Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/1-g9XrHWneBf7lXgpc2sGSY0YDFU.roa
File: 1-g9XrHWneBf7lXgpc2sGSY0YDFU.roa (raw, json)
Hash identifier: uzDm2NVPdqmw5J9mUfSzphLbEg4M0Pn9WzVtcJveja8=
Subject key identifier: FA:0F:57:AC:75:A7:78:17:FB:95:78:29:73:6B:06:49:8D:18:0C:55
Certificate issuer: /CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Certificate serial: 5CD8
Authority key identifier: 04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/1-g9XrHWneBf7lXgpc2sGSY0YDFU.roa
Signing time: Thu 28 Apr 2022 17:12:42 +0000
ROA not before: Thu 28 Apr 2022 17:12:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49535
IP address blocks: 185.151.125.0/24 maxlen: 24
185.151.124.0/24 maxlen: 24
185.151.124.0/22 maxlen: 22
188.94.192.0/21 maxlen: 21
188.94.192.0/24 maxlen: 24
188.94.195.0/24 maxlen: 24
188.94.198.0/24 maxlen: 24
188.94.194.0/24 maxlen: 24
188.94.197.0/24 maxlen: 24
188.94.193.0/24 maxlen: 24
188.94.196.0/24 maxlen: 24
188.94.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23768 (0x5cd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Validity
Not Before: Apr 28 17:12:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa0f57ac75a77817fb957829736b06498d180c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ae:f9:fa:93:27:f1:79:61:10:4e:f4:11:bb:
26:3b:a5:fe:74:c1:8f:da:e8:60:00:f9:f3:0f:24:
4d:ba:af:f2:94:8d:9c:e3:62:42:cc:8e:8c:cd:88:
81:cf:63:c8:57:62:e6:30:31:a6:23:4a:c4:28:c4:
09:10:70:69:f9:b0:0e:b2:6d:a0:60:49:7e:10:bb:
42:4a:21:26:1b:61:3e:50:e4:87:1f:48:2b:fd:a4:
24:16:66:51:e8:f6:b5:ae:81:20:f8:51:09:53:3f:
64:88:c3:24:b2:a1:1c:09:1a:23:19:1e:72:f6:ca:
53:81:3a:a2:bc:f9:1a:3b:af:5c:82:0f:39:09:19:
89:aa:78:4b:c9:e3:95:5e:57:ec:71:47:47:9c:ec:
bb:8a:48:45:91:0c:e6:8c:c4:2e:4a:23:3a:33:b9:
f9:74:22:fd:ea:1c:1c:8b:0c:be:34:72:ad:ea:fc:
54:17:53:e0:3c:92:0a:29:42:ac:5d:75:95:58:e3:
4c:55:99:b2:7f:4b:c0:32:fe:dc:2d:4a:7e:3f:a2:
96:de:19:48:9e:bb:c0:93:a4:6e:42:b9:da:0f:ab:
47:f6:94:15:e5:d2:28:76:f3:b8:24:be:f3:ec:cf:
b4:06:94:f6:33:96:5d:df:75:84:6d:a5:9f:09:61:
d2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0F:57:AC:75:A7:78:17:FB:95:78:29:73:6B:06:49:8D:18:0C:55
X509v3 Authority Key Identifier:
keyid:04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/1-g9XrHWneBf7lXgpc2sGSY0YDFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.124.0/22
188.94.192.0/21
Signature Algorithm: sha256WithRSAEncryption
63:3b:1b:63:06:1e:4c:15:14:09:01:56:84:ff:db:6d:72:fc:
