNLkSfYM2PdrTyoPbKrPhftNyxTj+AdTlOim7b5wUJXqTnXXyzE91225vReQ1AbB
pNS+sCVMLSTNxr4L7VqPjA9Il7zHli9PRlKy90ms1V/YsFIyjKW1aLuUOS3egyHZ
0XQEBOk3C8MOxQkpTzLIwwd6bU/QwvVJFfSt60zSNQR1WG3V2Mmt
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:16 2025 by rpki-client