Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/1ba6df-548c-44ea-b1d5-f4eb0ff5bb73/1/FwhefpwyxM6QqHq_mA1YO8jP51M.roa
File: FwhefpwyxM6QqHq_mA1YO8jP51M.roa (raw, json)
Hash identifier: a2c50AJEvjqWGL+5RNH1/AegRRiRXoS/sllX/quqrrs=
Subject key identifier: 17:08:5E:7E:9C:32:C4:CE:90:A8:7A:BF:98:0D:58:3B:C8:CF:E7:53
Certificate issuer: /CN=cb89ae63648fd1c89ed56a361bd8c1e11956bfba
Certificate serial: 01856D4A9750EAC573E9E1F0642F2E2C0872
Authority key identifier: CB:89:AE:63:64:8F:D1:C8:9E:D5:6A:36:1B:D8:C1:E1:19:56:BF:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y4muY2SP0cie1Wo2G9jB4RlWv7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/1ba6df-548c-44ea-b1d5-f4eb0ff5bb73/1/FwhefpwyxM6QqHq_mA1YO8jP51M.roa
Signing time: Sun 01 Jan 2023 12:24:43 +0000
ROA not before: Sun 01 Jan 2023 12:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205179
IP address blocks: 185.226.232.0/24 maxlen: 24
185.226.232.0/22 maxlen: 22
185.226.233.0/24 maxlen: 24
185.226.235.0/24 maxlen: 24
185.226.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:97:50:ea:c5:73:e9:e1:f0:64:2f:2e:2c:08:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb89ae63648fd1c89ed56a361bd8c1e11956bfba
Validity
Not Before: Jan 1 12:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17085e7e9c32c4ce90a87abf980d583bc8cfe753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:38:71:36:8f:ca:5e:53:f0:4c:0b:d7:7f:56:
3f:47:e1:1e:1a:75:4f:9f:92:e8:14:ce:ed:67:41:
4f:c2:2d:93:40:87:45:be:f0:31:91:d4:53:17:90:
22:75:62:db:bb:e2:9e:35:6b:af:51:6d:23:07:6b:
05:d9:86:28:bd:67:83:26:6c:20:50:59:ea:ab:67:
01:a7:c9:b1:03:81:c6:2a:4e:c6:1f:fa:c1:49:3d:
9d:e9:77:06:9f:7d:0c:6f:42:ac:c6:7c:de:5e:4d:
67:ac:ce:81:f3:49:90:9d:66:f3:ee:22:f7:20:57:
f4:57:4a:8b:de:b4:57:9e:3f:09:bb:a2:5b:4d:6f:
df:01:13:ac:c0:11:ac:9f:10:e7:72:f2:c8:b2:da:
ce:45:35:fc:f6:6b:36:48:a5:aa:1f:c6:71:24:49:
08:4c:44:1c:f1:fe:f4:4b:14:52:0b:10:9b:03:9b:
62:d2:29:19:59:74:b7:e6:3b:18:89:d8:d7:19:2d:
2f:bb:9c:35:c7:1b:e0:2d:21:93:86:08:32:85:21:
ef:1f:cb:26:8d:f1:b5:4a:6b:26:dc:46:ec:ca:ae:
a2:d1:68:69:43:8e:f5:fa:37:ef:5c:53:af:9c:c4:
94:a5:cf:94:0d:da:05:f5:a1:d6:02:2b:87:c1:6b:
c8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:08:5E:7E:9C:32:C4:CE:90:A8:7A:BF:98:0D:58:3B:C8:CF:E7:53
X509v3 Authority Key Identifier:
keyid:CB:89:AE:63:64:8F:D1:C8:9E:D5:6A:36:1B:D8:C1:E1:19:56:BF:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4muY2SP0cie1Wo2G9jB4RlWv7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1ba6df-548c-44ea-b1d5-f4eb0ff5bb73/1/FwhefpwyxM6QqHq_mA1YO8jP51M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1ba6df-548c-44ea-b1d5-f4eb0ff5bb73/1/y4muY2SP0cie1Wo2G9jB4RlWv7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.232.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:ec:56:d2:97:c9:69:2c:f5:94:f2:bf:08:7f:62:84:93:0c:
