Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/aRUdVB6XznkfhjlDvJkQe44moUY.roa
File: aRUdVB6XznkfhjlDvJkQe44moUY.roa (raw, json)
Hash identifier: OkrVkAdM+sDBlL8c8r/8Xqo2Rqu/WtJEFVBYXEceHJM=
Subject key identifier: 69:15:1D:54:1E:97:CE:79:1F:86:39:43:BC:99:10:7B:8E:26:A1:46
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 01856C6EE4857531BAF5B3A686498E55FF96
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/aRUdVB6XznkfhjlDvJkQe44moUY.roa
Signing time: Sun 01 Jan 2023 08:24:44 +0000
ROA not before: Sun 01 Jan 2023 08:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 185.161.233.0/24 maxlen: 24
185.161.232.0/22 maxlen: 24
185.68.44.0/22 maxlen: 24
185.68.44.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:e4:85:75:31:ba:f5:b3:a6:86:49:8e:55:ff:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 08:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69151d541e97ce791f863943bc99107b8e26a146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d1:47:00:3e:ec:9a:33:f9:c0:ed:57:27:70:
64:60:8b:16:95:54:c8:77:c6:96:0a:ac:ec:7a:8c:
ed:3d:8d:26:c7:37:1b:56:65:dd:26:1d:65:77:51:
8d:5e:a8:74:ca:4b:93:bf:ba:c9:3b:ae:76:62:54:
3e:31:64:81:f0:2c:2c:62:58:e1:b9:ec:c7:ee:59:
42:44:c6:0c:b7:07:aa:59:51:81:5f:9f:ac:c7:18:
6b:e3:7d:46:ca:0e:93:86:be:9b:ed:3a:6e:7c:5c:
ad:45:53:59:79:73:e1:6b:93:0a:70:d6:2a:fc:19:
e7:57:93:ca:6f:45:b4:d5:05:25:69:01:59:b7:81:
03:2d:f1:f2:a8:19:00:32:cb:52:fb:73:5e:f8:2e:
ab:94:e8:3e:f3:b3:f7:85:a0:f2:74:3c:89:b3:36:
90:74:d4:cc:8c:9f:cb:0d:49:e1:8d:34:e9:4c:3b:
c6:bd:b4:46:4d:b4:14:31:2d:f7:99:b0:75:50:31:
1c:fe:04:df:c1:e4:bd:f0:7b:42:06:64:a2:f2:f6:
e4:0e:73:9a:cf:8b:96:68:49:49:63:6f:fb:fc:fc:
83:37:04:98:17:51:2e:e7:68:b8:c5:e2:33:56:4b:
e7:5d:a0:e1:46:6b:be:e8:8f:94:b8:31:e4:ee:11:
ea:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:15:1D:54:1E:97:CE:79:1F:86:39:43:BC:99:10:7B:8E:26:A1:46
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/aRUdVB6XznkfhjlDvJkQe44moUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.44.0/22
185.161.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:e9:8b:c5:f7:17:b5:41:39:61:3d:e6:50:ff:c0:e2:91:c1:
1c:f7:52:92:b7:dc:fa:7f:31:71:65:40:9c:e0:ce:72:90:dc:
c7:10:35:68:79:aa:f5:a2:f8:6c:81:11:7e:40:c8:4a:06:c7:
27:56:aa:68:24:72:7f:72:84:f7:7e:62:b9:4c:3a:e5:71:a3:
c5:d1:58:04:ca:84:9b:ab:e6:68:3c:19:e4:44:e1:83:07:e5:
b8:01:85:e5:1b:35:3e:9c:e4:4d:c5:9b:f5:f3:34:14:1d:18:
c4:2a:48:08:45:00:ce:58:42:c0:3f:b4:5c:1d:e8:22:aa:2b:
9a:56:27:8f:32:92:71:34:d4:b9:80:0f:fb:1c:bc:08:5a:ad:
15:a1:13:5f:fd:9d:46:3e:57:c2:82:c0:33:7f:22:f7:0b:3d:
ae:f3:d7:42:56:ad:ca:ec:e0:4c:19:85:30:81:bc:08:d9:6d:
98:86:de:fd:d5:9a:67:ea:8c:d2:fd:64:88:9c:0b:16:96:48:
4e:43:3b:a6:0d:bc:5d:d2:d1:6d:55:66:8c:d3:50:75:72:5a:
af:b8:99:d3:52:bb:f0:55:33:36:47:43:86:62:bf:38:a7:93:
7f:37:1e:dd:d5:54:11:ee:3f:53:01:54:e2:76:8e:27:3f:59:
2f:14:68:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsbuSFdTG69bOmhkmOVf+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjMwMTAxMDgyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTE1MWQ1NDFlOTdjZTc5MWY4NjM5NDNiYzk5MTA3YjhlMjZhMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndFHAD7smjP5wO1XJ3BkYIsWlVTI
d8aWCqzseoztPY0mxzcbVmXdJh1ld1GNXqh0ykuTv7rJO652YlQ+MWSB8CwsYljh
uezH7llCRMYMtweqWVGBX5+sxxhr431Gyg6Thr6b7TpufFytRVNZeXPha5MKcNYq
/BnnV5PKb0W01QUlaQFZt4EDLfHyqBkAMstS+3Ne+C6rlOg+87P3haDydDyJszaQ
dNTMjJ/LDUnhjTTpTDvGvbRGTbQUMS33mbB1UDEc/gTfweS98HtCBmSi8vbkDnOa
z4uWaElJY2/7/PyDNwSYF1Eu52i4xeIzVkvnXaDhRmu+6I+UuDHk7hHqwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGkVHVQel855H4Y5Q7yZEHuOJqFGMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvYVJVZFZCNlh6bmtmaGpsRHZKa1FlNDRtb1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUQsAwQC
uaHoMA0GCSqGSIb3DQEBCwUAA4IBAQAq6YvF9xe1QTlhPeZQ/8DikcEc91KSt9z6
fzFxZUCc4M5ykNzHEDVoear1ovhsgRF+QMhKBscnVqpoJHJ/coT3fmK5TDrlcaPF
0VgEyoSbq+ZoPBnkROGDB+W4AYXlGzU+nORNxZv18zQUHRjEKkgIRQDOWELAP7Rc
HegiqiuaViePMpJxNNS5gA/7HLwIWq0VoRNf/Z1GPlfCgsAzfyL3Cz2u89dCVq3K
7OBMGYUwgbwI2W2Yht791Zpn6ozS/WSInAsWlkhOQzumDbxd0tFtVWaM01B1clqv
uJnTUrvwVTM2R0OGYr84p5N/Nx7d1VQR7j9TAVTido4nP1kvFGji
-----END CERTIFICATE-----
Generated at Mon Apr 28 11:53:10 2025 by rpki-client