Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/rIhoPG_hbVgL48aclm1jorPTYmE.roa
File: rIhoPG_hbVgL48aclm1jorPTYmE.roa (raw, json)
Hash identifier: dNNX2AD2WhTB6n9thJCHmEDVFEFonbs8U3sV65k+REk=
Subject key identifier: AC:88:68:3C:6F:E1:6D:58:0B:E3:C6:9C:96:6D:63:A2:B3:D3:62:61
Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial: 375FA885
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/rIhoPG_hbVgL48aclm1jorPTYmE.roa
Signing time: Sat 01 Jan 2022 11:54:41 +0000
ROA not before: Sat 01 Jan 2022 11:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31529
IP address blocks: 185.151.141.0/24 maxlen: 24
185.151.142.0/24 maxlen: 24
185.151.143.0/24 maxlen: 24
194.0.0.0/24 maxlen: 24
194.0.11.0/24 maxlen: 24
194.246.96.0/24 maxlen: 24
2a02:568:fe00::/48 maxlen: 48
2001:678:e::/48 maxlen: 48
2a02:568:fe01::/48 maxlen: 48
2001:678:2::/48 maxlen: 48
2a02:568:fe02::/48 maxlen: 48
2a02:568:0:2::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 929015941 (0x375fa885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Validity
Not Before: Jan 1 11:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac88683c6fe16d580be3c69c966d63a2b3d36261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:79:d2:1c:1f:6b:c2:b3:87:19:19:25:c2:ab:
48:b7:e1:79:ca:c0:9f:c8:71:dd:de:17:4c:d6:20:
21:94:17:30:0f:b5:31:de:4b:90:cb:8a:79:25:3c:
cb:e3:0f:d1:71:79:b2:bf:d6:d8:63:f9:97:23:e3:
7b:3e:0e:0c:de:08:52:9b:9d:3d:25:53:c3:36:33:
a5:5f:81:0a:d9:cf:6e:06:9e:d4:45:bd:d1:c7:e7:
b1:e4:95:bc:f4:b5:00:c3:c9:d6:94:6e:c7:3f:c6:
59:c5:7f:08:05:2c:34:dc:e1:85:5e:1f:6b:83:20:
58:fe:67:fe:2a:21:5e:96:62:2b:41:7b:3f:92:ce:
f7:75:98:55:75:be:cd:9b:20:38:c1:1c:d0:21:02:
3d:cc:3f:a4:4e:c1:ce:f2:ca:d2:bd:6e:b2:39:80:
a3:f1:93:e0:84:85:d9:bb:fb:a8:5c:e3:f7:ac:33:
55:5d:e2:8a:e5:44:35:35:f8:60:c7:c2:2e:5d:a5:
9a:9a:37:04:62:67:94:00:ee:da:39:05:9c:29:a8:
4f:2a:9e:cb:5e:da:08:6d:91:d2:df:40:4a:b1:9b:
3d:16:77:e7:ab:b1:4f:80:5a:83:84:5f:eb:bc:29:
45:da:eb:a3:0b:18:28:cb:4a:61:6b:70:b3:34:4f:
6e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:88:68:3C:6F:E1:6D:58:0B:E3:C6:9C:96:6D:63:A2:B3:D3:62:61
X509v3 Authority Key Identifier:
keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/rIhoPG_hbVgL48aclm1jorPTYmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.141.0-185.151.143.255
194.0.0.0/24
194.0.11.0/24
194.246.96.0/24
IPv6:
2001:678:2::/48
2001:678:e::/48
2a02:568:0:2::/64
2a02:568:fe00::-2a02:568:fe02:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b4:d2:9c:0c:14:ed:74:9d:57:30:9b:d3:20:48:3c:5b:9c:43:
