Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/pNA8fFbFDZURn_KGxf6TMrIjHOg.roa
File: pNA8fFbFDZURn_KGxf6TMrIjHOg.roa (raw, json)
Hash identifier: sq0pKOW/h1emSfnt/iWfWxh5Db60LThUylpoub8BEng=
Subject key identifier: A4:D0:3C:7C:56:C5:0D:95:11:9F:F2:86:C5:FE:93:32:B2:23:1C:E8
Certificate issuer: /CN=37778681361b1fff87ce398402efa63869e5bfd1
Certificate serial: 01867440F02BF066ED7D7457E969AFAA8766
Authority key identifier: 37:77:86:81:36:1B:1F:FF:87:CE:39:84:02:EF:A6:38:69:E5:BF:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/pNA8fFbFDZURn_KGxf6TMrIjHOg.roa
Signing time: Tue 21 Feb 2023 13:54:18 +0000
ROA not before: Tue 21 Feb 2023 13:54:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203971
IP address blocks: 185.118.48.0/24 maxlen: 24
185.118.48.0/22 maxlen: 22
185.118.49.0/24 maxlen: 24
185.222.93.0/24 maxlen: 24
185.222.94.0/24 maxlen: 24
185.222.95.0/24 maxlen: 24
185.222.92.0/22 maxlen: 22
185.222.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:40:f0:2b:f0:66:ed:7d:74:57:e9:69:af:aa:87:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37778681361b1fff87ce398402efa63869e5bfd1
Validity
Not Before: Feb 21 13:54:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4d03c7c56c50d95119ff286c5fe9332b2231ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f0:13:a6:d1:3f:55:09:e6:a6:58:f7:0b:d5:
f0:3b:09:e2:46:23:0b:fc:b8:e1:1b:51:35:89:b3:
f9:01:56:03:af:bf:50:ac:3b:1d:9d:1c:c2:ba:73:
13:b6:ba:f6:60:06:b3:45:1f:ba:48:b3:94:e7:c5:
cd:f0:8d:eb:47:07:5d:21:55:83:6f:e4:3c:1b:8b:
26:41:01:75:c9:76:47:1b:1e:b8:fa:59:03:00:83:
bf:5c:ec:1d:15:b2:73:a7:3e:c2:9e:76:1f:df:fb:
a3:2a:c3:30:07:89:7a:10:12:76:78:5f:7b:f1:3b:
46:d4:97:c1:de:a8:5d:40:fe:6a:9d:96:12:a6:6f:
ca:7d:99:16:61:9b:c5:8f:73:1c:98:80:5d:99:e4:
11:63:0d:dd:bb:c3:e0:31:90:c5:6b:6c:97:a8:ef:
25:5a:c5:87:91:a4:96:bc:7b:e0:26:01:92:92:0d:
42:0d:7e:a1:e8:76:57:df:0e:23:99:5f:73:61:62:
81:2c:d9:20:22:8e:ab:66:29:7c:c0:d6:9a:6d:6a:
51:e4:5a:a2:30:4e:81:29:2a:48:f9:36:b2:1e:bd:
91:ea:2b:1c:37:79:34:b0:5d:18:87:70:a7:9f:ce:
8e:be:67:5a:0d:68:8d:b7:b6:fe:76:46:36:50:aa:
6b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D0:3C:7C:56:C5:0D:95:11:9F:F2:86:C5:FE:93:32:B2:23:1C:E8
X509v3 Authority Key Identifier:
keyid:37:77:86:81:36:1B:1F:FF:87:CE:39:84:02:EF:A6:38:69:E5:BF:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/pNA8fFbFDZURn_KGxf6TMrIjHOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/N3eGgTYbH_-HzjmEAu-mOGnlv9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.48.0/22
185.222.92.0/22
