Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Fbq8QTFUvjO_-iQ1-LgIu5dy1Dc.roa
File: Fbq8QTFUvjO_-iQ1-LgIu5dy1Dc.roa (raw, json)
Hash identifier: dtAiuP/TbLWn6vv1PLEdS6Qt1EVLy3Ux+b1k70leMU0=
Subject key identifier: 15:BA:BC:41:31:54:BE:33:BF:FA:24:35:F8:B8:08:BB:97:72:D4:37
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0189DFA8548888CFEA866728F2ACB27C94FE
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Fbq8QTFUvjO_-iQ1-LgIu5dy1Dc.roa
Signing time: Thu 10 Aug 2023 13:34:58 +0000
ROA not before: Thu 10 Aug 2023 13:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
45.148.145.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:a8:54:88:88:cf:ea:86:67:28:f2:ac:b2:7c:94:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Aug 10 13:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15babc413154be33bffa2435f8b808bb9772d437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5c:0c:d6:33:20:3f:4f:da:6a:ba:aa:ff:fc:
2d:8b:f2:2b:c3:41:ff:4f:7c:88:ed:78:72:b3:20:
05:ba:14:91:13:f6:f9:61:98:28:24:74:09:04:18:
3e:43:6b:60:ea:c1:dd:f1:05:7e:82:32:b8:7b:92:
5b:c7:9a:14:10:2a:b0:c7:13:8b:91:95:bb:76:d0:
db:7a:bb:4b:c3:c4:3a:1b:0c:ab:76:1c:73:96:98:
9c:02:60:a4:25:fb:dc:f2:94:6f:8f:02:ef:19:91:
40:5a:15:56:46:fa:91:b5:db:cb:68:d0:d3:19:ea:
bc:78:d6:1a:93:eb:4e:c9:95:65:cf:19:b7:82:b0:
af:88:90:48:15:76:7b:d9:91:b6:cc:ee:ed:84:f3:
43:aa:e0:bd:93:27:37:a9:9b:19:8f:6a:b2:78:6b:
4a:34:09:33:04:5a:3e:2d:b4:10:42:c4:95:36:5c:
e7:ba:68:c0:6b:a6:9c:ab:6d:8d:a3:55:99:98:98:
d1:4a:b5:90:a9:fc:99:24:8b:e0:b9:d7:fc:69:78:
08:0e:3c:84:44:b6:ac:1a:60:95:e7:b6:18:56:3d:
59:34:6f:ed:bf:2c:e8:55:18:b4:8f:37:96:5b:0d:
e3:cd:23:aa:c1:27:2c:91:5e:b0:a8:97:ce:ac:6f:
85:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BA:BC:41:31:54:BE:33:BF:FA:24:35:F8:B8:08:BB:97:72:D4:37
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Fbq8QTFUvjO_-iQ1-LgIu5dy1Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.145.0/24
185.212.128.0/22
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:bf:b5:bb:ed:ef:eb:b4:d3:91:15:bd:50:9a:45:29:29:ba:
0a:af:ce:46:53:5a:43:0b:85:98:ac:59:a7:8c:ea:67:db:07:
fe:43:79:79:9c:4f:ca:71:d1:3d:f7:a3:45:3d:1b:31:bd:5a:
30:a6:e9:84:e6:63:1e:9e:bf:78:57:82:99:57:ab:e7:3e:a8:
a9:5e:5f:3e:c8:9e:b4:61:51:b7:13:98:05:d0:a8:44:f0:d8:
2f:81:59:90:c1:84:45:cd:33:ea:b4:03:1c:96:5d:02:e2:9d:
10:d8:fd:3e:c2:88:6e:8a:1e:9b:9c:fb:bf:28:97:12:d5:31:
b3:f4:f5:29:d4:25:7a:30:93:3e:77:72:80:39:12:f7:84:32:
f9:90:2f:24:a8:62:1f:ed:bc:90:3e:bf:e1:35:e4:f3:90:7a:
61:3e:06:27:6e:c1:57:a3:79:13:03:aa:b1:4a:7c:68:ca:fa:
3c:6a:e5:a8:10:ca:fc:8a:b5:fa:ec:3f:43:8a:38:7c:14:c6:
1d:29:d4:65:5f:96:9e:d0:54:00:2a:cf:f6:3f:e5:17:af:69:
91:aa:4c:69:64:94:f4:a5:60:a1:d6:bb:59:99:3e:c9:7e:27:
1f:61:8c:d3:1c:ee:39:7b:a7:ba:94:60:fa:9e:53:f2:28:ab:
1c:0b:13:7d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYnfqFSIiM/qhmco8qyyfJT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwODEwMTMzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWJhYmM0MTMxNTRiZTMzYmZmYTI0MzVmOGI4MDhiYjk3NzJkNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVwM1jMgP0/aarqq//wti/Irw0H/
T3yI7XhysyAFuhSRE/b5YZgoJHQJBBg+Q2tg6sHd8QV+gjK4e5Jbx5oUECqwxxOL
kZW7dtDbertLw8Q6GwyrdhxzlpicAmCkJfvc8pRvjwLvGZFAWhVWRvqRtdvLaNDT
Geq8eNYak+tOyZVlzxm3grCviJBIFXZ72ZG2zO7thPNDquC9kyc3qZsZj2qyeGtK
NAkzBFo+LbQQQsSVNlznumjAa6acq22No1WZmJjRSrWQqfyZJIvgudf8aXgIDjyE
RLasGmCV57YYVj1ZNG/tvyzoVRi0jzeWWw3jzSOqwScskV6wqJfOrG+FAQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBW6vEExVL4zv/okNfi4CLuXctQ3MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvRmJxOFFURlV2ak9fLWlRMS1MZ0l1NWR5MURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQALZSRAwQC
udSAAwQAueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0WQwMFACoNY8AwDQYJ
KoZIhvcNAQELBQADggEBAI2/tbvt7+u005EVvVCaRSkpugqvzkZTWkMLhZisWaeM
6mfbB/5DeXmcT8px0T33o0U9GzG9WjCm6YTmYx6ev3hXgplXq+c+qKleXz7InrRh
UbcTmAXQqETw2C+BWZDBhEXNM+q0AxyWXQLinRDY/T7CiG6KHpuc+78olxLVMbP0
9SnUJXowkz53coA5EveEMvmQLySoYh/tvJA+v+E15POQemE+BiduwVejeRMDqrFK
fGjK+jxq5agQyvyKtfrsP0OKOHwUxh0p1GVflp7QVAAqz/Y/5RevaZGqTGlklPSl
YKHWu1mZPsl+Jx9hjNMc7jl7p7qUYPqeU/IoqxwLE30=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:43 2025 by rpki-client