Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/5PGn1kKrgiGnvUvXqxTWhILR1Fg.roa
File: 5PGn1kKrgiGnvUvXqxTWhILR1Fg.roa (raw, json)
Hash identifier: eXo9YDFeeoY0lmSpOvCjKMvmDWcnsdBJvxj8N3Y4KMo=
Subject key identifier: E4:F1:A7:D6:42:AB:82:21:A7:BD:4B:D7:AB:14:D6:84:82:D1:D4:58
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 01398BE7
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/5PGn1kKrgiGnvUvXqxTWhILR1Fg.roa
Signing time: Sat 01 Jan 2022 12:03:45 +0000
ROA not before: Sat 01 Jan 2022 12:03:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207974
IP address blocks: 185.214.168.0/24 maxlen: 24
185.214.168.0/22 maxlen: 22
185.214.170.0/24 maxlen: 24
185.214.169.0/24 maxlen: 24
185.214.171.0/24 maxlen: 24
2a0a:3b40::/36 maxlen: 36
2a0a:3b40:1000::/36 maxlen: 36
2a0a:3b40:2000::/36 maxlen: 36
2a0a:3b40:3000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20548583 (0x1398be7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Jan 1 12:03:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4f1a7d642ab8221a7bd4bd7ab14d68482d1d458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cf:bf:f4:77:6c:e3:26:71:6f:7c:7a:2a:19:
e7:20:62:01:08:46:80:0a:a4:c9:5a:67:a4:d6:08:
d8:1f:3c:41:c5:f4:97:08:aa:1f:42:38:df:99:43:
11:f0:e4:34:01:da:8f:65:8a:7e:1e:6e:4f:51:f3:
15:55:83:18:98:64:3a:1a:cb:75:56:4d:36:a3:f2:
4d:cd:c5:19:ae:8f:b5:2a:49:24:40:de:9d:6c:a6:
b5:2b:4d:b9:78:02:f6:52:07:d6:b1:48:c4:c0:ce:
87:ca:30:e8:7c:c8:cc:ab:99:9e:b9:81:2f:30:0b:
60:e5:3d:26:2f:88:e6:b2:33:3d:cd:22:5d:5d:a8:
65:ab:3a:6b:1c:90:f4:ac:bf:3d:79:d7:e0:ed:86:
b4:a5:52:e6:84:ff:39:67:33:93:42:24:22:ec:25:
03:c4:bf:66:5b:e3:1e:0c:6b:9a:df:40:52:04:cc:
d4:d5:9e:e8:c8:cc:91:a0:13:e4:94:9b:21:04:16:
1b:1b:20:e9:1f:19:0f:6b:d6:65:db:c6:f2:e2:90:
f3:66:d9:3b:49:68:f5:7a:b2:58:c5:29:98:19:5b:
ea:32:2d:d0:c2:58:be:45:7b:33:ff:e9:b5:82:84:
81:e4:c0:3f:05:a7:76:b3:13:c4:98:4a:1a:02:f3:
8c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F1:A7:D6:42:AB:82:21:A7:BD:4B:D7:AB:14:D6:84:82:D1:D4:58
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/5PGn1kKrgiGnvUvXqxTWhILR1Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.168.0/22
IPv6:
2a0a:3b40::/34
Signature Algorithm: sha256WithRSAEncryption
15:38:5d:14:13:d2:0a:51:0b:65:50:28:4c:08:ec:eb:ff:47:
2a:6d:22:51:9d:b0:06:9f:e9:de:ea:bd:a6:66:27:42:0b:77:
12:a9:bd:31:17:01:5c:f5:6c:f8:de:56:03:5a:5b:55:10:6a:
