Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5efad6-c9a4-4838-bd67-73717c56b6f3/1/1-4Z0p1V7UJoMQXRlEkkR_0zPMU4.roa
File: 1-4Z0p1V7UJoMQXRlEkkR_0zPMU4.roa (raw, json)
Hash identifier: 5oCm8qQaVvK4qqDiG4zBps2ZWhd/sf4VJMRXRfVq1HA=
Subject key identifier: FB:86:74:A7:55:7B:50:9A:0C:41:74:65:12:49:11:FF:4C:CF:31:4E
Certificate issuer: /CN=9a2f0701d7a63cf3d193695c395d1a1f78335ccf
Certificate serial: 018572836784C7C4B34FE6E179054A3AAAA7
Authority key identifier: 9A:2F:07:01:D7:A6:3C:F3:D1:93:69:5C:39:5D:1A:1F:78:33:5C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mi8HAdemPPPRk2lcOV0aH3gzXM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5efad6-c9a4-4838-bd67-73717c56b6f3/1/1-4Z0p1V7UJoMQXRlEkkR_0zPMU4.roa
Signing time: Mon 02 Jan 2023 12:44:52 +0000
ROA not before: Mon 02 Jan 2023 12:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60893
IP address blocks: 185.58.148.0/22 maxlen: 24
185.24.48.0/22 maxlen: 24
2a00:7420::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:67:84:c7:c4:b3:4f:e6:e1:79:05:4a:3a:aa:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a2f0701d7a63cf3d193695c395d1a1f78335ccf
Validity
Not Before: Jan 2 12:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb8674a7557b509a0c417465124911ff4ccf314e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ec:6f:19:2e:55:38:8a:0b:72:c0:27:95:17:
9b:f8:75:54:3d:ef:2b:b6:92:23:72:e3:fc:fe:86:
b9:5d:ab:eb:5e:11:1f:f3:c5:62:48:3d:e0:bc:78:
c7:57:1b:0f:86:f9:0d:30:a7:42:91:38:48:a5:61:
c3:ab:c1:93:c0:f5:00:4c:33:c4:60:2c:51:d5:8e:
5f:f1:7b:f7:ff:98:cc:87:56:b4:70:3a:b4:65:5a:
84:83:f6:dc:29:e5:89:e8:d4:6d:22:4d:48:76:1b:
c7:25:ce:7f:2f:06:4f:4b:ee:41:a3:2b:84:66:99:
5b:b3:cb:32:92:0c:ad:d7:df:29:06:10:99:a0:fd:
6c:50:48:d1:52:5e:49:84:14:38:91:3f:05:c4:15:
d4:ce:58:da:3e:95:80:2d:88:ca:13:2c:11:5d:8e:
c7:05:28:8e:48:1b:90:f0:9e:fc:0e:2e:46:ff:4d:
23:87:63:ae:2e:39:81:ea:a1:78:ef:af:05:05:13:
2b:6e:22:ee:d2:c7:0c:27:ce:0f:d0:e1:f7:e8:06:
c8:c8:73:bc:39:8f:13:0a:f4:b3:73:19:fc:48:85:
a7:39:1b:16:d5:93:84:3f:75:fe:90:cd:73:87:9f:
e0:f7:21:b1:c3:2a:89:5d:63:2f:ef:67:20:6f:05:
63:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:86:74:A7:55:7B:50:9A:0C:41:74:65:12:49:11:FF:4C:CF:31:4E
X509v3 Authority Key Identifier:
keyid:9A:2F:07:01:D7:A6:3C:F3:D1:93:69:5C:39:5D:1A:1F:78:33:5C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mi8HAdemPPPRk2lcOV0aH3gzXM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5efad6-c9a4-4838-bd67-73717c56b6f3/1/1-4Z0p1V7UJoMQXRlEkkR_0zPMU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5efad6-c9a4-4838-bd67-73717c56b6f3/1/mi8HAdemPPPRk2lcOV0aH3gzXM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.48.0/22
