Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/80-RTqw0qonIVgHDOypLcCAUIyQ.roa
File: 80-RTqw0qonIVgHDOypLcCAUIyQ.roa (raw, json)
Hash identifier: F9yTZ5uuqxJdla5L3+8m51ondBZkMfGreIsrmJgpL4k=
Subject key identifier: F3:4F:91:4E:AC:34:AA:89:C8:56:01:C3:3B:2A:4B:70:20:14:23:24
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 0189FDB32AF98C6DA4212DAE116D3F1FCD53
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/80-RTqw0qonIVgHDOypLcCAUIyQ.roa
Signing time: Wed 16 Aug 2023 09:35:24 +0000
ROA not before: Wed 16 Aug 2023 09:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199775
IP address blocks: 185.95.108.0/22 maxlen: 24
185.6.152.0/22 maxlen: 24
185.242.218.0/24 maxlen: 24
185.208.240.0/22 maxlen: 22
185.168.135.0/24 maxlen: 24
185.168.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:b3:2a:f9:8c:6d:a4:21:2d:ae:11:6d:3f:1f:cd:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Aug 16 09:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f34f914eac34aa89c85601c33b2a4b7020142324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2a:ba:ed:e5:7f:4e:28:2a:ac:3b:4c:b2:9e:
05:82:cc:f0:86:f9:d2:90:97:c2:ed:57:f0:b7:e6:
4f:72:5f:3a:b0:e2:65:b6:9e:e2:eb:78:95:fb:34:
ee:58:4b:2a:72:d4:b2:bd:2c:e2:da:a5:e7:b9:a8:
0b:c9:6d:11:11:ee:ae:20:49:05:14:23:10:64:e1:
68:0f:13:ba:a4:6b:9d:1a:a6:5a:c1:dd:9f:b4:f1:
7d:02:15:0f:fc:a9:78:09:4d:bb:d4:a6:db:05:54:
2f:cc:c8:cb:72:a9:95:e3:cb:ef:2f:04:17:7e:1b:
67:11:60:a1:f9:ed:17:a1:88:b4:0c:37:89:55:85:
0b:f2:9c:28:5e:9a:b5:88:f6:3e:33:33:3e:9d:5e:
d5:13:d4:23:eb:23:2f:b5:d9:8b:0e:ea:41:df:aa:
79:57:44:96:32:f7:2b:54:a5:89:cd:3b:09:38:79:
e8:ac:0f:29:44:5a:5b:43:83:a9:98:c0:76:0a:5d:
ec:2d:02:f4:13:cc:1c:18:7c:6c:55:0e:0d:b1:32:
0d:dc:dd:41:90:16:1d:9f:80:d0:c1:aa:f2:71:75:
99:8e:32:dd:dc:7a:76:41:76:52:47:99:e7:95:f1:
ca:15:2f:91:aa:a4:ab:cc:36:8c:3a:89:7d:59:3c:
a0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:4F:91:4E:AC:34:AA:89:C8:56:01:C3:3B:2A:4B:70:20:14:23:24
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/80-RTqw0qonIVgHDOypLcCAUIyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.152.0/22
185.95.108.0/22
185.168.134.0/23
185.208.240.0/22
185.242.218.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b2:77:41:e0:f7:d0:62:7c:a8:a4:3f:18:32:4a:e9:3c:65:
08:77:b5:60:63:2e:5f:ed:a6:af:11:35:23:38:97:36:94:27:
fb:02:7a:b6:d8:12:27:c3:38:78:f3:ed:fd:7e:ea:4f:a1:ed:
3e:0b:7a:fe:28:be:99:ef:f4:b6:32:ed:31:5e:e5:2c:86:84:
95:d7:04:8b:aa:24:58:53:36:3c:70:aa:f2:eb:d0:5c:e1:4d:
a4:fe:24:ea:0b:3c:13:f3:b7:f6:22:66:00:9a:ea:12:d8:48:
21:93:b8:df:5f:62:90:3f:9a:a4:78:1d:33:92:cd:65:7a:fc:
a7:4a:4f:ae:40:6f:93:2d:2f:02:f7:32:88:68:59:9d:0a:e2:
17:e9:9a:ae:ad:ad:d8:a6:d8:27:84:5a:08:c8:ff:fb:39:c0:
91:74:d8:f6:ab:56:4c:db:82:5b:d1:93:f9:d5:4d:5e:26:33:
b7:f8:92:33:27:f2:ee:f2:05:ab:a0:db:5a:42:09:eb:57:ce:
03:76:ec:57:ef:66:15:7c:8d:8b:c9:ec:49:f6:d0:6a:01:f8:
48:a3:7d:0e:0e:92:8e:9d:fc:e1:b4:ce:9f:aa:bb:43:93:94:
d1:e3:8d:9e:4e:58:e4:f5:71:b8:9e:92:90:3e:4f:f6:2d:cc:
45:8a:9a:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYn9syr5jG2kIS2uEW0/H81TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjMwODE2MDkzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzRmOTE0ZWFjMzRhYTg5Yzg1NjAxYzMzYjJhNGI3MDIwMTQyMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCq67eV/TigqrDtMsp4FgszwhvnS
kJfC7Vfwt+ZPcl86sOJltp7i63iV+zTuWEsqctSyvSzi2qXnuagLyW0REe6uIEkF
FCMQZOFoDxO6pGudGqZawd2ftPF9AhUP/Kl4CU271KbbBVQvzMjLcqmV48vvLwQX
fhtnEWCh+e0XoYi0DDeJVYUL8pwoXpq1iPY+MzM+nV7VE9Qj6yMvtdmLDupB36p5
V0SWMvcrVKWJzTsJOHnorA8pRFpbQ4OpmMB2Cl3sLQL0E8wcGHxsVQ4NsTIN3N1B
kBYdn4DQwarycXWZjjLd3Hp2QXZSR5nnlfHKFS+RqqSrzDaMOol9WTygjwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPNPkU6sNKqJyFYBwzsqS3AgFCMkMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvODAtUlRxdzBxb25JVmdIRE95cExjQ0FVSXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuQaYAwQC
uV9sAwQBuaiGAwQCudDwAwQAufLaMA0GCSqGSIb3DQEBCwUAA4IBAQBMsndB4PfQ
YnyopD8YMkrpPGUId7VgYy5f7aavETUjOJc2lCf7Anq22BInwzh48+39fupPoe0+
C3r+KL6Z7/S2Mu0xXuUshoSV1wSLqiRYUzY8cKry69Bc4U2k/iTqCzwT87f2ImYA
muoS2Eghk7jfX2KQP5qkeB0zks1levynSk+uQG+TLS8C9zKIaFmdCuIX6Zqura3Y
ptgnhFoIyP/7OcCRdNj2q1ZM24Jb0ZP51U1eJjO3+JIzJ/Lu8gWroNtaQgnrV84D
duxX72YVfI2LyexJ9tBqAfhIo30ODpKOnfzhtM6fqrtDk5TR442eTljk9XG4npKQ
Pk/2LcxFipoN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:20 2025 by rpki-client