Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/IZnaxqxJUlrB8d6PVegAaNkR0Do.roa
File: IZnaxqxJUlrB8d6PVegAaNkR0Do.roa (raw, json)
Hash identifier: wOqzVlhK0sm45fVPFrOyH56cCEuCcrgxJQcjXoLJ07s=
Subject key identifier: 21:99:DA:C6:AC:49:52:5A:C1:F1:DE:8F:55:E8:00:68:D9:11:D0:3A
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0188EE3AE1BE7E89E0DE4FCDC4E6D6EE0BFA
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/IZnaxqxJUlrB8d6PVegAaNkR0Do.roa
Signing time: Sat 24 Jun 2023 16:26:56 +0000
ROA not before: Sat 24 Jun 2023 16:26:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
45.148.145.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ee:3a:e1:be:7e:89:e0:de:4f:cd:c4:e6:d6:ee:0b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jun 24 16:26:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2199dac6ac49525ac1f1de8f55e80068d911d03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:22:73:05:7d:83:46:6c:f6:ae:fc:95:b6:21:
b2:33:af:c5:1c:8e:e1:ed:29:3b:76:cf:95:49:86:
3e:06:cc:51:71:a0:98:cd:97:0b:1c:fe:9c:3c:e2:
96:35:19:5a:83:ba:6e:7c:d8:ad:18:15:5f:0f:0e:
d0:a0:de:f6:9d:83:89:22:7e:03:0d:b9:8c:e5:c0:
f7:9f:31:e9:18:a5:83:cb:43:53:4c:fd:25:24:fd:
a9:9b:cd:b0:bf:14:08:0f:4e:51:ae:50:62:a0:15:
15:de:a2:0f:b3:31:8b:de:23:c0:9f:9b:d2:c5:10:
fd:a7:a2:79:1b:b5:3b:d4:0e:5e:9d:28:d8:64:4f:
37:c4:28:c1:ae:33:c5:83:46:4c:25:bf:bc:bf:c3:
77:48:d2:c4:40:ef:05:67:66:55:6e:a7:9a:2a:7b:
e6:34:07:99:d1:a5:f9:9f:54:12:51:fd:d6:68:90:
51:c2:37:93:77:b0:40:87:e8:17:54:2b:b5:d1:8c:
57:75:38:32:df:99:8e:19:fc:53:08:ec:ea:5c:b4:
45:0d:31:64:77:75:89:80:4a:3d:2b:0d:8a:bb:c3:
c9:92:0a:a2:24:0f:9a:91:d7:98:01:b8:18:63:d2:
9f:cd:c8:a7:7f:6c:b8:98:6c:fa:5d:7d:12:23:2d:
91:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:99:DA:C6:AC:49:52:5A:C1:F1:DE:8F:55:E8:00:68:D9:11:D0:3A
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/IZnaxqxJUlrB8d6PVegAaNkR0Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.2.0/24
45.148.145.0/24
185.212.128.0/22
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:88:29:29:3a:a7:7d:48:58:3e:d8:39:bc:89:22:e6:9c:ad:
a4:32:46:f7:eb:e1:b8:e5:af:37:45:c0:93:eb:6e:88:d7:fc:
19:93:a2:85:54:f1:bf:72:61:50:4f:d2:81:9c:ed:3c:df:fb:
a7:b7:e7:4b:a3:9c:b4:07:6e:a1:a1:bd:83:7d:8b:2c:c4:5a:
45:ff:33:6b:39:24:71:da:23:43:f2:b7:06:56:43:67:c3:f0:
6e:f1:c4:af:c8:38:ff:35:5b:aa:cb:22:ac:29:b9:e8:8b:30:
36:00:8d:80:28:ac:36:76:ec:22:65:be:61:52:2f:0d:61:dd:
c7:b7:aa:12:bc:8c:b1:9b:9e:c3:e0:00:0e:0f:c6:dd:a7:ce:
d5:f5:72:d8:30:d3:c9:4f:5a:04:58:00:ed:24:76:57:b3:46:
58:77:ff:f0:e2:18:70:ea:48:93:d0:77:f6:04:5a:cd:4e:42:
a2:5a:d6:20:26:06:76:c1:6f:11:8b:3f:c4:22:97:68:96:11:
39:44:25:a8:f7:03:ce:36:ff:20:ed:70:42:d5:6a:87:ab:e1:
a6:0f:dd:f7:91:c0:c8:bf:b5:c9:e9:bc:f9:21:23:c0:1a:33:
4f:84:0e:23:15:96:55:6c:07:98:2c:58:83:33:16:d2:a3:7f:
62:d3:31:fe
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYjuOuG+fong3k/NxObW7gv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwNjI0MTYyNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTk5ZGFjNmFjNDk1MjVhYzFmMWRlOGY1NWU4MDA2OGQ5MTFkMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSJzBX2DRmz2rvyVtiGyM6/FHI7h
7Sk7ds+VSYY+BsxRcaCYzZcLHP6cPOKWNRlag7pufNitGBVfDw7QoN72nYOJIn4D
DbmM5cD3nzHpGKWDy0NTTP0lJP2pm82wvxQID05RrlBioBUV3qIPszGL3iPAn5vS
xRD9p6J5G7U71A5enSjYZE83xCjBrjPFg0ZMJb+8v8N3SNLEQO8FZ2ZVbqeaKnvm
NAeZ0aX5n1QSUf3WaJBRwjeTd7BAh+gXVCu10YxXdTgy35mOGfxTCOzqXLRFDTFk
d3WJgEo9Kw2Ku8PJkgqiJA+akdeYAbgYY9Kfzcinf2y4mGz6XX0SIy2RfQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFCGZ2sasSVJawfHej1XoAGjZEdA6MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvSVpuYXhxeEpVbHJCOGQ2UFZlZ0FhTmtSMERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQALY4CAwQA
LZSRAwQCudSAAwQAueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0WQwMFACoN
Y8AwDQYJKoZIhvcNAQELBQADggEBAG+IKSk6p31IWD7YObyJIuacraQyRvfr4bjl
rzdFwJPrbojX/BmTooVU8b9yYVBP0oGc7Tzf+6e350ujnLQHbqGhvYN9iyzEWkX/
M2s5JHHaI0PytwZWQ2fD8G7xxK/IOP81W6rLIqwpueiLMDYAjYAorDZ27CJlvmFS
Lw1h3ce3qhK8jLGbnsPgAA4Pxt2nztX1ctgw08lPWgRYAO0kdlezRlh3//DiGHDq
SJPQd/YEWs1OQqJa1iAmBnbBbxGLP8Qil2iWETlEJaj3A842/yDtcELVaoer4aYP
3feRwMi/tcnpvPkhI8AaM0+EDiMVllVsB5gsWIMzFtKjf2LTMf4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:41 2025 by rpki-client