Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/bIV8SZBrj06AYvQ9F8q75xjRwpQ.roa
File: bIV8SZBrj06AYvQ9F8q75xjRwpQ.roa (raw, json)
Hash identifier: JCxgusHNGA/wxcxMgrb0QDcBKmhq8rXYzJdgtsX4OUs=
Subject key identifier: 6C:85:7C:49:90:6B:8F:4E:80:62:F4:3D:17:CA:BB:E7:18:D1:C2:94
Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial: 01857094F9AA83F839AD118B175F5D0E0E33
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/bIV8SZBrj06AYvQ9F8q75xjRwpQ.roa
Signing time: Mon 02 Jan 2023 03:44:49 +0000
ROA not before: Mon 02 Jan 2023 03:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31529
IP address blocks: 185.151.141.0/24 maxlen: 24
185.151.142.0/24 maxlen: 24
185.151.143.0/24 maxlen: 24
194.0.0.0/24 maxlen: 24
194.0.11.0/24 maxlen: 24
194.246.96.0/24 maxlen: 24
2a02:568:fe00::/48 maxlen: 48
2001:678:e::/48 maxlen: 48
2a02:568:fe01::/48 maxlen: 48
2001:678:2::/48 maxlen: 48
2a02:568:fe02::/48 maxlen: 48
2a02:568:0:2::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:f9:aa:83:f8:39:ad:11:8b:17:5f:5d:0e:0e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Validity
Not Before: Jan 2 03:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c857c49906b8f4e8062f43d17cabbe718d1c294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d4:48:03:1c:13:b0:5f:5f:a2:9e:bd:b7:24:
45:6b:22:d4:03:c6:37:8d:d3:ed:8e:1c:d9:d7:1e:
01:99:43:76:2a:49:6d:21:3a:18:67:62:13:ad:2e:
04:4c:0e:a0:ce:76:16:de:92:02:b8:46:0a:09:54:
3f:91:55:e4:82:57:c9:ed:d6:6f:19:98:94:7e:57:
20:ce:eb:cb:15:9d:45:45:a5:67:b5:9c:0d:89:72:
64:79:f8:62:06:75:77:c9:dd:6f:79:8b:c5:f7:61:
f3:15:50:43:8d:2d:18:05:e6:27:fe:06:6b:69:c8:
c6:af:e5:1c:45:16:72:46:55:d1:36:10:2e:11:bb:
4f:d8:c3:97:14:d8:13:4d:ac:d9:58:a1:93:e0:70:
1f:d3:e3:93:dc:2e:c5:ee:26:11:c9:a3:f8:9d:74:
01:38:ed:93:d5:26:52:d2:c8:b9:20:06:16:6d:3d:
39:4f:c0:7b:58:6a:df:57:17:70:98:c8:8d:e0:2b:
4b:95:a2:3d:10:d3:67:d3:4e:4f:84:b1:ff:e5:d5:
0c:86:ac:92:84:c1:1c:da:ee:98:34:05:07:56:69:
85:fa:7f:87:d5:38:ed:62:15:69:de:1c:1b:06:e5:
af:13:0d:d9:c1:b3:e4:cf:d1:13:a3:0f:3d:9f:ef:
95:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:85:7C:49:90:6B:8F:4E:80:62:F4:3D:17:CA:BB:E7:18:D1:C2:94
X509v3 Authority Key Identifier:
keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/bIV8SZBrj06AYvQ9F8q75xjRwpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.141.0-185.151.143.255
194.0.0.0/24
194.0.11.0/24
194.246.96.0/24
IPv6:
2001:678:2::/48
2001:678:e::/48
2a02:568:0:2::/64
