Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/I9FsORqwIOfM48-J6VIubHZhVvA.roa
File: I9FsORqwIOfM48-J6VIubHZhVvA.roa (raw, json)
Hash identifier: anCMSvz7D9E05MiNzY41koBbs2w8A3/uswsljjPaQm8=
Subject key identifier: 23:D1:6C:39:1A:B0:20:E7:CC:E3:CF:89:E9:52:2E:6C:76:61:56:F0
Certificate issuer: /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial: 018BC49F52D6A2C66137ED103CB9B31A03F9
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/I9FsORqwIOfM48-J6VIubHZhVvA.roa
Signing time: Sun 12 Nov 2023 17:40:57 +0000
ROA not before: Sun 12 Nov 2023 17:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216018
IP address blocks: 46.235.12.0/24 maxlen: 24
185.23.73.0/24 maxlen: 24
185.23.74.0/24 maxlen: 24
185.23.72.0/24 maxlen: 24
185.113.220.0/24 maxlen: 24
185.113.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c4:9f:52:d6:a2:c6:61:37:ed:10:3c:b9:b3:1a:03:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Validity
Not Before: Nov 12 17:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23d16c391ab020e7cce3cf89e9522e6c766156f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ab:94:0e:49:20:ff:d5:fe:c0:56:5e:6a:5b:
c8:3d:01:8d:12:e8:48:10:04:2a:6e:bb:cc:fe:83:
19:2e:21:75:99:db:c1:c9:bb:e2:b7:a4:ef:a4:bf:
4f:6c:87:86:d5:44:32:a1:d4:fb:04:32:e4:4a:3d:
69:fd:27:c4:35:d5:38:d7:45:8d:ce:e0:10:93:88:
83:a5:47:19:8a:46:04:7a:be:09:ec:38:1e:d5:35:
1b:f2:f0:6c:7e:b3:12:90:9e:b5:5e:94:4c:f8:68:
95:d6:a5:82:42:5d:97:f9:9f:42:84:ca:86:83:9b:
29:3a:7a:e5:9d:3c:f9:7b:e1:04:b4:a5:ae:73:46:
13:17:e6:5a:48:8c:a4:ab:ae:45:65:76:97:a8:e2:
c2:83:67:6e:45:91:20:cb:8a:8f:c6:9c:19:c0:af:
e5:fe:57:86:0a:b5:e3:c0:99:ba:30:40:99:0c:54:
0a:9b:49:fb:00:77:63:62:68:6d:5f:33:3b:f8:fd:
1c:d6:ff:74:15:f1:c0:db:0f:50:3e:bc:ee:39:7f:
8d:22:9d:e9:81:dd:ae:0c:32:35:fe:8c:e2:6e:19:
a5:22:f5:8d:d5:67:fb:ed:a0:f0:12:fc:03:78:1d:
38:95:2a:ea:d7:57:a3:d0:2d:46:64:f4:86:02:4b:
22:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D1:6C:39:1A:B0:20:E7:CC:E3:CF:89:E9:52:2E:6C:76:61:56:F0
X509v3 Authority Key Identifier:
keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/I9FsORqwIOfM48-J6VIubHZhVvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.12.0/24
185.23.72.0-185.23.74.255
185.113.220.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:a4:5b:47:37:3e:8f:f0:0f:1d:fe:61:75:bf:5a:f7:09:78:
60:99:66:2c:76:44:b1:44:81:66:b2:10:6a:2c:fd:83:84:34:
a4:2b:1e:03:36:e2:72:75:51:b5:db:79:28:30:78:93:12:35:
5e:41:99:64:81:62:99:36:4c:65:b6:65:d5:ca:5c:f3:63:e0:
7d:c1:01:b4:4f:22:10:13:f5:79:d2:fd:c5:ca:e9:d1:d3:2b:
b1:52:9e:9d:92:fd:2e:d9:7c:c4:1c:e5:19:8a:c2:aa:0a:7c:
22:cb:dc:97:7b:f9:93:df:d1:eb:d1:ab:1a:e2:ef:61:82:08:
07:17:18:a1:21:64:13:02:c1:0d:98:76:d5:2a:74:a4:00:1c:
d7:e8:36:8f:dc:4c:8d:a1:ff:b6:0e:88:24:91:e0:4e:9d:9d:
19:c0:06:89:b6:73:83:90:71:ba:02:25:bd:ce:51:97:33:5e:
25:1e:95:bc:da:d7:6e:71:f4:db:0e:24:b6:e5:00:80:d9:5e:
59:e3:c4:a3:1b:80:24:62:4b:9d:5d:42:d8:ef:99:f8:09:77:
ac:f9:ac:ea:1f:30:24:70:a8:80:d5:ca:50:c1:ae:98:a5:d9:
3c:50:6f:ef:09:84:16:b4:1f:c0:79:cd:56:d0:2b:91:23:97:
5e:c1:e5:b4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYvEn1LWosZhN+0QPLmzGgP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjMxMTEyMTc0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2QxNmMzOTFhYjAyMGU3Y2NlM2NmODllOTUyMmU2Yzc2NjE1NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgauUDkkg/9X+wFZealvIPQGNEuhI
EAQqbrvM/oMZLiF1mdvBybvit6TvpL9PbIeG1UQyodT7BDLkSj1p/SfENdU410WN
zuAQk4iDpUcZikYEer4J7Dge1TUb8vBsfrMSkJ61XpRM+GiV1qWCQl2X+Z9ChMqG
g5spOnrlnTz5e+EEtKWuc0YTF+ZaSIykq65FZXaXqOLCg2duRZEgy4qPxpwZwK/l
/leGCrXjwJm6MECZDFQKm0n7AHdjYmhtXzM7+P0c1v90FfHA2w9QPrzuOX+NIp3p
gd2uDDI1/ozibhmlIvWN1Wf77aDwEvwDeB04lSrq11ej0C1GZPSGAksinQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCPRbDkasCDnzOPPielSLmx2YVbwMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvSTlGc09ScXdJT2ZNNDgtSjZWSXViSFpoVnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALusMMAwD
BAO5F0gDBAC5F0oDBAG5cdwwDQYJKoZIhvcNAQELBQADggEBANKkW0c3Po/wDx3+
YXW/WvcJeGCZZix2RLFEgWayEGos/YOENKQrHgM24nJ1UbXbeSgweJMSNV5BmWSB
Ypk2TGW2ZdXKXPNj4H3BAbRPIhAT9XnS/cXK6dHTK7FSnp2S/S7ZfMQc5RmKwqoK
fCLL3Jd7+ZPf0evRqxri72GCCAcXGKEhZBMCwQ2YdtUqdKQAHNfoNo/cTI2h/7YO
iCSR4E6dnRnABom2c4OQcboCJb3OUZczXiUelbza125x9NsOJLblAIDZXlnjxKMb
gCRiS51dQtjvmfgJd6z5rOofMCRwqIDVylDBrpil2TxQb+8JhBa0H8B5zVbQK5Ej
l17B5bQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:51 2025 by rpki-client