Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/hKMRlg_CkTxrfbokmzmu-UHwoBM.roa
File: hKMRlg_CkTxrfbokmzmu-UHwoBM.roa (raw, json)
Hash identifier: hVrneNjbJ8hwyGcd9qpFDOnAHyZqMIGwZVkHpMp8GTo=
Subject key identifier: 84:A3:11:96:0F:C2:91:3C:6B:7D:BA:24:9B:39:AE:F9:41:F0:A0:13
Certificate issuer: /CN=fabb49e688335ab1593f9d10e006ef5e9bc8bd56
Certificate serial: 018571B0C87A8EA2EBC1A71856B55E52A621
Authority key identifier: FA:BB:49:E6:88:33:5A:B1:59:3F:9D:10:E0:06:EF:5E:9B:C8:BD:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/hKMRlg_CkTxrfbokmzmu-UHwoBM.roa
Signing time: Mon 02 Jan 2023 08:54:49 +0000
ROA not before: Mon 02 Jan 2023 08:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57494
IP address blocks: 91.199.149.0/24 maxlen: 24
185.175.157.0/24 maxlen: 24
185.133.43.0/24 maxlen: 24
185.177.217.0/24 maxlen: 24
185.135.80.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c8:7a:8e:a2:eb:c1:a7:18:56:b5:5e:52:a6:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fabb49e688335ab1593f9d10e006ef5e9bc8bd56
Validity
Not Before: Jan 2 08:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84a311960fc2913c6b7dba249b39aef941f0a013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ce:0f:1d:f5:8a:00:1f:81:8f:52:80:df:64:
ce:38:3f:4c:29:fd:32:35:bd:cf:ea:1b:db:07:1f:
a1:88:03:83:db:46:a5:c4:76:99:97:91:82:32:20:
26:00:de:9f:93:8d:32:65:4b:73:77:15:0e:57:d1:
aa:dc:66:c7:38:e9:78:c7:11:ec:6b:8d:bd:33:31:
83:84:09:12:ef:32:94:eb:73:35:4f:39:f7:64:39:
e2:c5:2c:77:4e:1c:6f:21:af:f6:c4:4f:97:74:8f:
a1:6e:52:0e:32:4a:d7:69:11:f0:9a:2b:2f:d6:36:
47:09:db:7d:2f:e2:35:7d:6f:df:15:63:2f:0d:aa:
02:64:1d:a9:95:d3:85:3f:c3:4c:ae:e0:e1:da:03:
43:f2:61:72:cd:65:10:f4:51:ee:38:44:22:e5:7e:
19:49:8e:02:11:1e:cd:f8:8c:c6:50:ea:42:e9:05:
80:98:1a:33:e5:e2:67:80:32:91:43:34:f6:1f:84:
42:ff:2c:08:e7:4f:38:e7:3b:32:21:3a:72:9a:e8:
e1:a5:2b:c6:70:6a:9b:0f:61:25:91:52:28:c3:e7:
73:90:ee:e3:b6:98:2f:d7:76:5c:b6:fb:c8:eb:0d:
f1:95:2a:db:1d:6f:ea:c8:dc:02:d0:3b:f2:08:38:
f1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A3:11:96:0F:C2:91:3C:6B:7D:BA:24:9B:39:AE:F9:41:F0:A0:13
X509v3 Authority Key Identifier:
keyid:FA:BB:49:E6:88:33:5A:B1:59:3F:9D:10:E0:06:EF:5E:9B:C8:BD:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/hKMRlg_CkTxrfbokmzmu-UHwoBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d7a3ba-07e5-41d6-8c39-56a55c42de88/1/1-rtJ5ogzWrFZP50Q4AbvXpvIvVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.149.0/24
185.133.43.0/24
185.135.80.0/22
185.175.157.0/24
185.177.217.0/24