Signature Algorithm: sha256WithRSAEncryption
62:dd:d1:4b:55:5a:0b:a9:87:28:65:e6:93:da:72:88:9a:d6:
00:97:87:01:61:2c:bf:0e:5a:8f:d1:d1:66:70:37:e5:77:51:
16:ca:74:ee:59:98:89:ac:7d:55:fe:6f:f0:83:83:2d:00:d7:
fc:a8:e3:ea:86:5e:08:4c:cd:8e:a8:20:d8:2a:59:cc:b2:12:
d9:8f:fc:fe:be:eb:52:5c:4e:7f:69:d3:2d:5b:ce:11:00:31:
a2:ae:a2:e4:6c:02:6f:46:1c:7b:86:8e:95:9a:01:16:b8:c6:
d5:1b:ec:92:5e:15:ee:33:b3:ee:3e:c9:66:e4:da:05:85:79:
ff:9d:a8:ca:3e:5f:07:ef:a4:28:8a:b9:b8:b4:0f:54:8b:58:
3a:80:18:34:8e:b6:c4:9d:a8:29:06:20:ea:2e:7e:25:a6:46:
bc:9a:04:2f:af:71:30:b6:0c:d9:23:57:f0:f8:88:f3:4a:f7:
6b:bb:bd:f4:53:7c:60:f1:7c:98:ef:3c:ef:ef:d6:03:d8:d6:
ca:9c:99:e7:d1:f3:ff:c5:db:0b:fe:6f:98:28:4a:f9:2a:a0:
b3:c3:72:22:1d:86:e0:99:34:44:4f:e0:a5:f1:a4:4c:46:7b:
5c:9f:86:c4:3c:75:74:3a:84:16:3c:8f:fc:42:0b:b7:da:0f:
d6:d1:6b:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ0QPAr8GbtfXRX6WmvqodmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Nzc4NjgxMzYxYjFmZmY4N2NlMzk4NDAyZWZhNjM4Njll
NWJmZDEwHhcNMjMwMjIxMTM1NDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGQwM2M3YzU2YzUwZDk1MTE5ZmYyODZjNWZlOTMzMmIyMjMxY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfATptE/VQnmplj3C9XwOwniRiML
/LjhG1E1ibP5AVYDr79QrDsdnRzCunMTtrr2YAazRR+6SLOU58XN8I3rRwddIVWD
b+Q8G4smQQF1yXZHGx64+lkDAIO/XOwdFbJzpz7CnnYf3/ujKsMwB4l6EBJ2eF97
8TtG1JfB3qhdQP5qnZYSpm/KfZkWYZvFj3McmIBdmeQRYw3du8PgMZDFa2yXqO8l
WsWHkaSWvHvgJgGSkg1CDX6h6HZX3w4jmV9zYWKBLNkgIo6rZil8wNaabWpR5Fqi
ME6BKSpI+TayHr2R6iscN3k0sF0Yh3Cnn86OvmdaDWiNt7b+dkY2UKprbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTQPHxWxQ2VEZ/yhsX+kzKyIxzoMB8GA1UdIwQY
MBaAFDd3hoE2Gx//h845hALvpjhp5b/RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNlR2dUWWJIXy1IemptRUF1LW1PR25sdjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82NjBjY2EtYzFhYS00NTU4LWFkMWUt
ZTUzZjkwNGExZjU4LzEvcE5BOGZGYkZEWlVSbl9LR3hmNlRNcklqSE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82NjBjY2EtYzFhYS00NTU4LWFkMWUtZTUzZjkwNGExZjU4
LzEvTjNlR2dUWWJIXy1IemptRUF1LW1PR25sdjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXYwAwQC
ud5cMA0GCSqGSIb3DQEBCwUAA4IBAQBi3dFLVVoLqYcoZeaT2nKImtYAl4cBYSy/
DlqP0dFmcDfld1EWynTuWZiJrH1V/m/wg4MtANf8qOPqhl4ITM2OqCDYKlnMshLZ
j/z+vutSXE5/adMtW84RADGirqLkbAJvRhx7ho6VmgEWuMbVG+ySXhXuM7PuPslm
5NoFhXn/najKPl8H76Qoirm4tA9Ui1g6gBg0jrbEnagpBiDqLn4lpka8mgQvr3Ew
tgzZI1fw+IjzSvdru730U3xg8XyY7zzv79YD2NbKnJnn0fP/xdsL/m+YKEr5KqCz
w3IiHYbgmTRET+Cl8aRMRntcn4bEPHV0OoQWPI/8Qgu32g/W0WuH
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:24:08 2025 by rpki-client