5f:3a:ed:36:c5:1a:ab:c5:dc:cc:a3:25:88:1f:27:35:f3:7d:
e6:77:23:54:96:41:9e:74:92:e3:5e:05:d5:27:00:d5:76:59:
f1:78:f8:6a:99:46:92:bd:2b:aa:dd:d4:99:19:17:1a:5f:de:
d1:72:a3:59:cd:47:91:3e:a3:0d:4a:6b:7a:99:73:b2:0c:4c:
86:cc:0e:4a:fa:c5:71:81:8c:0c:86:ad:d1:b2:b2:18:e0:5c:
32:33:8c:02:a7:59:11:e0:5e:68:43:48:17:51:57:02:ce:f3:
1b:c9:fd:a0:b1:d7:9a:89:45:66:18:f7:29:e3:aa:32:f4:d9:
41:b5:06:d6:a9:96:c0:25:95:b3:88:72:68:16:b2:bb:1d:a8:
5a:3b:75:fa:9b:df:0a:02:59:49:a3:e8:25:51:71:93:72:ed:
3b:ff:cb:05:09:0b:13:1e:8b:99:81:8a:7b:89:a2:3a:ac:5f:
45:1f:25:78:0e:89:1b:74:2e:18:32:f7:f0:49:05:50:e0:d4:
bb:5d:93:81:04:d4:6a:ee:fb:f6:a8:2e:80:95:9d:8f:41:97:
5c:b4:4e:d6:56:e5:69:81:5e:06:6a:d2:44:3a:e0:0d:7a:f1:
db:07:71:db
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEN1+ohTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NWIyOTZkNmI1MzRmZTNhMzJjYzFjM2E0ZTgxMzU4ZjIxNmM5M2M3MB4XDTIyMDEw
MTExNTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM4ODY4M2M2ZmUx
NmQ1ODBiZTNjNjljOTY2ZDYzYTJiM2QzNjI2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL950hwfa8KzhxkZJcKrSLfhecrAn8hx3d4XTNYgIZQXMA+1
Md5LkMuKeSU8y+MP0XF5sr/W2GP5lyPjez4ODN4IUpudPSVTwzYzpV+BCtnPbgae
1EW90cfnseSVvPS1AMPJ1pRuxz/GWcV/CAUsNNzhhV4fa4MgWP5n/iohXpZiK0F7
P5LO93WYVXW+zZsgOMEc0CECPcw/pE7BzvLK0r1usjmAo/GT4ISF2bv7qFzj96wz
VV3iiuVENTX4YMfCLl2lmpo3BGJnlADu2jkFnCmoTyqey17aCG2R0t9ASrGbPRZ3
56uxT4Bag4Rf67wpRdrrowsYKMtKYWtwszRPbqECAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBSsiGg8b+FtWAvjxpyWbWOis9NiYTAfBgNVHSMEGDAWgBRVspbWtTT+OjLM
HDpOgTWPIWyTxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZiS1cxclUwX2pveXpCdzZUb0UxanlGc2s4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvZDdhYjBjLTNjMjItNGM2MS1hMjAxLWRkNmNjOTdjOWJkZC8x
L3JJaG9QR19oYlZnTDQ4YWNsbTFqb3JQVFltRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
ZDdhYjBjLTNjMjItNGM2MS1hMjAxLWRkNmNjOTdjOWJkZC8xL1ZiS1cxclUwX2pv
eXpCdzZUb0UxanlGc2s4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwJgQCAAEwIDAMAwQAuZeNAwQEuZeAAwQAwgAAAwQA
wgALAwQAwvZgMDYEAgACMDADBwAgAQZ4AAIDBwAgAQZ4AA4DCQAqAgVoAAAAAjAR
AwYBKgIFaP4DBwAqAgVo/gIwDQYJKoZIhvcNAQELBQADggEBALTSnAwU7XSdVzCb
0yBIPFucQ1867TbFGqvF3MyjJYgfJzXzfeZ3I1SWQZ50kuNeBdUnANV2WfF4+GqZ
RpK9K6rd1JkZFxpf3tFyo1nNR5E+ow1Ka3qZc7IMTIbMDkr6xXGBjAyGrdGyshjg
XDIzjAKnWRHgXmhDSBdRVwLO8xvJ/aCx15qJRWYY9ynjqjL02UG1BtaplsAllbOI
cmgWsrsdqFo7dfqb3woCWUmj6CVRcZNy7Tv/ywUJCxMei5mBinuJojqsX0UfJXgO
iRt0Lhgy9/BJBVDg1Ltdk4EE1Gru+/aoLoCVnY9Bl1y0TtZW5WmBXgZq0kQ64A16
8dsHcds=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:04 2025 by rpki-client