185.58.148.0/22
IPv6:
2a00:7420::/32
Signature Algorithm: sha256WithRSAEncryption
97:45:5d:c8:47:6a:5e:fb:b9:5b:08:8f:16:ee:df:1e:74:ad:
ca:94:fe:90:4d:5a:46:cb:2e:cc:e5:73:1e:84:ed:7d:10:a9:
8d:2a:56:e6:0b:de:0c:3f:5b:04:1a:15:71:90:71:e4:61:5d:
f3:c3:de:8d:04:08:c8:f1:d2:44:42:60:7d:58:3a:e3:92:4f:
f4:e5:f5:73:92:4e:c0:a6:b7:77:ed:56:80:32:bc:3f:78:46:
d2:b6:25:2a:5a:9a:46:b6:a2:dd:23:21:14:60:16:38:a1:d1:
4a:4f:51:b1:cc:b0:8b:38:17:8f:dd:d4:a9:32:e1:1b:e0:40:
0a:ce:34:d4:4c:81:cc:51:18:79:49:10:f8:f4:88:71:fa:ce:
dd:53:15:9e:b9:70:49:6a:41:0c:46:49:99:92:92:2d:50:b7:
2c:df:00:44:12:78:50:b6:79:22:02:73:69:04:a7:ac:f9:ad:
ee:c8:17:2a:60:f3:78:08:43:54:57:34:93:ba:94:43:52:14:
12:6f:88:b7:fc:1b:2f:bd:66:54:ea:22:16:bf:6b:17:ab:66:
d0:bd:21:ec:b2:46:d8:72:78:67:9e:e6:ad:19:28:b9:8d:bd:
49:98:e0:bf:2e:2c:90:52:c7:b8:d6:36:33:83:4e:e1:cd:e0:
ef:0e:30:69
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVyg2eEx8SzT+bheQVKOqqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMmYwNzAxZDdhNjNjZjNkMTkzNjk1YzM5NWQxYTFmNzgz
MzVjY2YwHhcNMjMwMTAyMTI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjg2NzRhNzU1N2I1MDlhMGM0MTc0NjUxMjQ5MTFmZjRjY2YzMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnexvGS5VOIoLcsAnlReb+HVUPe8r
tpIjcuP8/oa5XavrXhEf88ViSD3gvHjHVxsPhvkNMKdCkThIpWHDq8GTwPUATDPE
YCxR1Y5f8Xv3/5jMh1a0cDq0ZVqEg/bcKeWJ6NRtIk1IdhvHJc5/LwZPS+5BoyuE
Zplbs8sykgyt198pBhCZoP1sUEjRUl5JhBQ4kT8FxBXUzljaPpWALYjKEywRXY7H
BSiOSBuQ8J78Di5G/00jh2OuLjmB6qF4768FBRMrbiLu0scMJ84P0OH36AbIyHO8
OY8TCvSzcxn8SIWnORsW1ZOEP3X+kM1zh5/g9yGxwyqJXWMv72cgbwVjRQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPuGdKdVe1CaDEF0ZRJJEf9MzzFOMB8GA1UdIwQY
MBaAFJovBwHXpjzz0ZNpXDldGh94M1zPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWk4SEFkZW1QUFBSazJsY09WMGFIM2d6WE04LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZWZhZDYtYzlhNC00ODM4LWJkNjct
NzM3MTdjNTZiNmYzLzEvMS00WjBwMVY3VUpvTVFYUmxFa2tSXzB6UE1VNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTUvNWVmYWQ2LWM5YTQtNDgzOC1iZDY3LTczNzE3YzU2YjZm
My8xL21pOEhBZGVtUFBQUmsybGNPVjBhSDNnelhNOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkYMAME
Ark6lDANBAIAAjAHAwUAKgB0IDANBgkqhkiG9w0BAQsFAAOCAQEAl0VdyEdqXvu5
WwiPFu7fHnStypT+kE1aRssuzOVzHoTtfRCpjSpW5gveDD9bBBoVcZBx5GFd88Pe
jQQIyPHSREJgfVg645JP9OX1c5JOwKa3d+1WgDK8P3hG0rYlKlqaRrai3SMhFGAW
OKHRSk9RscywizgXj93UqTLhG+BACs401EyBzFEYeUkQ+PSIcfrO3VMVnrlwSWpB
DEZJmZKSLVC3LN8ARBJ4ULZ5IgJzaQSnrPmt7sgXKmDzeAhDVFc0k7qUQ1IUEm+I
t/wbL71mVOoiFr9rF6tm0L0h7LJG2HJ4Z57mrRkouY29SZjgvy4skFLHuNY2M4NO
4c3g7w4waQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:00:01 2025 by rpki-client