Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/_lLxL5wZMR9-Moydqy6sD8DB26g.roa
File: _lLxL5wZMR9-Moydqy6sD8DB26g.roa (raw, json)
Hash identifier: AixWjdeVvGuZk9LZQEZ1ciEaF+NoSByq3gfqkSIWUhI=
Subject key identifier: FE:52:F1:2F:9C:19:31:1F:7E:32:8C:9D:AB:2E:AC:0F:C0:C1:DB:A8
Certificate issuer: /CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Certificate serial: 01891BF8B254B20316362D8A05B62F71F358
Authority key identifier: 26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/_lLxL5wZMR9-Moydqy6sD8DB26g.roa
Signing time: Mon 03 Jul 2023 13:37:10 +0000
ROA not before: Mon 03 Jul 2023 13:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34574
IP address blocks: 188.64.144.0/24 maxlen: 24
188.64.144.0/23 maxlen: 23
188.64.145.0/24 maxlen: 24
188.64.147.0/24 maxlen: 24
188.64.146.0/24 maxlen: 24
2a00:1120::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:f8:b2:54:b2:03:16:36:2d:8a:05:b6:2f:71:f3:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Validity
Not Before: Jul 3 13:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe52f12f9c19311f7e328c9dab2eac0fc0c1dba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:4b:12:ca:06:67:bd:28:4c:a8:ed:33:a5:
6d:b6:32:4b:1c:7a:70:a4:ba:03:27:b8:ff:26:b5:
db:e8:01:19:60:d7:cb:be:94:fe:89:97:aa:cb:77:
88:38:69:b7:87:e1:9a:91:8b:0a:e6:8d:d1:ef:64:
d8:47:ae:ab:46:6c:49:fd:3f:1f:40:0b:dc:e7:17:
25:26:cb:9b:0b:3b:11:21:88:a6:27:43:7e:fb:07:
36:20:c9:cd:62:6c:e4:18:f3:10:ad:25:ce:eb:a8:
c6:73:8e:72:e2:ad:be:29:e1:bf:85:a1:ef:df:c0:
38:eb:25:89:70:63:18:db:43:ef:d4:b4:17:4c:2a:
c8:58:f7:a6:f8:78:30:d1:2c:ee:dd:e9:5a:84:d1:
58:9d:fa:b9:8f:56:18:a0:91:d9:a9:bc:e1:dd:92:
f3:76:7b:02:35:ca:ff:20:99:59:cf:52:1c:30:c9:
14:10:69:87:9c:3d:b6:72:97:b6:c6:88:9a:e6:aa:
bb:62:ec:3b:c6:e9:89:34:01:5e:56:ad:74:66:a6:
cb:0e:1f:fc:18:1b:59:81:6a:e8:58:c1:9d:44:57:
51:40:47:e0:a8:f2:a5:82:f4:4d:c6:e2:5a:00:56:
4c:a8:1f:f2:a7:75:9c:11:3d:38:f5:88:8f:1c:fb:
42:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:52:F1:2F:9C:19:31:1F:7E:32:8C:9D:AB:2E:AC:0F:C0:C1:DB:A8
X509v3 Authority Key Identifier:
keyid:26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/_lLxL5wZMR9-Moydqy6sD8DB26g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.144.0/22
IPv6:
2a00:1120::/32
Signature Algorithm: sha256WithRSAEncryption
20:9f:56:71:50:ec:57:61:cc:e2:ad:43:b3:2b:c8:7a:d3:ac:
f9:33:b6:5a:16:7d:30:9f:eb:12:f9:da:b4:39:24:d2:f0:39:
