Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/FTqu9KgmL1ZDawA4ZVRcM1_8-a8.roa
File: FTqu9KgmL1ZDawA4ZVRcM1_8-a8.roa (raw, json)
Hash identifier: YenycjRhLZzq64/zxeo3XIkFEHxtQi32i7ONFXecZSk=
Subject key identifier: 15:3A:AE:F4:A8:26:2F:56:43:6B:00:38:65:54:5C:33:5F:FC:F9:AF
Certificate issuer: /CN=2becef943d34c80e0a0fd81426e6136b31508fee
Certificate serial: 01877685EF4B990D765AA9E9E91EB77FDD84
Authority key identifier: 2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/FTqu9KgmL1ZDawA4ZVRcM1_8-a8.roa
Signing time: Wed 12 Apr 2023 17:31:41 +0000
ROA not before: Wed 12 Apr 2023 17:31:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12357
IP address blocks: 185.195.178.0/24 maxlen: 24
185.195.177.0/24 maxlen: 24
185.195.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:85:ef:4b:99:0d:76:5a:a9:e9:e9:1e:b7:7f:dd:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2becef943d34c80e0a0fd81426e6136b31508fee
Validity
Not Before: Apr 12 17:31:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=153aaef4a8262f56436b003865545c335ffcf9af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:01:e4:7b:88:ce:11:5f:14:c5:88:e4:a6:
f3:79:c1:25:e6:04:22:b9:14:12:c8:4b:11:df:1a:
80:01:35:b6:95:5c:e5:d3:b9:74:08:9a:63:c4:3f:
f7:28:dc:fb:73:78:e2:31:4d:42:e9:df:bb:02:30:
43:46:5f:b4:5f:3d:e0:b3:bb:35:ce:2d:0a:35:20:
a0:4d:e3:4a:07:68:c8:81:f5:e7:56:ae:0d:3d:3e:
f2:d0:0c:a3:a5:39:3f:f2:97:56:c6:30:e6:42:f8:
2d:26:19:f1:da:b6:77:87:6f:cd:57:70:1f:48:17:
1e:26:37:4b:25:3d:30:63:04:c7:d2:61:ec:94:f4:
2e:48:fe:7c:7c:c8:14:c0:21:e9:0b:f1:d0:b5:2d:
45:c4:8f:fe:25:f2:c5:36:30:64:c4:37:1c:98:df:
c5:fa:dd:a6:45:ed:c4:96:d8:7a:b8:8f:79:84:7c:
4b:a3:97:08:ba:df:d6:8a:58:e1:6a:7d:40:89:e7:
49:60:f1:b7:19:d4:52:7d:0a:98:20:9e:6b:83:f5:
a1:97:06:81:64:40:64:95:87:c1:06:19:4b:a0:5b:
bb:ea:06:9b:12:88:9d:82:18:af:8f:e6:48:95:82:
99:6d:9a:cf:e7:aa:93:42:71:ce:49:10:17:d3:12:
e9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3A:AE:F4:A8:26:2F:56:43:6B:00:38:65:54:5C:33:5F:FC:F9:AF
X509v3 Authority Key Identifier:
keyid:2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/FTqu9KgmL1ZDawA4ZVRcM1_8-a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/K-zvlD00yA4KD9gUJuYTazFQj-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.176.0-185.195.178.255
Signature Algorithm: sha256WithRSAEncryption
2b:48:52:df:ca:93:cf:b8:1e:fb:66:ab:70:b5:f1:67:8b:d5:
