Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/geZosc2U7KzDZ5BiSbePzJtaR4E.roa
File: geZosc2U7KzDZ5BiSbePzJtaR4E.roa (raw, json)
Hash identifier: odwTCRwF7LUiDdq8cK+9xBWkdF/nER4cBnWVm9H6aUU=
Subject key identifier: 81:E6:68:B1:CD:94:EC:AC:C3:67:90:62:49:B7:8F:CC:9B:5A:47:81
Certificate issuer: /CN=1bfe6b9a0e6898a7a2e9d84d3dbf6327b453e662
Certificate serial: 0186EFB16AF85EE149E55718F3CD877C68A9
Authority key identifier: 1B:FE:6B:9A:0E:68:98:A7:A2:E9:D8:4D:3D:BF:63:27:B4:53:E6:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_5rmg5omKei6dhNPb9jJ7RT5mI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/geZosc2U7KzDZ5BiSbePzJtaR4E.roa
Signing time: Fri 17 Mar 2023 13:10:27 +0000
ROA not before: Fri 17 Mar 2023 13:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202784
IP address blocks: 185.133.24.0/24 maxlen: 24
185.133.25.0/24 maxlen: 24
185.133.26.0/23 maxlen: 23
2a00:6700:1::/48 maxlen: 48
2a00:6700::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:b1:6a:f8:5e:e1:49:e5:57:18:f3:cd:87:7c:68:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bfe6b9a0e6898a7a2e9d84d3dbf6327b453e662
Validity
Not Before: Mar 17 13:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81e668b1cd94ecacc367906249b78fcc9b5a4781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5c:9f:bc:cc:ad:ae:15:bc:f3:a6:fc:ce:0d:
a6:de:72:0d:45:7b:b4:a0:31:6b:07:8c:5f:3e:dc:
b8:5c:b8:48:5b:31:d3:2b:dd:f9:38:a3:b3:c3:76:
9b:2c:b7:4b:f2:f1:8e:7c:8b:69:9a:54:83:b9:67:
45:5e:13:7e:87:0a:ea:b3:f2:70:00:fc:72:01:41:
c5:d4:60:dd:de:21:86:bf:39:d5:3d:37:7e:c3:ce:
14:83:a5:7d:1f:fc:27:89:99:bd:72:04:c5:ba:e6:
d1:f2:94:83:f2:af:ea:85:3d:c0:f8:1e:ec:c1:25:
50:de:61:60:6e:49:9e:b4:17:eb:46:42:df:fd:db:
13:e6:f8:e7:ed:71:17:4b:8e:69:d2:4c:2a:85:0f:
fc:fd:c9:ba:8b:22:4e:03:98:af:8a:5d:90:dc:87:
eb:2c:b0:08:7c:bb:0f:e3:41:98:db:9a:34:c1:ed:
14:42:6b:04:a7:49:9b:be:97:a1:d9:98:49:24:b1:
c9:b3:ca:5f:9b:9d:17:45:ec:92:e6:b2:88:44:f7:
11:9a:d4:72:4f:d7:6e:e2:a5:57:2c:61:7e:2a:72:
d7:15:3f:2d:91:4a:fc:a5:5b:c9:ab:72:cf:25:32:
d0:99:cf:4f:94:ca:86:38:6a:65:e0:3c:75:25:f3:
c6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E6:68:B1:CD:94:EC:AC:C3:67:90:62:49:B7:8F:CC:9B:5A:47:81
X509v3 Authority Key Identifier:
keyid:1B:FE:6B:9A:0E:68:98:A7:A2:E9:D8:4D:3D:BF:63:27:B4:53:E6:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_5rmg5omKei6dhNPb9jJ7RT5mI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/geZosc2U7KzDZ5BiSbePzJtaR4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/G_5rmg5omKei6dhNPb9jJ7RT5mI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.24.0/22
