Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/l7XDdPzRVWMzmlLC9kaOH-J8Jyo.roa
File: l7XDdPzRVWMzmlLC9kaOH-J8Jyo.roa (raw, json)
Hash identifier: IIsLVlN4phTvwRPfCxKgDGEaKfLQw9tMyOH+ql/jxnU=
Subject key identifier: 97:B5:C3:74:FC:D1:55:63:33:9A:52:C2:F6:46:8E:1F:E2:7C:27:2A
Certificate issuer: /CN=1da97cae7de6b29e56f0259af53c95926034a502
Certificate serial: 07F70970
Authority key identifier: 1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/l7XDdPzRVWMzmlLC9kaOH-J8Jyo.roa
Signing time: Wed 26 Jan 2022 21:27:33 +0000
ROA not before: Wed 26 Jan 2022 21:27:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197595
IP address blocks: 185.242.228.0/22 maxlen: 22
45.141.108.0/22 maxlen: 22
195.128.240.0/23 maxlen: 23
178.132.72.0/21 maxlen: 21
185.86.104.0/22 maxlen: 22
185.147.236.0/22 maxlen: 22
195.128.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133630320 (0x7f70970)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1da97cae7de6b29e56f0259af53c95926034a502
Validity
Not Before: Jan 26 21:27:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97b5c374fcd15563339a52c2f6468e1fe27c272a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:73:9c:b9:df:d2:a7:68:00:d4:cd:3e:9b:f6:
eb:c4:36:02:da:2a:e0:1b:cb:20:19:a9:b0:74:8a:
ad:e6:44:ca:85:a0:2f:5d:b9:42:f1:8a:cc:0c:db:
c9:5b:33:d2:2a:6b:9e:b9:d3:46:9c:d1:cd:54:54:
db:82:e0:43:c2:e7:2b:f6:1f:c2:c9:90:d5:b5:79:
9a:92:94:c1:1c:04:9a:96:2a:de:3e:58:0f:f3:15:
5a:1a:d8:7c:8c:48:c6:f6:ab:99:fb:45:9c:19:c3:
8e:7d:59:79:c1:73:35:d0:7f:64:95:b2:b4:6b:26:
ac:91:11:12:c6:c6:19:28:c7:9c:20:75:27:e4:a9:
2e:6b:40:10:ee:29:7f:92:64:98:35:ea:38:51:c7:
8a:15:49:00:cf:11:28:75:6e:20:c1:d5:9a:5a:e3:
9e:cf:fe:5a:2b:71:bb:b7:95:a8:a2:c5:65:30:35:
df:2b:fa:bf:36:88:f6:32:d4:e0:ad:38:30:e8:6e:
00:4f:b6:b7:63:3f:6a:9a:b8:50:92:98:97:25:c4:
f1:d9:d8:49:99:1a:f1:a0:2a:f7:15:fc:f8:20:ec:
3a:dd:3c:95:24:3d:48:2d:c6:c0:00:1f:e1:09:97:
17:31:af:91:19:45:1a:8c:8d:44:13:a4:70:da:98:
9c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B5:C3:74:FC:D1:55:63:33:9A:52:C2:F6:46:8E:1F:E2:7C:27:2A
X509v3 Authority Key Identifier:
keyid:1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/l7XDdPzRVWMzmlLC9kaOH-J8Jyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/Hal8rn3msp5W8CWa9TyVkmA0pQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.108.0/22
178.132.72.0/21
185.86.104.0/22
185.147.236.0/22
185.242.228.0/22
195.128.240.0/23
195.128.254.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:4a:26:bc:44:62:4c:b5:67:00:a9:31:18:60:7c:66:08:55:
