Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/f53ho5CNLDEjIRwBM6v_N6fZPPQ.roa
File: f53ho5CNLDEjIRwBM6v_N6fZPPQ.roa (raw, json)
Hash identifier: gcErOBiCN16U65PyySq0Jt+qFqbbgOCWU5qM+vfXOws=
Subject key identifier: 7F:9D:E1:A3:90:8D:2C:31:23:21:1C:01:33:AB:FF:37:A7:D9:3C:F4
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018659D321B578BDF9B988AEC094AEE09D76
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/f53ho5CNLDEjIRwBM6v_N6fZPPQ.roa
Signing time: Thu 16 Feb 2023 10:44:14 +0000
ROA not before: Thu 16 Feb 2023 10:44:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
45.148.145.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:59:d3:21:b5:78:bd:f9:b9:88:ae:c0:94:ae:e0:9d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Feb 16 10:44:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f9de1a3908d2c3123211c0133abff37a7d93cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d0:02:88:87:49:a6:81:72:40:b1:7f:51:48:
69:66:c4:67:fb:a5:7c:e0:2c:e2:0f:d9:1e:17:74:
44:41:d9:93:ba:4e:20:1c:47:8d:56:f7:d0:a7:cd:
bb:a6:30:43:d4:c6:27:e3:09:0a:0b:a6:64:bf:72:
b2:47:fb:da:f3:10:43:2b:04:e9:2c:ae:6d:68:15:
eb:36:57:5f:1b:b7:f9:c1:12:23:64:f3:fb:e9:71:
67:6f:79:96:8d:77:3e:eb:32:d7:cd:37:c2:b7:26:
1f:f7:2d:9f:3b:9a:2f:2d:3b:dc:48:01:c1:29:f4:
b7:4b:cb:cf:fb:9b:73:76:f6:bd:99:08:a7:da:b3:
83:1e:e9:7b:de:3c:43:6d:07:5b:a8:60:99:92:07:
e9:9b:83:c9:4e:01:55:3d:aa:7e:d9:13:a9:c8:2a:
c8:dc:03:87:2f:bd:22:11:80:40:cd:bb:34:03:ff:
37:41:0a:92:89:91:ef:ab:4a:4d:05:38:bb:a8:d3:
71:70:dd:c0:27:a3:77:b3:63:8b:24:52:5a:11:ec:
9d:f4:ca:f9:b9:bb:2d:d9:d0:40:c2:76:82:4c:b7:
22:62:d8:a2:0a:a1:bc:12:66:0e:8c:db:b4:a9:90:
b2:ff:14:5e:67:c9:1b:26:d4:8e:87:8d:74:2b:85:
a6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:9D:E1:A3:90:8D:2C:31:23:21:1C:01:33:AB:FF:37:A7:D9:3C:F4
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/f53ho5CNLDEjIRwBM6v_N6fZPPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.145.0/24
185.212.128.0/22
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
56:6b:07:8e:01:b4:26:d3:9c:52:9b:f7:8f:ed:05:44:7d:66:
a5:2a:90:00:cb:15:14:0b:5f:b3:9b:fd:76:e4:95:90:1a:65:
7c:1a:21:83:70:2f:81:27:65:b0:2b:a7:16:e6:da:07:92:96:
10:62:d3:06:85:6d:e0:53:e5:0c:82:2b:82:9a:ad:20:8d:86:
bb:c2:eb:d4:62:43:c0:4d:2f:84:7f:b1:a1:8c:d2:12:38:5b:
49:cf:a2:ca:a4:87:4b:f6:2e:cf:f4:9b:4f:aa:98:6b:97:3d:
c4:39:78:8b:f3:c6:56:47:c9:7b:b9:5d:6e:7c:2a:4a:20:f7:
cb:ec:17:28:38:77:ec:d2:21:0d:37:32:90:8a:40:cf:5d:79:
52:f7:fc:a7:83:c3:d4:54:df:7e:0b:7a:ba:30:fe:8a:25:95:
bd:f1:e7:40:09:16:ca:47:14:54:31:15:70:a0:84:82:dd:7a:
40:91:30:a2:4b:68:12:98:d5:d2:6d:2a:1c:1c:ae:e6:12:2c:
8c:65:81:1d:20:3b:e4:53:2d:70:c5:dc:1f:6f:39:a4:64:db:
45:3c:82:6f:0c:ee:63:c1:72:36:08:ef:2d:af:fc:c5:6d:cb:
f5:d0:03:c4:5f:ec:46:d1:f7:60:ac:8b:88:6d:25:f7:cd:5a:
a1:da:1a:42
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYZZ0yG1eL35uYiuwJSu4J12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwMjE2MTA0NDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjlkZTFhMzkwOGQyYzMxMjMyMTFjMDEzM2FiZmYzN2E3ZDkzY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNACiIdJpoFyQLF/UUhpZsRn+6V8
4CziD9keF3REQdmTuk4gHEeNVvfQp827pjBD1MYn4wkKC6Zkv3KyR/va8xBDKwTp
LK5taBXrNldfG7f5wRIjZPP76XFnb3mWjXc+6zLXzTfCtyYf9y2fO5ovLTvcSAHB
KfS3S8vP+5tzdva9mQin2rODHul73jxDbQdbqGCZkgfpm4PJTgFVPap+2ROpyCrI
3AOHL70iEYBAzbs0A/83QQqSiZHvq0pNBTi7qNNxcN3AJ6N3s2OLJFJaEeyd9Mr5
ubst2dBAwnaCTLciYtiiCqG8EmYOjNu0qZCy/xReZ8kbJtSOh410K4WmbwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFH+d4aOQjSwxIyEcATOr/zen2Tz0MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvZjUzaG81Q05MREVqSVJ3Qk02dl9ONmZaUFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQALZSRAwQC
udSAAwQAueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0WQwMFACoNY8AwDQYJ
KoZIhvcNAQELBQADggEBAFZrB44BtCbTnFKb94/tBUR9ZqUqkADLFRQLX7Ob/Xbk
lZAaZXwaIYNwL4EnZbArpxbm2geSlhBi0waFbeBT5QyCK4KarSCNhrvC69RiQ8BN
L4R/saGM0hI4W0nPosqkh0v2Ls/0m0+qmGuXPcQ5eIvzxlZHyXu5XW58Kkog98vs
Fyg4d+zSIQ03MpCKQM9deVL3/KeDw9RU334Lerow/oollb3x50AJFspHFFQxFXCg
hILdekCRMKJLaBKY1dJtKhwcruYSLIxlgR0gO+RTLXDF3B9vOaRk20U8gm8M7mPB
cjYI7y2v/MVty/XQA8Rf7EbR92Csi4htJffNWqHaGkI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:52:41 2025 by rpki-client