Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/1-R4bdb6JHYPzXweN1OHnBoAaRlI.roa
File: 1-R4bdb6JHYPzXweN1OHnBoAaRlI.roa (raw, json)
Hash identifier: pjyXYuj42XR54K5Ug3bP5LzDsHTVGrzvaCteLRXwuRk=
Subject key identifier: F9:1E:1B:75:BE:89:1D:83:F3:5F:07:8D:D4:E1:E7:06:80:1A:46:52
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 01899C5425BDAC42F87D4E2CE8FDFA864E04
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/1-R4bdb6JHYPzXweN1OHnBoAaRlI.roa
Signing time: Fri 28 Jul 2023 11:48:27 +0000
ROA not before: Fri 28 Jul 2023 11:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16347
IP address blocks: 109.74.84.0/23 maxlen: 23
109.74.91.0/24 maxlen: 24
85.14.166.0/23 maxlen: 23
85.14.174.0/24 maxlen: 24
85.14.178.0/23 maxlen: 23
217.171.23.0/24 maxlen: 24
217.171.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:54:25:bd:ac:42:f8:7d:4e:2c:e8:fd:fa:86:4e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jul 28 11:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f91e1b75be891d83f35f078dd4e1e706801a4652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6c:52:29:36:d6:d5:7c:9e:7c:7b:e7:f0:c1:
77:10:c5:57:b2:0f:e1:55:c8:d2:5a:ae:0c:f3:0d:
5d:58:7f:55:e0:37:d4:fa:f5:3a:bc:aa:60:68:e6:
2e:71:fa:b1:b3:92:05:6d:6f:8a:d3:ac:34:90:f4:
54:c1:7a:e0:5c:e7:cb:32:ba:f8:83:59:b5:fc:ce:
27:18:ec:a7:63:26:3b:b2:44:ec:70:7b:77:65:7b:
ef:7f:df:44:48:80:b2:a8:dc:e2:4b:44:89:89:e1:
4d:ac:76:f3:4d:d5:bd:49:2c:4e:1a:ed:ac:a1:ae:
9f:0b:c0:55:2d:fa:31:4b:a2:b5:ab:aa:ef:cb:cf:
3a:24:be:b1:7e:63:f9:79:3f:ac:b0:e9:bd:a5:34:
e7:57:e9:1e:2a:58:92:23:ac:a9:f4:76:df:fb:62:
58:e2:71:b0:24:c5:c6:85:b6:36:62:43:fd:fa:ad:
74:93:c9:81:c1:cc:b3:8b:43:78:ef:fe:08:c5:d9:
b7:f0:47:21:d2:93:cd:10:aa:4d:6f:e1:8d:9b:3e:
82:f5:52:20:67:18:a5:ca:fe:0f:80:cb:7b:c7:8c:
87:c9:28:ea:a0:f7:06:ae:ac:9a:e7:87:73:c9:c3:
e4:e9:ae:6a:d5:ab:74:83:1f:41:2f:ca:b6:3f:f5:
13:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1E:1B:75:BE:89:1D:83:F3:5F:07:8D:D4:E1:E7:06:80:1A:46:52
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/1-R4bdb6JHYPzXweN1OHnBoAaRlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.166.0/23
85.14.174.0/24
85.14.178.0/23
109.74.84.0/23
109.74.91.0/24
217.171.23.0/24
217.171.28.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:9f:b3:a5:35:71:30:e6:83:59:34:29:7f:57:a4:37:9b:db:
ce:01:60:47:69:0e:07:62:3f:c0:1c:0a:85:fe:e8:72:82:ca:
e9:a3:f6:29:ff:37:b0:1f:6a:66:8a:bf:e2:a6:db:a9:be:12:
9a:54:f7:70:10:a2:17:2f:34:fa:aa:07:50:64:61:dd:63:55:
f0:b3:2c:33:0b:03:5f:b1:ca:57:76:1e:f2:7b:80:1d:a2:81:
c1:75:d9:90:4f:6f:95:32:b5:82:0b:22:74:7e:bd:a0:f3:5e:
3a:f5:13:34:14:bb:44:fd:1f:0d:5a:34:6b:f7:6b:21:a1:2a:
de:37:95:ea:32:63:ad:82:f1:0a:e0:6b:eb:72:ed:12:fc:a0:
ba:48:e1:68:ad:d1:2c:13:bc:7a:83:f9:34:5d:29:e1:ea:43:
06:11:05:10:dc:d8:54:07:8b:da:c1:38:21:5c:f5:30:2e:30:
a0:53:75:62:4e:88:14:c7:17:7f:3a:2d:e4:89:74:a7:5f:0f:
d6:7e:5f:f7:cb:7d:7b:c0:18:58:9d:93:64:d9:4b:4b:21:f1:
2d:09:ba:76:53:75:48:3b:66:f3:b4:7b:6a:98:56:c2:cd:a5:
f9:cf:dc:11:98:25:87:37:18:e7:0d:11:21:18:fb:dc:e0:dd:
d0:7d:17:3b
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYmcVCW9rEL4fU4s6P36hk4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjMwNzI4MTE0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFlMWI3NWJlODkxZDgzZjM1ZjA3OGRkNGUxZTcwNjgwMWE0NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWxSKTbW1XyefHvn8MF3EMVXsg/h
VcjSWq4M8w1dWH9V4DfU+vU6vKpgaOYucfqxs5IFbW+K06w0kPRUwXrgXOfLMrr4
g1m1/M4nGOynYyY7skTscHt3ZXvvf99ESICyqNziS0SJieFNrHbzTdW9SSxOGu2s
oa6fC8BVLfoxS6K1q6rvy886JL6xfmP5eT+ssOm9pTTnV+keKliSI6yp9Hbf+2JY
4nGwJMXGhbY2YkP9+q10k8mBwcyzi0N47/4Ixdm38Ech0pPNEKpNb+GNmz6C9VIg
Zxilyv4PgMt7x4yHySjqoPcGrqya54dzycPk6a5q1at0gx9BL8q2P/UT0wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPkeG3W+iR2D818HjdTh5waAGkZSMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvMS1SNGJkYjZKSFlQelh3ZU4xT0huQm9BYVJsSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvYjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJm
YS8xL01IMklmQUxnZko1SFRSLU9JUVNjcW16ai05TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAVUOpgME
AFUOrgMEAVUOsgMEAW1KVAMEAG1KWwMEANmrFwMEANmrHDANBgkqhkiG9w0BAQsF
AAOCAQEApZ+zpTVxMOaDWTQpf1ekN5vbzgFgR2kOB2I/wBwKhf7ocoLK6aP2Kf83
sB9qZoq/4qbbqb4SmlT3cBCiFy80+qoHUGRh3WNV8LMsMwsDX7HKV3Ye8nuAHaKB
wXXZkE9vlTK1ggsidH69oPNeOvUTNBS7RP0fDVo0a/drIaEq3jeV6jJjrYLxCuBr
63LtEvygukjhaK3RLBO8eoP5NF0p4epDBhEFENzYVAeL2sE4IVz1MC4woFN1Yk6I
FMcXfzot5Il0p18P1n5f98t9e8AYWJ2TZNlLSyHxLQm6dlN1SDtm87R7aphWws2l
+c/cEZglhzcY5w0RIRj73ODd0H0XOw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:44 2025 by rpki-client