Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/vHOnMV0POVXj9l0Sf7Zk4FEn-Ng.roa
File: vHOnMV0POVXj9l0Sf7Zk4FEn-Ng.roa (raw, json)
Hash identifier: i8HgUw5tF2NAolcZI72F62Hyz2mbE0RamCilUXJkgg0=
Subject key identifier: BC:73:A7:31:5D:0F:39:55:E3:F6:5D:12:7F:B6:64:E0:51:27:F8:D8
Certificate issuer: /CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Certificate serial: 018BC5E540C7153829AFEAC9747246ED286B
Authority key identifier: FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/vHOnMV0POVXj9l0Sf7Zk4FEn-Ng.roa
Signing time: Sun 12 Nov 2023 23:36:57 +0000
ROA not before: Sun 12 Nov 2023 23:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199346
IP address blocks: 185.12.158.0/23 maxlen: 24
185.12.156.0/24 maxlen: 24
81.24.248.0/21 maxlen: 24
2a03:2240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c5:e5:40:c7:15:38:29:af:ea:c9:74:72:46:ed:28:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Validity
Not Before: Nov 12 23:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc73a7315d0f3955e3f65d127fb664e05127f8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ce:08:90:5c:9f:25:41:52:a7:e5:be:10:c4:
a5:ba:53:8f:f1:a4:b6:ec:fd:79:b0:69:44:88:d7:
86:ce:15:d9:94:30:11:59:5c:94:be:15:11:b3:17:
e7:c3:26:9a:13:1d:db:4b:d0:6a:c0:b1:a4:a7:60:
b0:87:ae:62:11:51:11:87:51:7d:53:ea:50:b9:63:
6f:83:4a:37:90:e7:bc:b4:f7:1a:52:b0:e9:1a:4b:
53:53:b4:70:74:d5:48:d6:df:ab:79:d3:51:25:a6:
98:5f:b6:8a:68:ae:83:b3:99:d9:27:ce:48:a1:d6:
3e:73:2f:6a:58:87:6d:a6:58:d5:3a:37:52:d5:19:
63:32:8a:01:8a:80:e4:95:fb:99:d8:81:b7:e3:c9:
65:3f:2f:bf:8b:1d:78:98:c0:78:da:39:78:39:e1:
47:68:3b:0d:a1:f5:f8:0d:e3:87:25:df:12:6f:ac:
99:a4:a7:d7:c7:b5:f8:6e:60:19:35:f8:23:90:63:
c7:6c:9d:d3:a8:5b:ce:19:c3:83:52:63:48:78:5b:
70:88:db:08:9b:21:96:26:30:23:03:4a:b7:46:cd:
01:d8:a9:7b:bd:19:b6:e3:cd:6a:5e:b3:d4:9f:48:
cf:32:11:e6:bc:7d:88:bf:92:d0:83:ba:80:5b:90:
25:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:73:A7:31:5D:0F:39:55:E3:F6:5D:12:7F:B6:64:E0:51:27:F8:D8
X509v3 Authority Key Identifier:
keyid:FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/vHOnMV0POVXj9l0Sf7Zk4FEn-Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.248.0/21
185.12.156.0/24
185.12.158.0/23
IPv6:
2a03:2240::/32
Signature Algorithm: sha256WithRSAEncryption
0a:ba:99:c8:88:57:59:ab:18:d4:2b:ba:44:96:13:06:9a:4a:
59:38:f1:d3:7c:ea:52:92:22:87:f7:2f:a7:b9:49:31:42:54:
1e:7f:bf:a3:54:36:6f:68:e6:ec:cf:7d:af:7e:30:4e:b8:bb:
d9:a1:0d:89:b6:38:e3:42:3e:7b:d7:8d:c2:9d:29:6e:87:1d:
27:8b:e6:d7:e7:43:e6:76:29:0f:f2:26:9a:0d:a7:e1:c7:33:
61:b1:5b:c2:9a:10:51:92:5b:f3:8a:be:07:a3:4e:2b:4b:94:
cc:0d:df:41:9c:17:e8:0a:e1:9e:eb:ff:7b:6f:3a:90:50:fd:
11:78:2d:b3:c6:a3:f7:d6:71:0f:43:e6:a8:4d:2d:ea:7e:fe:
6f:fa:ba:65:42:b9:c5:6a:f1:a1:54:1e:9a:9e:a7:29:6e:17:
56:bf:9a:98:6b:0d:a0:db:95:29:95:1a:44:13:f5:5b:78:74:
89:a5:19:33:20:72:43:64:f3:f3:6a:20:e1:de:99:95:c4:02:
17:fc:b0:82:67:7b:7f:f7:61:bb:17:fc:e2:a7:9a:20:bc:1b:
fb:a4:9a:35:49:9a:c3:f7:f6:98:50:fa:51:56:8c:b0:6f:af:
2b:35:43:f0:dd:be:77:59:11:18:f4:cb:53:e1:9a:c2:f9:06:
57:52:41:a5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvF5UDHFTgpr+rJdHJG7ShrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDcwNWEzNjNkYzFkOGQwZWE1MWM5YjlhMWVjYmQzODA3
YmQwNTQwHhcNMjMxMTEyMjMzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzczYTczMTVkMGYzOTU1ZTNmNjVkMTI3ZmI2NjRlMDUxMjdmOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM4IkFyfJUFSp+W+EMSlulOP8aS2
7P15sGlEiNeGzhXZlDARWVyUvhURsxfnwyaaEx3bS9BqwLGkp2Cwh65iEVERh1F9
U+pQuWNvg0o3kOe8tPcaUrDpGktTU7RwdNVI1t+redNRJaaYX7aKaK6Ds5nZJ85I
odY+cy9qWIdtpljVOjdS1RljMooBioDklfuZ2IG348llPy+/ix14mMB42jl4OeFH
aDsNofX4DeOHJd8Sb6yZpKfXx7X4bmAZNfgjkGPHbJ3TqFvOGcODUmNIeFtwiNsI
myGWJjAjA0q3Rs0B2Kl7vRm2481qXrPUn0jPMhHmvH2Iv5LQg7qAW5AlewIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLxzpzFdDzlV4/ZdEn+2ZOBRJ/jYMB8GA1UdIwQY
MBaAFP9HBaNj3B2NDqUcm5oey9OAe9BUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYt
NTZiYmUzOGY3NDA3LzEvdkhPbk1WMFBPVlhqOWwwU2Y3Wms0RkVuLU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYtNTZiYmUzOGY3NDA3
LzEvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDURj4AwQA
uQycAwQBuQyeMA0EAgACMAcDBQAqAyJAMA0GCSqGSIb3DQEBCwUAA4IBAQAKupnI
iFdZqxjUK7pElhMGmkpZOPHTfOpSkiKH9y+nuUkxQlQef7+jVDZvaObsz32vfjBO
uLvZoQ2JtjjjQj57143CnSluhx0ni+bX50PmdikP8iaaDafhxzNhsVvCmhBRklvz
ir4Ho04rS5TMDd9BnBfoCuGe6/97bzqQUP0ReC2zxqP31nEPQ+aoTS3qfv5v+rpl
QrnFavGhVB6anqcpbhdWv5qYaw2g25UplRpEE/VbeHSJpRkzIHJDZPPzaiDh3pmV
xAIX/LCCZ3t/92G7F/zip5ogvBv7pJo1SZrD9/aYUPpRVoywb68rNUPw3b53WREY
9MtT4ZrC+QZXUkGl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:01 2025 by rpki-client