Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/2poWfU4temVnJMCvDfljtyPss9U.roa
File: 2poWfU4temVnJMCvDfljtyPss9U.roa (raw, json)
Hash identifier: U+V3RvNOzy3Iz4G+o+kJLBwvIlCHYxeQUj8fYhQUzhk=
Subject key identifier: DA:9A:16:7D:4E:2D:7A:65:67:24:C0:AF:0D:F9:63:B7:23:EC:B3:D5
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 0188076F86350872BDAD2E2468381C81019D
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/2poWfU4temVnJMCvDfljtyPss9U.roa
Signing time: Wed 10 May 2023 20:52:09 +0000
ROA not before: Wed 10 May 2023 20:52:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205334
IP address blocks: 185.193.173.0/24 maxlen: 24
185.193.175.0/24 maxlen: 24
185.193.174.0/24 maxlen: 24
185.211.41.0/24 maxlen: 24
176.119.132.0/23 maxlen: 23
176.119.132.0/24 maxlen: 24
176.119.132.0/22 maxlen: 22
185.214.169.0/24 maxlen: 24
185.214.171.0/24 maxlen: 24
185.214.170.0/24 maxlen: 24
176.119.134.0/24 maxlen: 24
176.119.134.0/23 maxlen: 23
176.119.133.0/24 maxlen: 24
176.119.135.0/24 maxlen: 24
185.193.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:07:6f:86:35:08:72:bd:ad:2e:24:68:38:1c:81:01:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: May 10 20:52:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da9a167d4e2d7a656724c0af0df963b723ecb3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:43:0f:b3:0d:28:df:cf:5d:70:fb:1b:86:23:
d8:74:a5:9d:85:23:69:5d:6d:38:76:6a:dc:fb:a9:
f6:11:6b:de:ab:4e:3d:01:59:8f:1a:39:ba:03:d2:
44:27:4d:b6:d5:8b:0f:6c:7a:e0:db:eb:7b:21:65:
8d:ff:e5:c4:cd:95:83:bc:55:d5:1c:b9:55:d5:be:
d6:c1:9e:bc:9b:b2:fd:04:07:05:81:de:f6:8d:74:
80:9c:d4:83:26:ef:90:2c:86:b6:5f:63:27:91:b3:
22:27:28:92:59:53:51:28:74:01:ac:96:8e:18:99:
a7:a3:9e:bf:fc:0d:eb:cd:de:5d:8e:93:8b:d8:ab:
6b:d8:77:93:ca:b0:64:6b:e2:50:62:ca:e1:e3:3f:
76:71:f7:a6:af:b6:40:41:78:28:ca:5d:bb:d3:8b:
6f:af:78:ba:51:f3:4c:73:c7:d0:b5:e7:1f:cb:55:
8c:d5:79:f7:bf:78:37:c9:74:31:29:30:94:45:1c:
45:82:31:4a:79:01:b9:8e:40:83:47:ab:7e:2c:7b:
a7:ae:4b:1a:d4:ef:04:d8:f7:e1:c1:09:ce:32:63:
1e:df:e9:48:00:e9:f3:5f:42:f8:d0:61:78:f5:b1:
c8:f4:8d:59:0c:54:5d:28:8b:d1:b8:41:ea:90:51:
80:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9A:16:7D:4E:2D:7A:65:67:24:C0:AF:0D:F9:63:B7:23:EC:B3:D5
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/2poWfU4temVnJMCvDfljtyPss9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.132.0/22
185.193.172.0/22
185.211.41.0/24