9d:9f:4e:0b:8b:15:9b:8c:72:31:bc:11:be:af:fe:b2:99:1d:
6f:24:cd:4b:42:c7:f3:2d:03:c5:e6:b0:c5:4f:a3:a3:b7:25:
a9:05:7d:92:db:18:12:60:5f:4e:a2:b1:b7:e1:96:e9:42:38:
18:ce:da:50:c2:77:e2:94:92:f9:0c:04:e6:98:6e:db:3d:0e:
46:80:07:a9:64:ac:ee:fc:1f:01:e1:ae:71:ee:0c:77:dd:85:
d0:db:87:4d:ef:52:71:4f:09:1a:74:80:9a:89:eb:ee:f8:de:
40:88:19:e1:d9:f9:87:f2:a1:3e:39:74:88:9a:a9:62:f4:2a:
58:18:8f:5e:e8:b0:84:38:9d:fd:ae:b6:8f:c7:54:c6:5c:6a:
10:39:0a:8e:ba:82:1c:11:9b:15:4f:3f:ca:28:cc:63:ca:82:
ec:13:a8:98:76:57:12:20:9e:53:34:dd:70:08:20:e5:e4:1f:
d3:d2:50:c5:5f:e0:82:6f:2a:76:0d:4b:8d:6e:c1:1d:5e:c3:
d1:b6:59:85:15:3b:70:28:d8:9b:f3:17:30:9c:65:6d:48:b0:
c4:e0:ce:c5:a4:31:f8:c6:42:6b:f0:18:62:f7:9f:4e:b5:53:
01:41:68:7b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEB/cJcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGE5N2NhZTdkZTZiMjllNTZmMDI1OWFmNTNjOTU5MjYwMzRhNTAyMB4XDTIyMDEy
NjIxMjczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdiNWMzNzRmY2Qx
NTU2MzMzOWE1MmMyZjY0NjhlMWZlMjdjMjcyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZznLnf0qdoANTNPpv268Q2Atoq4BvLIBmpsHSKreZEyoWg
L125QvGKzAzbyVsz0iprnrnTRpzRzVRU24LgQ8LnK/YfwsmQ1bV5mpKUwRwEmpYq
3j5YD/MVWhrYfIxIxvarmftFnBnDjn1ZecFzNdB/ZJWytGsmrJEREsbGGSjHnCB1
J+SpLmtAEO4pf5JkmDXqOFHHihVJAM8RKHVuIMHVmlrjns/+Witxu7eVqKLFZTA1
3yv6vzaI9jLU4K04MOhuAE+2t2M/apq4UJKYlyXE8dnYSZka8aAq9xX8+CDsOt08
lSQ9SC3GwAAf4QmXFzGvkRlFGoyNRBOkcNqYnIcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSXtcN0/NFVYzOaUsL2Ro4f4nwnKjAfBgNVHSMEGDAWgBQdqXyufeaynlbw
JZr1PJWSYDSlAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hhbDhybjNtc3A1VzhDV2E5VHlWa21BMHBRSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvODViNjczLWYxYWQtNDNlMi1iZmU3LTBjZDcyMzZiMjliNi8x
L2w3WERkUHpSVldNem1sTEM5a2FPSC1KOEp5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
ODViNjczLWYxYWQtNDNlMi1iZmU3LTBjZDcyMzZiMjliNi8xL0hhbDhybjNtc3A1
VzhDV2E5VHlWa21BMHBRSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAi2NbAMEA7KESAMEArlWaAMEArmT
7AMEArny5AMEAcOA8AMEAcOA/jANBgkqhkiG9w0BAQsFAAOCAQEAG0omvERiTLVn
AKkxGGB8ZghVnZ9OC4sVm4xyMbwRvq/+spkdbyTNS0LH8y0DxeawxU+jo7clqQV9
ktsYEmBfTqKxt+GW6UI4GM7aUMJ34pSS+QwE5phu2z0ORoAHqWSs7vwfAeGuce4M
d92F0NuHTe9ScU8JGnSAmonr7vjeQIgZ4dn5h/KhPjl0iJqpYvQqWBiPXuiwhDid
/a62j8dUxlxqEDkKjrqCHBGbFU8/yijMY8qC7BOomHZXEiCeUzTdcAgg5eQf09JQ
xV/ggm8qdg1LjW7BHV7D0bZZhRU7cCjYm/MXMJxlbUiwxODOxaQx+MZCa/AYYvef
TrVTAUFoew==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:48 2025 by rpki-client