Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/F2vuViv27a6VA6lO_gQd8Il6uQw.roa
File: F2vuViv27a6VA6lO_gQd8Il6uQw.roa (raw, json)
Hash identifier: 5UETqI7Y5hq7J2qsTal6yUcIa8X22aTBUSSA1zWClKY=
Subject key identifier: 17:6B:EE:56:2B:F6:ED:AE:95:03:A9:4E:FE:04:1D:F0:89:7A:B9:0C
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 0186382EB07DD75FF2FE22523282AF5DDFB0
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/F2vuViv27a6VA6lO_gQd8Il6uQw.roa
Signing time: Thu 09 Feb 2023 21:57:09 +0000
ROA not before: Thu 09 Feb 2023 21:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31368
IP address blocks: 185.173.156.0/24 maxlen: 24
185.173.159.0/24 maxlen: 24
185.173.158.0/24 maxlen: 24
89.107.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:38:2e:b0:7d:d7:5f:f2:fe:22:52:32:82:af:5d:df:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Feb 9 21:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=176bee562bf6edae9503a94efe041df0897ab90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:92:92:ae:ea:7e:c5:84:97:12:de:c4:b2:5e:
b6:98:38:9e:3c:20:03:06:53:d8:11:d7:7f:3d:af:
27:27:50:b8:5a:52:69:a9:67:96:23:4c:d1:22:b9:
20:70:82:f6:b6:b7:c2:e5:5b:24:8e:26:01:24:46:
b0:77:89:63:50:1c:56:10:8b:aa:7c:36:66:0f:1e:
28:1c:fb:c0:8f:31:fe:df:48:c5:5d:3b:13:94:c1:
f3:1b:d9:69:0c:43:cc:fa:79:30:e1:a5:78:ef:23:
9c:49:0d:0a:7e:c4:75:35:e0:f0:a8:87:02:5e:b5:
5d:5b:30:07:d1:56:09:1d:5b:1d:64:54:92:7f:bd:
c9:d8:0b:87:d4:b0:a1:28:35:1c:58:6f:b1:ca:1d:
1e:ab:de:eb:6b:80:36:7f:1b:a4:79:5f:8c:a9:50:
3e:48:59:3f:4d:2c:25:ef:7f:bf:01:91:c5:df:8e:
ab:ec:4b:fe:15:c3:d0:0d:78:36:13:d4:73:62:12:
be:12:1a:73:cd:96:8c:4a:9c:30:3c:3e:cf:8c:64:
f1:9c:99:4a:b5:95:9e:99:b9:03:8c:22:41:50:a4:
ca:fb:a5:20:e4:ee:08:9e:4a:15:16:f4:04:4c:cc:
07:a9:38:d2:a9:48:26:f4:e1:90:f1:3b:68:7e:3a:
ac:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6B:EE:56:2B:F6:ED:AE:95:03:A9:4E:FE:04:1D:F0:89:7A:B9:0C
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/F2vuViv27a6VA6lO_gQd8Il6uQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/21
185.173.156.0/24
185.173.158.0/23
Signature Algorithm: sha256WithRSAEncryption
41:e2:eb:b4:c2:e4:8c:1d:34:e0:d1:fc:0f:1f:91:fb:c8:50:
c4:f2:d8:4f:75:34:33:8c:82:73:97:b4:fc:65:12:21:5e:12:
21:f5:14:34:1f:7f:3a:5f:f5:d2:bf:fe:5d:62:c2:51:f8:6b:
f2:5a:73:c6:ed:82:68:76:d2:1e:a9:e0:d8:06:11:59:25:f8:
b8:81:d9:bb:f3:ae:f5:dc:58:2a:86:1c:e7:58:91:81:91:77:
d3:2d:5d:43:be:85:ce:92:35:4b:53:bf:dd:8a:a8:b7:c1:05:
93:3b:76:e4:50:14:c0:a2:cc:10:ae:d4:81:78:95:33:88:75:
46:62:57:72:db:42:85:ad:3a:87:4c:14:2d:2a:47:c5:e4:47:
7f:75:f1:1f:ce:19:3c:a3:6b:83:d9:7c:4c:11:ec:41:41:4d:
cb:79:62:13:7b:74:7e:8f:07:cb:ec:de:05:df:84:88:b2:55:
91:cd:93:d5:bd:28:85:12:77:f5:e1:0d:f6:5f:8c:52:72:69:
81:5e:e3:fc:32:6b:a8:49:ac:11:9e:eb:49:42:85:78:a2:74:
a8:f7:f0:f6:29:87:39:24:24:29:bd:f6:93:89:cd:89:a6:14:
df:4c:20:ef:ad:17:d1:02:1b:67:40:36:e8:b4:03:39:86:58:
33:79:a1:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYY4LrB911/y/iJSMoKvXd+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMjA5MjE1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzZiZWU1NjJiZjZlZGFlOTUwM2E5NGVmZTA0MWRmMDg5N2FiOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJKSrup+xYSXEt7Esl62mDiePCAD
BlPYEdd/Pa8nJ1C4WlJpqWeWI0zRIrkgcIL2trfC5VskjiYBJEawd4ljUBxWEIuq
fDZmDx4oHPvAjzH+30jFXTsTlMHzG9lpDEPM+nkw4aV47yOcSQ0KfsR1NeDwqIcC
XrVdWzAH0VYJHVsdZFSSf73J2AuH1LChKDUcWG+xyh0eq97ra4A2fxukeV+MqVA+
SFk/TSwl73+/AZHF346r7Ev+FcPQDXg2E9RzYhK+EhpzzZaMSpwwPD7PjGTxnJlK
tZWembkDjCJBUKTK+6Ug5O4InkoVFvQETMwHqTjSqUgm9OGQ8TtofjqsVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBdr7lYr9u2ulQOpTv4EHfCJerkMMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvRjJ2dVZpdjI3YTZWQTZsT19nUWQ4SWw2dVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWWuAAwQA
ua2cAwQBua2eMA0GCSqGSIb3DQEBCwUAA4IBAQBB4uu0wuSMHTTg0fwPH5H7yFDE
8thPdTQzjIJzl7T8ZRIhXhIh9RQ0H386X/XSv/5dYsJR+GvyWnPG7YJodtIeqeDY
BhFZJfi4gdm786713FgqhhznWJGBkXfTLV1DvoXOkjVLU7/diqi3wQWTO3bkUBTA
oswQrtSBeJUziHVGYldy20KFrTqHTBQtKkfF5Ed/dfEfzhk8o2uD2XxMEexBQU3L
eWITe3R+jwfL7N4F34SIslWRzZPVvSiFEnf14Q32X4xScmmBXuP8MmuoSawRnutJ
QoV4onSo9/D2KYc5JCQpvfaTic2JphTfTCDvrRfRAhtnQDbotAM5hlgzeaF2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:34 2025 by rpki-client