185.214.169.0-185.214.171.255
Signature Algorithm: sha256WithRSAEncryption
3d:63:9e:60:25:0b:43:d2:8d:ea:c6:cd:7a:f0:42:97:de:dc:
64:5c:d4:3b:a6:39:73:57:9f:77:ef:57:11:35:da:6e:4c:b1:
24:88:dd:22:7c:9d:48:e5:10:e6:e3:de:1a:28:4c:27:16:0f:
62:87:09:f0:e4:a4:47:5d:4d:18:3a:37:b6:b1:9e:0d:91:80:
7d:27:82:1e:1f:4b:7f:ce:25:7e:f5:97:75:f1:40:5c:7e:04:
75:e8:03:75:5f:14:32:bb:dd:91:f4:25:3b:99:b7:55:bc:65:
cb:ca:e4:e1:08:8b:15:e3:9c:fb:38:00:fd:33:01:b2:89:cb:
a9:06:27:32:97:f5:6e:c3:80:02:40:d1:e9:aa:ed:a1:79:30:
1f:8d:88:a0:9e:85:41:c7:c3:1b:78:02:65:bb:03:00:42:af:
fb:e3:54:86:da:c3:de:1f:c6:d2:80:d7:1a:f8:67:92:9f:a2:
0b:a8:4f:c7:f7:68:ac:88:a3:dd:70:e6:6b:7e:cf:fd:70:a8:
7a:f6:62:4f:98:72:bf:82:c6:0a:67:c8:a4:c6:e0:ff:27:4e:
1a:2b:97:aa:48:d6:be:dd:0d:1f:83:b5:5b:f6:35:5f:15:2f:
27:2a:ac:28:af:7b:10:8f:65:8b:f0:41:8a:55:91:67:3e:d2:
9f:20:98:b4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYgHb4Y1CHK9rS4kaDgcgQGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxN2JmNGZiZWE4OTRmNDNlZWIzZGIxYjIxNmU1Nzc2NmUw
MWFiODEwHhcNMjMwNTEwMjA1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTlhMTY3ZDRlMmQ3YTY1NjcyNGMwYWYwZGY5NjNiNzIzZWNiM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0MPsw0o389dcPsbhiPYdKWdhSNp
XW04dmrc+6n2EWveq049AVmPGjm6A9JEJ0221YsPbHrg2+t7IWWN/+XEzZWDvFXV
HLlV1b7WwZ68m7L9BAcFgd72jXSAnNSDJu+QLIa2X2MnkbMiJyiSWVNRKHQBrJaO
GJmno56//A3rzd5djpOL2Ktr2HeTyrBka+JQYsrh4z92cfemr7ZAQXgoyl2704tv
r3i6UfNMc8fQtecfy1WM1Xn3v3g3yXQxKTCURRxFgjFKeQG5jkCDR6t+LHunrksa
1O8E2PfhwQnOMmMe3+lIAOnzX0L40GF49bHI9I1ZDFRdKIvRuEHqkFGAPQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNqaFn1OLXplZyTArw35Y7cj7LPVMB8GA1UdIwQY
MBaAFNF79PvqiU9D7rPbGyFuV3ZuAauBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDIt
MmMyMDFkMzBhZTA1LzEvMnBvV2ZVNHRlbVZuSk1DdkRmbGp0eVBzczlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDItMmMyMDFkMzBhZTA1
LzEvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCsHeEAwQC
ucGsAwQAudMpMAwDBAC51qkDBAK51qgwDQYJKoZIhvcNAQELBQADggEBAD1jnmAl
C0PSjerGzXrwQpfe3GRc1DumOXNXn3fvVxE12m5MsSSI3SJ8nUjlEObj3hooTCcW
D2KHCfDkpEddTRg6N7axng2RgH0ngh4fS3/OJX71l3XxQFx+BHXoA3VfFDK73ZH0
JTuZt1W8ZcvK5OEIixXjnPs4AP0zAbKJy6kGJzKX9W7DgAJA0emq7aF5MB+NiKCe
hUHHwxt4AmW7AwBCr/vjVIbaw94fxtKA1xr4Z5KfoguoT8f3aKyIo91w5mt+z/1w
qHr2Yk+Ycr+CxgpnyKTG4P8nThorl6pI1r7dDR+DtVv2NV8VLycqrCivexCPZYvw
QYpVkWc+0p8gmLQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:55 2025 by rpki-client