Signature Algorithm: sha256WithRSAEncryption
07:f3:6e:a4:55:06:a9:46:c0:72:b6:4e:80:ca:63:1e:9c:a9:
7a:ab:1e:2c:c1:e9:3c:6b:78:09:da:77:45:79:21:80:2b:61:
49:91:ff:ce:c9:6d:43:ff:87:57:11:8c:b8:38:7d:fe:41:14:
6d:c2:0f:94:df:31:7c:25:22:99:ec:a7:64:a1:8c:af:ce:2a:
1b:39:7d:dd:7a:b5:52:83:ca:12:27:9f:84:c7:e1:8c:ab:3f:
65:21:ad:99:af:82:a9:c7:89:2d:26:b3:d4:97:25:a5:68:83:
d1:89:1b:ce:06:10:03:ea:2f:10:9b:0e:a0:3f:bb:28:f0:af:
e6:bd:f0:c5:2a:89:5b:73:9c:9e:5a:6d:07:03:50:3d:0e:4b:
8e:09:f4:ed:ee:96:8b:30:d9:13:fa:a5:fe:2c:35:ab:93:52:
2e:1b:9e:34:7b:e7:28:23:90:e0:7c:cc:78:3c:2d:d4:2e:c2:
7d:b7:12:f5:38:ce:26:cd:7a:aa:a6:98:e2:75:43:0c:c4:d1:
b8:8a:95:21:1c:2d:40:10:56:95:59:1d:8d:68:d9:69:f0:a1:
b2:20:e6:65:03:19:5d:50:b1:80:f2:d1:f4:3e:db:66:c6:f2:
92:c6:40:fb:3a:58:55:8b:14:55:99:40:c2:67:88:4e:30:f6:
47:d2:43:b8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVxsMh6jqLrwacYVrVeUqYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYmI0OWU2ODgzMzVhYjE1OTNmOWQxMGUwMDZlZjVlOWJj
OGJkNTYwHhcNMjMwMTAyMDg1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGEzMTE5NjBmYzI5MTNjNmI3ZGJhMjQ5YjM5YWVmOTQxZjBhMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic4PHfWKAB+Bj1KA32TOOD9MKf0y
Nb3P6hvbBx+hiAOD20alxHaZl5GCMiAmAN6fk40yZUtzdxUOV9Gq3GbHOOl4xxHs
a429MzGDhAkS7zKU63M1Tzn3ZDnixSx3ThxvIa/2xE+XdI+hblIOMkrXaRHwmisv
1jZHCdt9L+I1fW/fFWMvDaoCZB2pldOFP8NMruDh2gND8mFyzWUQ9FHuOEQi5X4Z
SY4CER7N+IzGUOpC6QWAmBoz5eJngDKRQzT2H4RC/ywI50845zsyITpymujhpSvG
cGqbD2ElkVIow+dzkO7jtpgv13ZctvvI6w3xlSrbHW/qyNwC0DvyCDjxbwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFISjEZYPwpE8a326JJs5rvlB8KATMB8GA1UdIwQY
MBaAFPq7SeaIM1qxWT+dEOAG716byL1WMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ydEo1b2d6V3JGWlA1MFE0QWJ2WHB2SXZWWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvZDdhM2JhLTA3ZTUtNDFkNi04YzM5
LTU2YTU1YzQyZGU4OC8xL2hLTVJsZ19Da1R4cmZib2ttem11LVVId29CTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGYvZDdhM2JhLTA3ZTUtNDFkNi04YzM5LTU2YTU1YzQyZGU4
OC8xLzEtcnRKNW9neldyRlpQNTBRNEFidlhwdkl2VlkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBABbx5UD
BAC5hSsDBAK5h1ADBAC5r50DBAC5sdkwDQYJKoZIhvcNAQELBQADggEBAAfzbqRV
BqlGwHK2ToDKYx6cqXqrHizB6TxreAnad0V5IYArYUmR/87JbUP/h1cRjLg4ff5B
FG3CD5TfMXwlIpnsp2ShjK/OKhs5fd16tVKDyhInn4TH4YyrP2UhrZmvgqnHiS0m
s9SXJaVog9GJG84GEAPqLxCbDqA/uyjwr+a98MUqiVtznJ5abQcDUD0OS44J9O3u
losw2RP6pf4sNauTUi4bnjR75ygjkOB8zHg8LdQuwn23EvU4zibNeqqmmOJ1QwzE
0biKlSEcLUAQVpVZHY1o2WnwobIg5mUDGV1QsYDy0fQ+22bG8pLGQPs6WFWLFFWZ
QMJniE4w9kfSQ7g=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:56:25 2025 by rpki-client