2a02:568:fe00::-2a02:568:fe02:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:36:3e:2d:26:3d:f6:80:72:72:3a:1b:11:ca:81:71:4d:e1:
8c:0b:3e:67:94:f0:67:18:e0:7d:a5:75:9d:ec:74:90:79:93:
05:50:23:28:ec:1e:2f:7b:8b:30:c8:9c:31:e6:c6:b1:a3:1d:
18:9f:a5:4e:06:81:b8:47:c9:42:86:23:4b:3e:05:f3:8a:1c:
ee:94:1a:3e:7f:d7:aa:01:46:87:3e:d2:48:b5:04:a5:15:17:
ee:28:4a:75:5c:63:d0:e5:a7:a3:43:44:2e:99:60:ec:ec:25:
79:49:66:23:dd:8f:a9:e9:d0:4b:ad:5e:6f:78:2f:d9:b2:61:
f3:08:6e:55:7f:c8:42:a6:34:db:9c:6c:2e:39:11:48:4b:41:
ed:de:2a:5f:82:d2:57:f0:82:26:1f:1e:ab:c1:f9:e5:bc:fa:
61:1f:0f:c1:47:1f:99:83:43:80:ce:27:6d:d9:25:a7:e4:79:
0e:ef:62:f7:fe:8c:f9:2a:9b:fa:4e:2f:28:f3:89:f8:7b:80:
35:8f:b3:4b:53:ff:75:33:9d:3d:69:02:20:26:31:b7:ec:33:
b7:82:4f:ff:56:59:7b:1f:2d:ff:5b:d0:26:94:76:06:7f:69:
f2:e0:fa:48:c1:7c:de:c8:f0:fb:9b:ce:10:83:58:b6:96:e7:
02:b1:df:58
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVwlPmqg/g5rRGLF19dDg4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjI5NmQ2YjUzNGZlM2EzMmNjMWMzYTRlODEzNThmMjE2
YzkzYzcwHhcNMjMwMTAyMDM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg1N2M0OTkwNmI4ZjRlODA2MmY0M2QxN2NhYmJlNzE4ZDFjMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NRIAxwTsF9fop69tyRFayLUA8Y3
jdPtjhzZ1x4BmUN2KkltIToYZ2ITrS4ETA6gznYW3pICuEYKCVQ/kVXkglfJ7dZv
GZiUflcgzuvLFZ1FRaVntZwNiXJkefhiBnV3yd1veYvF92HzFVBDjS0YBeYn/gZr
acjGr+UcRRZyRlXRNhAuEbtP2MOXFNgTTazZWKGT4HAf0+OT3C7F7iYRyaP4nXQB
OO2T1SZS0si5IAYWbT05T8B7WGrfVxdwmMiN4CtLlaI9ENNn005PhLH/5dUMhqyS
hMEc2u6YNAUHVmmF+n+H1TjtYhVp3hwbBuWvEw3ZwbPkz9ETow89n++VvwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFGyFfEmQa49OgGL0PRfKu+cY0cKUMB8GA1UdIwQY
MBaAFFWylta1NP46MswcOk6BNY8hbJPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEt
ZGQ2Y2M5N2M5YmRkLzEvYklWOFNaQnJqMDZBWXZROUY4cTc1eGpSd3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEtZGQ2Y2M5N2M5YmRk
LzEvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDAmBAIAATAgMAwDBAC5l40D
BAS5l4ADBADCAAADBADCAAsDBADC9mAwNgQCAAIwMAMHACABBngAAgMHACABBngA
DgMJACoCBWgAAAACMBEDBgEqAgVo/gMHACoCBWj+AjANBgkqhkiG9w0BAQsFAAOC
AQEAQDY+LSY99oBycjobEcqBcU3hjAs+Z5TwZxjgfaV1nex0kHmTBVAjKOweL3uL
MMicMebGsaMdGJ+lTgaBuEfJQoYjSz4F84oc7pQaPn/XqgFGhz7SSLUEpRUX7ihK
dVxj0OWno0NELplg7OwleUlmI92PqenQS61eb3gv2bJh8whuVX/IQqY025xsLjkR
SEtB7d4qX4LSV/CCJh8eq8H55bz6YR8PwUcfmYNDgM4nbdklp+R5Du9i9/6M+Sqb
+k4vKPOJ+HuANY+zS1P/dTOdPWkCICYxt+wzt4JP/1ZZex8t/1vQJpR2Bn9p8uD6
SMF83sjw+5vOEINYtpbnArHfWA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:09 2025 by rpki-client