IPv6:
2a00:6700::/47
Signature Algorithm: sha256WithRSAEncryption
ca:da:12:d2:10:c3:4b:aa:23:b1:2c:ae:3e:67:85:61:7a:0a:
4f:95:73:85:c1:6a:96:e7:c4:dd:34:63:e3:ff:d5:b3:e1:ef:
cd:8b:ca:fd:99:28:ad:7a:6b:38:f6:14:64:30:51:df:c7:9d:
05:58:de:ef:45:cb:4e:35:6a:d1:46:b1:63:f0:42:87:d7:d9:
ee:4f:ef:9a:54:30:fb:48:c4:e2:b0:40:b2:89:a9:2a:e4:c3:
7a:da:1f:f1:c3:28:56:62:5d:74:d7:5d:a5:63:a5:9c:8d:a5:
7d:c6:84:0d:a6:4c:99:c8:0a:89:f5:b6:46:27:3f:17:f4:0c:
ef:f0:8e:bf:e5:0e:de:40:a7:f5:88:24:83:b8:94:6c:bd:4f:
dc:bc:41:9e:a0:df:06:2d:bb:bb:fc:82:c8:7b:13:1f:1e:32:
14:ac:35:e6:28:ec:29:90:96:94:54:0a:b2:13:c1:2a:67:93:
7c:29:b7:ec:20:a6:a0:08:4a:ea:5c:63:88:cc:e5:2a:b2:1f:
c9:3b:75:be:93:93:fc:81:93:ae:4a:56:00:ec:63:b1:ad:3a:
57:df:4f:6e:4e:15:95:95:c4:50:ca:4d:97:17:9a:f3:36:81:
e6:d3:6e:39:91:cf:c7:cd:1b:31:30:59:25:81:5d:73:e9:7e:
f4:d6:cb:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbvsWr4XuFJ5VcY882HfGipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZmU2YjlhMGU2ODk4YTdhMmU5ZDg0ZDNkYmY2MzI3YjQ1
M2U2NjIwHhcNMjMwMzE3MTMxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWU2NjhiMWNkOTRlY2FjYzM2NzkwNjI0OWI3OGZjYzliNWE0NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1yfvMytrhW886b8zg2m3nINRXu0
oDFrB4xfPty4XLhIWzHTK935OKOzw3abLLdL8vGOfItpmlSDuWdFXhN+hwrqs/Jw
APxyAUHF1GDd3iGGvznVPTd+w84Ug6V9H/wniZm9cgTFuubR8pSD8q/qhT3A+B7s
wSVQ3mFgbkmetBfrRkLf/dsT5vjn7XEXS45p0kwqhQ/8/cm6iyJOA5ivil2Q3Ifr
LLAIfLsP40GY25o0we0UQmsEp0mbvpeh2ZhJJLHJs8pfm50XReyS5rKIRPcRmtRy
T9du4qVXLGF+KnLXFT8tkUr8pVvJq3LPJTLQmc9PlMqGOGpl4Dx1JfPGOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIHmaLHNlOysw2eQYkm3j8ybWkeBMB8GA1UdIwQY
MBaAFBv+a5oOaJinounYTT2/Yye0U+ZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR181cm1nNW9tS2VpNmRoTlBiOWpKN1JUNW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hNTY3MjMtZDM3Yy00MTdiLWE4YTEt
NmUyMmJmNDM2MzA0LzEvZ2Vab3NjMlU3S3pEWjVCaVNiZVB6SnRhUjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hNTY3MjMtZDM3Yy00MTdiLWE4YTEtNmUyMmJmNDM2MzA0
LzEvR181cm1nNW9tS2VpNmRoTlBiOWpKN1JUNW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuYUYMA8E
AgACMAkDBwEqAGcAAAAwDQYJKoZIhvcNAQELBQADggEBAMraEtIQw0uqI7Esrj5n
hWF6Ck+Vc4XBapbnxN00Y+P/1bPh782Lyv2ZKK16azj2FGQwUd/HnQVY3u9Fy041
atFGsWPwQofX2e5P75pUMPtIxOKwQLKJqSrkw3raH/HDKFZiXXTXXaVjpZyNpX3G
hA2mTJnICon1tkYnPxf0DO/wjr/lDt5Ap/WIJIO4lGy9T9y8QZ6g3wYtu7v8gsh7
Ex8eMhSsNeYo7CmQlpRUCrITwSpnk3wpt+wgpqAISupcY4jM5SqyH8k7db6Tk/yB
k65KVgDsY7GtOlffT25OFZWVxFDKTZcXmvM2gebTbjmRz8fNGzEwWSWBXXPpfvTW
yxY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:38 2025 by rpki-client