Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/G-1154lDHjG-aRAZESrUue8bRkw.roa
File: G-1154lDHjG-aRAZESrUue8bRkw.roa (raw, json)
Hash identifier: yw4ux3q2oW1+RY/VGwLsFAgDGt9y4X0d3rkQ6iEGLJk=
Subject key identifier: 1B:ED:75:E7:89:43:1E:31:BE:69:10:19:11:2A:D4:B9:EF:1B:46:4C
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 043602A0
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/G-1154lDHjG-aRAZESrUue8bRkw.roa
Signing time: Wed 26 Jan 2022 14:09:59 +0000
ROA not before: Wed 26 Jan 2022 14:09:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 85.239.148.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70648480 (0x43602a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 26 14:09:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bed75e789431e31be691019112ad4b9ef1b464c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f5:4e:78:f3:cb:87:36:c4:b7:9a:91:e9:fe:
aa:78:45:30:ba:21:d3:f9:ad:e0:6c:fc:a1:a9:6c:
3b:6f:4d:89:f6:6f:60:59:b0:3b:e2:2f:e8:18:8c:
4b:cf:37:8d:1b:22:33:d2:f1:f5:c6:01:55:a5:76:
6e:7d:20:5c:f1:8a:99:6d:99:8e:d2:00:a7:95:53:
a1:85:b9:5c:01:d7:d9:58:17:2f:ed:0d:ea:27:31:
2a:06:19:72:8d:70:01:34:e8:f2:97:b4:b4:33:c1:
f4:36:40:a4:33:c4:57:5f:8f:0b:a7:7e:6b:9d:c1:
81:53:2d:19:79:db:2e:e9:fd:ac:a7:e7:83:68:f6:
35:1f:0f:99:59:2f:69:e0:6f:26:45:9d:12:44:29:
c2:f8:ca:1c:70:31:01:31:00:9c:b6:b0:65:6a:91:
74:66:b0:15:f9:d8:13:80:af:f0:05:aa:2b:32:0f:
24:6f:0c:3d:48:2e:f7:47:2b:60:f6:6b:67:cc:5d:
d9:87:34:7a:a9:c6:60:a2:0d:69:0c:d4:98:d1:6d:
1b:84:e8:b6:24:47:16:4e:f0:5a:4d:80:58:0c:fc:
8c:bc:f9:0c:e4:9d:94:e4:3b:00:b6:7a:3e:ae:57:
0b:36:f7:7e:f9:b5:da:1b:5d:af:3c:0c:dd:75:5e:
a8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:ED:75:E7:89:43:1E:31:BE:69:10:19:11:2A:D4:B9:EF:1B:46:4C
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/G-1154lDHjG-aRAZESrUue8bRkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0/24
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:22:5e:41:c3:ce:ac:bb:03:10:8e:7c:2d:a7:5a:a3:e2:0d:
9e:99:ac:0d:75:34:f4:c1:21:bb:e3:e8:0b:e9:c8:25:76:8b:
b3:ce:60:17:87:ed:66:66:92:ab:29:bc:aa:00:26:75:bb:66:
76:b2:9e:3b:57:81:c4:bd:db:4e:8d:74:be:b4:2f:0c:6d:e8:
e0:ce:2f:f2:5e:13:5a:45:46:bf:3e:57:9d:f0:a0:3c:35:dd:
85:51:db:c6:41:dc:ce:73:e2:43:01:90:c9:46:0e:61:78:49:
f0:8d:71:9c:09:9d:4f:ce:6f:8f:4f:2c:7f:3a:c7:2e:7b:fc:
3e:d5:da:76:07:8f:66:ea:f7:f3:ec:f5:e8:be:85:ae:23:b2:
79:98:d6:57:c8:c5:cd:55:52:bc:fe:dd:5d:42:fb:8d:16:10:
7a:bc:21:b0:ed:84:90:62:a7:59:c6:af:30:92:dc:ac:cd:8d:
31:06:b2:d6:d5:64:52:bb:ae:e8:28:e7:27:c7:7d:17:2e:1e:
dc:f1:77:ff:03:b3:e6:d5:92:18:be:61:86:ff:f1:8f:11:1e:
47:e6:05:16:39:76:4d:71:36:11:7d:79:c2:a7:02:00:cb:22:
81:03:56:46:91:6c:01:cc:9c:ff:27:53:65:f0:19:73:33:ba:
aa:4a:0f:fd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBDYCoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDEy
NjE0MDk1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJlZDc1ZTc4OTQz
MWUzMWJlNjkxMDE5MTEyYWQ0YjllZjFiNDY0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIj1Tnjzy4c2xLeaken+qnhFMLoh0/mt4Gz8oalsO29NifZv
YFmwO+Iv6BiMS883jRsiM9Lx9cYBVaV2bn0gXPGKmW2ZjtIAp5VToYW5XAHX2VgX
L+0N6icxKgYZco1wATTo8pe0tDPB9DZApDPEV1+PC6d+a53BgVMtGXnbLun9rKfn
g2j2NR8PmVkvaeBvJkWdEkQpwvjKHHAxATEAnLawZWqRdGawFfnYE4Cv8AWqKzIP
JG8MPUgu90crYPZrZ8xd2Yc0eqnGYKINaQzUmNFtG4TotiRHFk7wWk2AWAz8jLz5
DOSdlOQ7ALZ6Pq5XCzb3fvm12htdrzwM3XVeqP8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQb7XXniUMeMb5pEBkRKtS57xtGTDAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L0ctMTE1NGxESGpHLWFSQVpFU3JVdWU4YlJrdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFXvlAMEAFXvljANBgkqhkiG9w0B
AQsFAAOCAQEAaiJeQcPOrLsDEI58Ladao+INnpmsDXU09MEhu+PoC+nIJXaLs85g
F4ftZmaSqym8qgAmdbtmdrKeO1eBxL3bTo10vrQvDG3o4M4v8l4TWkVGvz5XnfCg
PDXdhVHbxkHcznPiQwGQyUYOYXhJ8I1xnAmdT85vj08sfzrHLnv8PtXadgePZur3
8+z16L6FriOyeZjWV8jFzVVSvP7dXUL7jRYQerwhsO2EkGKnWcavMJLcrM2NMQay
1tVkUruu6CjnJ8d9Fy4e3PF3/wOz5tWSGL5hhv/xjxEeR+YFFjl2TXE2EX15wqcC
AMsigQNWRpFsAcyc/ydTZfAZczO6qkoP/Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:01 2025 by rpki-client