1b:67:2b:ad:34:7d:80:50:eb:f5:5c:31:4b:15:d1:f0:ab:44:
df:98:88:75:63:a8:8d:74:82:45:bd:3e:e2:28:5c:b3:f3:d5:
dc:dc:d5:9c:59:eb:14:7e:67:cf:88:8b:f8:58:cf:13:a3:a1:
3f:c3:e4:05:1a:6f:48:33:a7:db:4a:d3:04:3c:62:63:48:e4:
4d:20:cc:b2:14:ba:4a:20:32:67:0f:bd:68:9d:2f:31:1d:ba:
de:aa:b2:04:1f:ec:76:8b:28:d4:b2:21:7b:c1:24:0d:d9:71:
9e:4b:36:73:cd:ba:f1:09:64:c3:a3:66:b4:ac:b0:b0:17:eb:
c7:27:4e:18:a2:67:c7:5c:5c:f7:9b:ed:ce:91:59:a2:38:d3:
9d:d9:8a:a9:1f:2e:1e:fe:cb:7a:57:e7:c4:1c:74:bd:b6:31:
43:fd:42:e6:c2:09:ac:d0:c2:18:af:1d:c3:90:ea:f7:1b:73:
ab:a7:58:63:ee:d1:3f:bf:05:74:aa:e6:57:1e:80:b0:1a:f1:
b3:ca:5b:a5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEATmL5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTdiZjRmYmVhODk0ZjQzZWViM2RiMWIyMTZlNTc3NjZlMDFhYjgxMB4XDTIyMDEw
MTEyMDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRmMWE3ZDY0MmFi
ODIyMWE3YmQ0YmQ3YWIxNGQ2ODQ4MmQxZDQ1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvPv/R3bOMmcW98eioZ5yBiAQhGgAqkyVpnpNYI2B88QcX0
lwiqH0I435lDEfDkNAHaj2WKfh5uT1HzFVWDGJhkOhrLdVZNNqPyTc3FGa6PtSpJ
JEDenWymtStNuXgC9lIH1rFIxMDOh8ow6HzIzKuZnrmBLzALYOU9Ji+I5rIzPc0i
XV2oZas6axyQ9Ky/PXnX4O2GtKVS5oT/OWczk0IkIuwlA8S/ZlvjHgxrmt9AUgTM
1NWe6MjMkaAT5JSbIQQWGxsg6R8ZD2vWZdvG8uKQ82bZO0lo9XqyWMUpmBlb6jIt
0MJYvkV7M//ptYKEgeTAPwWndrMTxJhKGgLzjJ0CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBTk8afWQquCIae9S9erFNaEgtHUWDAfBgNVHSMEGDAWgBTRe/T76olPQ+6z
2xshbld2bgGrgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBYdjAtLXFKVDBQdXM5c2JJVzVYZG00QnE0RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNDIxNTI5LTczZTItNDkxNi04YmQyLTJjMjAxZDMwYWUwNS8x
LzVQR24xa0tyZ2lHbnZVdlhxeFRXaElMUjFGZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NDIxNTI5LTczZTItNDkxNi04YmQyLTJjMjAxZDMwYWUwNS8xLzBYdjAtLXFKVDBQ
dXM5c2JJVzVYZG00QnE0RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEArnWqDAOBAIAAjAIAwYGKgo7QAAw
DQYJKoZIhvcNAQELBQADggEBABU4XRQT0gpRC2VQKEwI7Ov/RyptIlGdsAaf6d7q
vaZmJ0ILdxKpvTEXAVz1bPjeVgNaW1UQahtnK600fYBQ6/VcMUsV0fCrRN+YiHVj
qI10gkW9PuIoXLPz1dzc1ZxZ6xR+Z8+Ii/hYzxOjoT/D5AUab0gzp9tK0wQ8YmNI
5E0gzLIUukogMmcPvWidLzEdut6qsgQf7HaLKNSyIXvBJA3ZcZ5LNnPNuvEJZMOj
ZrSssLAX68cnThiiZ8dcXPeb7c6RWaI4053ZiqkfLh7+y3pX58QcdL22MUP9QubC
CazQwhivHcOQ6vcbc6unWGPu0T+/BXSq5lcegLAa8bPKW6U=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:50 2025 by rpki-client