7b:01:10:03:6a:be:a0:a4:66:ba:f1:55:92:1c:38:d6:0f:d0:
f9:9a:70:fc:89:69:c3:d8:6a:8c:72:7e:9a:98:98:a2:ea:7b:
49:77:09:39:0d:a9:0c:75:c4:11:f4:ac:31:b9:ae:d1:e8:18:
78:ea:74:c0:75:87:6a:9e:de:20:84:81:6c:57:a3:98:32:54:
ec:20:61:5c:cb:16:44:d1:0f:9a:f1:b1:cd:fd:f9:01:03:47:
c4:9b:0f:0c:a1:ba:1d:6f:80:f5:06:7c:1b:25:2e:72:4a:3e:
0a:72:6e:00:62:fb:cd:3c:9e:5c:25:b8:a9:c1:99:e3:42:1a:
54:0c:a2:35:85:5c:b0:70:9a:70:ed:8c:7d:54:84:b5:c7:f7:
c2:2e:50:48:b9:d6:c7:ad:9a:f6:03:4e:2d:2d:98:50:86:2b:
5c:c3:bf:92:ec:f2:7c:fc:bd:f3:04:1b:4b:05:84:a7:3b:09:
99:7a:36:4f:66:3f:6d:ad:55:b2:af:7f:7f:d1:79:96:17:b6:
1c:9c:c2:f6:26:58:3c:c4:85:89:2d:ae:b1:47:ed:c1:b5:86:
28:82:0f:ee:99:6c:8b:fa:4a:92:87:9a:c7:c9:0c:aa:5a:a9:
70:38:66:f9
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgICXNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDQ2
N2E1NjIxMWIyMWU5YWM3Y2RjOGZiNjM5ZjMxMGE5MmMyMTA0YzAeFw0yMjA0Mjgx
NzEyNDJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGZhMGY1N2FjNzVhNzc4
MTdmYjk1NzgyOTczNmIwNjQ5OGQxODBjNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHrvn6kyfxeWEQTvQRuyY7pf50wY/a6GAA+fMPJE26r/KUjZzj
YkLMjozNiIHPY8hXYuYwMaYjSsQoxAkQcGn5sA6ybaBgSX4Qu0JKISYbYT5Q5Icf
SCv9pCQWZlHo9rWugSD4UQlTP2SIwySyoRwJGiMZHnL2ylOBOqK8+Ro7r1yCDzkJ
GYmqeEvJ45VeV+xxR0ec7LuKSEWRDOaMxC5KIzozufl0Iv3qHByLDL40cq3q/FQX
U+A8kgopQqxddZVY40xVmbJ/S8Ay/twtSn4/opbeGUieu8CTpG5CudoPq0f2lBXl
0ih287gkvvPsz7QGlPYzll3fdYRtpZ8JYdJJAgMBAAGjggIQMIICDDAdBgNVHQ4E
FgQU+g9XrHWneBf7lXgpc2sGSY0YDFUwHwYDVR0jBBgwFoAUBGelYhGyHprHzcj7
Y58xCpLCEEwwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9C
R2VsWWhHeUhwckh6Y2o3WTU4eENwTENFRXcuY2VyMIGOBggrBgEFBQcBCwSBgTB/
MH0GCCsGAQUFBzALhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzNkLzA0NWM0Yi1jMGQ3LTQ3NzgtOWY0NC04MjNhZDJjMmY1ZjEvMS8x
LWc5WHJIV25lQmY3bFhncGMyc0dTWTBZREZVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8w
NDVjNGItYzBkNy00Nzc4LTlmNDQtODIzYWQyYzJmNWYxLzEvQkdlbFloR3lIcHJI
emNqN1k1OHhDcExDRUV3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZd8AwQDvF7AMA0GCSqGSIb3DQEB
CwUAA4IBAQBjOxtjBh5MFRQJAVaE/9ttcvx7ARADar6gpGa68VWSHDjWD9D5mnD8
iWnD2GqMcn6amJii6ntJdwk5DakMdcQR9Kwxua7R6Bh46nTAdYdqnt4ghIFsV6OY
MlTsIGFcyxZE0Q+a8bHN/fkBA0fEmw8Mobodb4D1BnwbJS5ySj4Kcm4AYvvNPJ5c
JbipwZnjQhpUDKI1hVywcJpw7Yx9VIS1x/fCLlBIudbHrZr2A04tLZhQhitcw7+S
7PJ8/L3zBBtLBYSnOwmZejZPZj9trVWyr39/0XmWF7YcnML2Jlg8xIWJLa6xR+3B
tYYogg/umWyL+kqSh5rHyQyqWqlwOGb5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:35 2025 by rpki-client