c6:28:9f:ef:99:45:f3:7f:6f:ee:98:d5:39:e7:7d:21:0b:b1:
3a:74:ac:de:5d:e5:f0:24:13:e7:26:1f:3b:82:7c:81:d2:60:
3d:db:ff:19:f5:e8:14:4a:16:6c:70:62:6e:1b:05:76:a3:74:
41:9d:cf:32:63:0b:51:f6:8b:2d:82:e2:b2:a4:1a:67:54:d8:
5b:d5:03:9c:c4:23:38:50:f7:2b:dc:ee:af:48:52:a9:ba:1e:
45:ff:dc:1c:08:cd:35:8a:0d:70:a1:b7:e1:80:33:00:c2:b1:
e5:44:35:b8:f9:18:30:72:2d:87:2f:7f:a5:d8:d2:df:82:12:
f3:5f:fb:f3:13:af:9a:2a:65:c9:18:86:e9:79:66:b4:93:fc:
38:5b:93:1a:35:be:0d:01:f6:07:59:23:7b:73:e8:b2:81:1d:
12:06:68:4e:8a:dc:ef:c7:85:13:71:5f:11:17:aa:6f:34:a7:
c3:bc:8f:82:b1:5a:f1:4d:f4:84:05:3d:4f:e0:3f:f3:66:af:
df:ba:aa:e7:e9:42:ad:06:90:db:15:0e:f6:92:47:18:ce:19:
5a:e5:73:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkb+LJUsgMWNi2KBbYvcfNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OWY0ZjcxNDNiNDA2NzgwNWNiYTlhNDBmNjM5NzMyZWU3
ZDQyZTUwHhcNMjMwNzAzMTMzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUyZjEyZjljMTkzMTFmN2UzMjhjOWRhYjJlYWMwZmMwYzFkYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDRLEsoGZ70oTKjtM6VttjJLHHpw
pLoDJ7j/JrXb6AEZYNfLvpT+iZeqy3eIOGm3h+GakYsK5o3R72TYR66rRmxJ/T8f
QAvc5xclJsubCzsRIYimJ0N++wc2IMnNYmzkGPMQrSXO66jGc45y4q2+KeG/haHv
38A46yWJcGMY20Pv1LQXTCrIWPem+Hgw0Szu3elahNFYnfq5j1YYoJHZqbzh3ZLz
dnsCNcr/IJlZz1IcMMkUEGmHnD22cpe2xoia5qq7Yuw7xumJNAFeVq10ZqbLDh/8
GBtZgWroWMGdRFdRQEfgqPKlgvRNxuJaAFZMqB/yp3WcET049YiPHPtCOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP5S8S+cGTEffjKMnasurA/AwduoMB8GA1UdIwQY
MBaAFCafT3FDtAZ4BcuppA9jlzLufULlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnA5UGNVTzBCbmdGeTZta0QyT1hNdTU5UXVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jOTA4NjAtODEzOC00MzNjLWIyNGYt
OTJjNzgwY2EzMjYwLzEvX2xMeEw1d1pNUjktTW95ZHF5NnNEOERCMjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jOTA4NjAtODEzOC00MzNjLWIyNGYtOTJjNzgwY2EzMjYw
LzEvSnA5UGNVTzBCbmdGeTZta0QyT1hNdTU5UXVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCvECQMA0E
AgACMAcDBQAqABEgMA0GCSqGSIb3DQEBCwUAA4IBAQAgn1ZxUOxXYczirUOzK8h6
06z5M7ZaFn0wn+sS+dq0OSTS8DnGKJ/vmUXzf2/umNU5530hC7E6dKzeXeXwJBPn
Jh87gnyB0mA92/8Z9egUShZscGJuGwV2o3RBnc8yYwtR9ostguKypBpnVNhb1QOc
xCM4UPcr3O6vSFKpuh5F/9wcCM01ig1wobfhgDMAwrHlRDW4+Rgwci2HL3+l2NLf
ghLzX/vzE6+aKmXJGIbpeWa0k/w4W5MaNb4NAfYHWSN7c+iygR0SBmhOitzvx4UT
cV8RF6pvNKfDvI+CsVrxTfSEBT1P4D/zZq/fuqrn6UKtBpDbFQ72kkcYzhla5XOt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:30 2025 by rpki-client