18:4c:06:9f:4a:f7:d7:0e:26:96:06:34:d0:ff:14:de:94:bc:
c4:3a:4e:29:bf:57:a6:a9:2f:c2:e2:91:14:3b:52:ab:37:44:
34:1d:b7:42:fb:81:ae:52:28:44:23:cc:f4:7c:63:f2:56:dc:
38:0b:3a:ec:1d:09:e5:5e:7d:78:79:af:cb:46:1e:18:b1:3d:
41:da:2a:3d:5f:e5:56:9e:c9:5d:41:a6:f1:63:90:13:11:36:
ec:39:b5:54:e1:f3:aa:70:10:ff:17:77:cc:44:5c:7e:4b:73:
c6:30:8c:dd:21:c4:0d:7c:a2:a8:db:2e:5d:bb:3d:9e:02:2c:
04:4b:0f:44:39:90:18:e2:03:90:25:d9:78:4e:c1:de:ce:30:
0d:c1:4c:33:28:c1:75:a6:1b:98:16:2f:e5:e7:a1:fe:4d:54:
25:6d:22:96:72:0e:61:3d:66:7a:d0:99:df:9c:04:a9:61:77:
d9:84:ca:ea:6e:c4:c4:ca:f4:a1:52:1a:dd:22:d2:28:64:8b:
0b:15:80:bf:36:38:82:3b:67:47:75:91:8f:65:dd:2b:02:0f:
f4:f9:7c:2e:7c:03:e5:70:74:1f:06:d9:a3:ae:c7:41:c5:1d:
d5:cb:17:2a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYd2he9LmQ12Wqnp6R63f92EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZWNlZjk0M2QzNGM4MGUwYTBmZDgxNDI2ZTYxMzZiMzE1
MDhmZWUwHhcNMjMwNDEyMTczMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTNhYWVmNGE4MjYyZjU2NDM2YjAwMzg2NTU0NWMzMzVmZmNmOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSYB5HuIzhFfFMWI5KbzecEl5gQi
uRQSyEsR3xqAATW2lVzl07l0CJpjxD/3KNz7c3jiMU1C6d+7AjBDRl+0Xz3gs7s1
zi0KNSCgTeNKB2jIgfXnVq4NPT7y0AyjpTk/8pdWxjDmQvgtJhnx2rZ3h2/NV3Af
SBceJjdLJT0wYwTH0mHslPQuSP58fMgUwCHpC/HQtS1FxI/+JfLFNjBkxDccmN/F
+t2mRe3Elth6uI95hHxLo5cIut/Wiljhan1AiedJYPG3GdRSfQqYIJ5rg/WhlwaB
ZEBklYfBBhlLoFu76gabEoidghivj+ZIlYKZbZrP56qTQnHOSRAX0xLpwwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBU6rvSoJi9WQ2sAOGVUXDNf/PmvMB8GA1UdIwQY
MBaAFCvs75Q9NMgOCg/YFCbmE2sxUI/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy16dmxEMDB5QTRLRDlnVUp1WVRhekZRai00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZmJhOTMtMjk3My00MjEzLWI2ZjEt
NDQ5MTI0YWNlMDI2LzEvRlRxdTlLZ21MMVpEYXdBNFpWUmNNMV84LWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZmJhOTMtMjk3My00MjEzLWI2ZjEtNDQ5MTI0YWNlMDI2
LzEvSy16dmxEMDB5QTRLRDlnVUp1WVRhekZRai00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAS5w7AD
BAC5w7IwDQYJKoZIhvcNAQELBQADggEBACtIUt/Kk8+4Hvtmq3C18WeL1RhMBp9K
99cOJpYGNND/FN6UvMQ6Tim/V6apL8LikRQ7Uqs3RDQdt0L7ga5SKEQjzPR8Y/JW
3DgLOuwdCeVefXh5r8tGHhixPUHaKj1f5VaeyV1BpvFjkBMRNuw5tVTh86pwEP8X
d8xEXH5Lc8YwjN0hxA18oqjbLl27PZ4CLARLD0Q5kBjiA5Al2XhOwd7OMA3BTDMo
wXWmG5gWL+Xnof5NVCVtIpZyDmE9ZnrQmd+cBKlhd9mEyupuxMTK9KFSGt0i0ihk
iwsVgL82OII7Z0d1kY9l3SsCD/T5fC58A+VwdB8G2aOux0HFHdXLFyo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:08 2025 by rpki-client