Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/gdOrFjxMhXb01yxMXCum9i37SkU.roa
File: gdOrFjxMhXb01yxMXCum9i37SkU.roa (raw, json)
Hash identifier: 0Pa0HMiG+vawAU/fu6xh8eDzX6OPDF/fGPsGVRsfXic=
Subject key identifier: 81:D3:AB:16:3C:4C:85:76:F4:D7:2C:4C:5C:2B:A6:F6:2D:FB:4A:45
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0182823C426EDD7A7A042A0D955C22BDC22A
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/gdOrFjxMhXb01yxMXCum9i37SkU.roa
Signing time: Tue 09 Aug 2022 10:52:43 +0000
ROA not before: Tue 09 Aug 2022 10:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210531
IP address blocks: 185.217.136.0/24 maxlen: 24
185.217.137.0/24 maxlen: 24
45.148.146.0/24 maxlen: 24
45.148.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:3c:42:6e:dd:7a:7a:04:2a:0d:95:5c:22:bd:c2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Aug 9 10:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81d3ab163c4c8576f4d72c4c5c2ba6f62dfb4a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fa:75:92:8e:7c:cc:0f:ec:94:50:3f:a8:c8:
7d:f6:08:7e:e2:ab:92:d8:67:86:bb:f8:d8:5f:5c:
d2:9e:ed:56:dd:f3:c8:d7:b6:de:0a:d7:c6:5f:4a:
b6:70:c7:34:a1:b4:01:ec:87:1d:83:2d:33:21:8f:
9d:cc:f9:a1:92:75:33:26:6e:ee:d0:15:85:6d:42:
7f:34:e4:45:40:1f:1e:9d:3a:f2:69:ef:f4:03:e8:
f3:ad:7e:b5:a4:59:d8:44:76:30:64:49:5e:51:43:
74:f2:e6:35:07:42:a2:31:bf:7f:d4:b4:9c:28:64:
94:d4:a2:bd:4c:05:0d:90:31:32:7b:63:13:81:79:
3f:bc:48:36:0f:02:53:27:66:5c:55:41:55:c9:d9:
22:0a:e5:20:fe:cc:dc:24:42:13:63:ef:c7:47:91:
e0:0d:0d:7d:ca:aa:f0:08:89:6d:5f:a7:47:67:49:
9e:37:e6:f5:f1:8c:27:9e:81:02:1b:d6:76:7c:cc:
b6:87:00:40:17:ec:94:c0:e5:65:fe:0a:06:5e:37:
d1:74:59:12:3a:db:d2:92:e5:6f:e8:38:3f:30:b0:
f4:f6:71:ee:a9:83:96:42:a7:5c:f0:60:88:98:69:
6f:87:81:93:87:37:7b:2a:63:5a:18:50:51:70:2a:
46:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D3:AB:16:3C:4C:85:76:F4:D7:2C:4C:5C:2B:A6:F6:2D:FB:4A:45
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/gdOrFjxMhXb01yxMXCum9i37SkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.146.0/23
185.217.136.0/23
Signature Algorithm: sha256WithRSAEncryption
52:e4:c2:6a:11:b9:14:ed:b4:c1:24:f3:f4:4f:bf:a5:9b:0b:
97:61:06:43:e8:7f:d1:a8:3d:43:90:28:ee:2c:59:7b:b3:b1:
d4:72:c4:36:69:22:02:fc:8d:e4:13:a7:71:3d:f7:83:ca:38:
0f:12:fb:22:51:d2:81:f5:3f:66:f6:2e:85:3f:2a:21:1b:d3:
21:85:5e:cd:21:37:e8:59:b6:6e:8c:fe:f5:00:29:d2:c9:d6:
9d:54:44:60:8a:67:c2:e2:9c:7d:fd:ac:db:79:49:64:3b:e0:
58:b3:83:f7:35:03:ea:49:52:39:9c:64:52:03:aa:59:f2:21:
35:53:64:51:13:2a:7c:d4:9f:e0:f9:52:da:91:ee:72:49:f0:
73:88:3b:16:9f:e9:bc:01:0d:49:4c:b2:eb:99:c8:1b:cf:97:
d6:8e:04:19:c9:7c:ec:e6:99:86:5f:6f:c4:8d:9c:8f:0c:5b:
ee:de:9d:06:36:9f:c7:86:6f:8b:0e:72:2b:c9:31:09:68:e8:
27:ba:87:10:59:69:b6:c0:6b:08:e8:40:f1:35:aa:c0:2e:06:
e8:06:e6:b6:71:de:47:d6:21:c0:5b:d8:e8:70:f4:ff:00:a0:
00:50:5a:53:ae:07:2a:ba:0f:9d:6d:10:af:90:7f:1b:53:a7:
98:65:4e:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKCPEJu3Xp6BCoNlVwivcIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjIwODA5MTA1MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQzYWIxNjNjNGM4NTc2ZjRkNzJjNGM1YzJiYTZmNjJkZmI0YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvp1ko58zA/slFA/qMh99gh+4quS
2GeGu/jYX1zSnu1W3fPI17beCtfGX0q2cMc0obQB7Icdgy0zIY+dzPmhknUzJm7u
0BWFbUJ/NORFQB8enTryae/0A+jzrX61pFnYRHYwZEleUUN08uY1B0KiMb9/1LSc
KGSU1KK9TAUNkDEye2MTgXk/vEg2DwJTJ2ZcVUFVydkiCuUg/szcJEITY+/HR5Hg
DQ19yqrwCIltX6dHZ0meN+b18YwnnoECG9Z2fMy2hwBAF+yUwOVl/goGXjfRdFkS
OtvSkuVv6Dg/MLD09nHuqYOWQqdc8GCImGlvh4GThzd7KmNaGFBRcCpGaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIHTqxY8TIV29NcsTFwrpvYt+0pFMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvZ2RPckZqeE1oWGIwMXl4TVhDdW05aTM3U2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZSSAwQB
udmIMA0GCSqGSIb3DQEBCwUAA4IBAQBS5MJqEbkU7bTBJPP0T7+lmwuXYQZD6H/R
qD1DkCjuLFl7s7HUcsQ2aSIC/I3kE6dxPfeDyjgPEvsiUdKB9T9m9i6FPyohG9Mh
hV7NITfoWbZujP71ACnSydadVERgimfC4px9/azbeUlkO+BYs4P3NQPqSVI5nGRS
A6pZ8iE1U2RREyp81J/g+VLake5ySfBziDsWn+m8AQ1JTLLrmcgbz5fWjgQZyXzs
5pmGX2/EjZyPDFvu3p0GNp/Hhm+LDnIryTEJaOgnuocQWWm2wGsI6EDxNarALgbo
Bua2cd5H1iHAW9jocPT/AKAAUFpTrgcqug+dbRCvkH8bU6eYZU60
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:07:17 2025 by rpki-client