4a:1f:ee:f9:91:a2:f0:44:b5:97:83:29:96:5a:af:88:d4:ab:
03:a0:f7:df:fc:c7:c9:62:4f:e1:3f:df:0b:e5:27:d0:b3:c7:
ef:c6:9a:7a:e5:ef:bb:c2:88:3f:3a:5e:2d:52:04:59:c0:5d:
f3:33:21:38:21:72:1e:ad:ee:fd:c4:5e:f5:f3:e3:a5:92:fd:
ff:21:49:2a:40:51:f5:59:e8:d7:56:fd:2e:cd:ef:b7:21:82:
ce:1e:75:10:76:65:ac:de:b1:44:c1:c5:d5:cc:e7:b5:a4:4f:
c7:61:75:a6:23:8b:da:c7:d8:02:d9:15:52:6d:b1:d3:47:46:
c1:00:61:51:ee:64:f0:bd:35:09:fb:59:d3:66:71:6a:0b:ae:
73:8a:2f:94:06:67:a5:1a:99:80:a5:45:54:be:75:14:12:61:
a2:84:1a:4d:3a:40:15:66:4b:53:a0:f0:88:63:bf:10:ab:2d:
66:fa:a2:e9:0f:df:59:53:2d:2e:d6:c5:c1:2a:03:22:d9:e1:
52:ce:fa:32:c8:0d:78:25:52:0b:c7:ea:b7:fa:35:39:0b:6f:
2f:13:40:2a:70:63:fb:10:2c:db:94:b0:46:37:26:ea:e6:bc:
36:d2:f3:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSpdQ6sVz6eHwZC8uLAhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODlhZTYzNjQ4ZmQxYzg5ZWQ1NmEzNjFiZDhjMWUxMTk1
NmJmYmEwHhcNMjMwMTAxMTIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzA4NWU3ZTljMzJjNGNlOTBhODdhYmY5ODBkNTgzYmM4Y2ZlNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDhxNo/KXlPwTAvXf1Y/R+EeGnVP
n5LoFM7tZ0FPwi2TQIdFvvAxkdRTF5AidWLbu+KeNWuvUW0jB2sF2YYovWeDJmwg
UFnqq2cBp8mxA4HGKk7GH/rBST2d6XcGn30Mb0KsxnzeXk1nrM6B80mQnWbz7iL3
IFf0V0qL3rRXnj8Ju6JbTW/fAROswBGsnxDncvLIstrORTX89ms2SKWqH8ZxJEkI
TEQc8f70SxRSCxCbA5ti0ikZWXS35jsYidjXGS0vu5w1xxvgLSGThggyhSHvH8sm
jfG1Smsm3Ebsyq6i0WhpQ471+jfvXFOvnMSUpc+UDdoF9aHWAiuHwWvIdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBcIXn6cMsTOkKh6v5gNWDvIz+dTMB8GA1UdIwQY
MBaAFMuJrmNkj9HIntVqNhvYweEZVr+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRtdVkyU1AwY2llMVdvMkc5akI0UmxXdjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xYmE2ZGYtNTQ4Yy00NGVhLWIxZDUt
ZjRlYjBmZjViYjczLzEvRndoZWZwd3l4TTZRcUhxX21BMVlPOGpQNTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xYmE2ZGYtNTQ4Yy00NGVhLWIxZDUtZjRlYjBmZjViYjcz
LzEveTRtdVkyU1AwY2llMVdvMkc5akI0UmxXdjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueLoMA0G
CSqGSIb3DQEBCwUAA4IBAQCy7FbSl8lpLPWU8r8If2KEkwxKH+75kaLwRLWXgymW
Wq+I1KsDoPff/MfJYk/hP98L5SfQs8fvxpp65e+7wog/Ol4tUgRZwF3zMyE4IXIe
re79xF718+Olkv3/IUkqQFH1WejXVv0uze+3IYLOHnUQdmWs3rFEwcXVzOe1pE/H
YXWmI4vax9gC2RVSbbHTR0bBAGFR7mTwvTUJ+1nTZnFqC65zii+UBmelGpmApUVU
vnUUEmGihBpNOkAVZktToPCIY78Qqy1m+qLpD99ZUy0u1sXBKgMi2eFSzvoyyA14
JVILx+q3+jU5C28vE0AqcGP7ECzblLBGNybq5rw20vOF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:51 2025 by rpki-client