Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/CiZDKG31YXyoyLR03iFOeDFxl-I.roa
File: CiZDKG31YXyoyLR03iFOeDFxl-I.roa (raw, json)
Hash identifier: 8hzY/oi59+3DKhjyylazfnPppEWDxtTR9F1t5/TuYTg=
Subject key identifier: 0A:26:43:28:6D:F5:61:7C:A8:C8:B4:74:DE:21:4E:78:31:71:97:E2
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 192737EA
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/CiZDKG31YXyoyLR03iFOeDFxl-I.roa
Signing time: Mon 31 Jan 2022 07:32:06 +0000
ROA not before: Mon 31 Jan 2022 07:32:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197068
IP address blocks: 185.65.148.0/22 maxlen: 32
178.248.232.0/21 maxlen: 32
185.94.108.0/22 maxlen: 32
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 422000618 (0x192737ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Jan 31 07:32:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a2643286df5617ca8c8b474de214e78317197e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:33:ae:93:e0:c1:79:5b:1f:63:e7:2d:45:05:
75:a9:2b:df:3f:75:b8:63:31:53:20:7a:28:11:c9:
df:ff:63:fb:05:34:89:32:0e:4b:38:73:b4:ed:d6:
95:c0:40:9b:a2:ab:00:d3:74:dd:58:51:36:9d:79:
de:ca:a6:c3:8e:8d:99:7d:7e:2c:1f:d1:08:79:ab:
3f:55:da:e6:80:e1:5e:ac:d6:09:e2:67:2a:10:a8:
a0:88:4f:c2:ce:c9:19:d9:fc:8e:0b:0a:17:2c:3d:
ae:cb:db:e3:d1:55:8b:8b:4c:1b:67:5a:de:74:c6:
6c:07:8c:fe:45:1d:ac:4c:85:0c:bf:6a:e1:fe:52:
85:65:ce:d8:9c:fc:f7:83:d4:02:4c:77:12:aa:00:
a5:08:ca:18:21:b9:77:ba:04:86:93:a2:65:2b:e5:
78:5d:52:b5:ee:6f:65:9a:fc:d4:87:c9:ff:d9:6a:
22:f0:8a:86:da:fb:c3:20:9a:ae:a4:ae:78:51:16:
25:82:c6:86:52:77:c7:4b:5e:48:a3:44:e7:e7:7e:
24:d6:1c:66:04:31:7d:5c:b9:b6:a8:99:f0:91:d1:
42:15:69:fe:63:d9:81:99:52:42:2e:c1:6d:73:c1:
26:0c:a8:f3:c5:4f:d5:6d:61:e9:4b:b4:80:33:e3:
01:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:26:43:28:6D:F5:61:7C:A8:C8:B4:74:DE:21:4E:78:31:71:97:E2
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/CiZDKG31YXyoyLR03iFOeDFxl-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
41:3c:9e:86:b3:03:a2:15:5b:76:ce:f3:53:76:a4:83:6f:4a:
31:cb:3e:0b:d4:46:f4:ea:98:2d:54:b6:45:c7:11:0e:66:f5:
84:75:58:f1:fb:8c:c2:8d:11:dc:63:79:ea:5a:f3:e0:a2:66:
44:0f:05:c3:b7:b8:2e:41:40:14:1f:ac:0e:32:7a:4e:45:44:
59:dd:d8:9b:47:79:6f:5a:25:94:61:a6:12:42:c1:68:d4:b6:
ea:5f:f6:4b:1a:1b:01:4c:32:6a:26:0b:1a:6a:e6:8c:24:65:
14:a6:d3:32:85:9b:3c:31:b7:76:14:2a:54:11:e2:0b:75:5a:
b2:2f:5e:10:af:a6:02:d4:2e:fc:c9:58:b3:73:99:1f:52:c6:
39:47:fb:51:9d:49:76:55:72:1a:f0:18:7c:c9:a8:7a:cf:94:
f2:46:66:32:a1:f6:2e:99:20:37:e0:d2:f1:e8:47:5c:1a:01:
eb:54:8e:59:8f:2d:2b:15:af:71:f6:3f:d9:b1:70:9c:3c:26:
3f:c4:fb:eb:71:4b:f7:17:15:cd:66:6c:18:9a:d3:98:bf:7d:
02:d4:72:6a:48:35:06:83:69:8b:4c:b3:71:f5:2c:e9:ef:b9:
45:ff:31:77:f0:6d:42:98:91:07:28:d6:61:fd:99:0f:d7:c3:
b4:9f:53:13
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGSc36jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmI2MTBjZDQzYmFmY2VkOTE0ODBmYWJmZGNhYWU4MjA0OWZiZjcxMB4XDTIyMDEz
MTA3MzIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGEyNjQzMjg2ZGY1
NjE3Y2E4YzhiNDc0ZGUyMTRlNzgzMTcxOTdlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkzrpPgwXlbH2PnLUUFdakr3z91uGMxUyB6KBHJ3/9j+wU0
iTIOSzhztO3WlcBAm6KrANN03VhRNp153sqmw46NmX1+LB/RCHmrP1Xa5oDhXqzW
CeJnKhCooIhPws7JGdn8jgsKFyw9rsvb49FVi4tMG2da3nTGbAeM/kUdrEyFDL9q
4f5ShWXO2Jz894PUAkx3EqoApQjKGCG5d7oEhpOiZSvleF1Ste5vZZr81IfJ/9lq
IvCKhtr7wyCarqSueFEWJYLGhlJ3x0teSKNE5+d+JNYcZgQxfVy5tqiZ8JHRQhVp
/mPZgZlSQi7BbXPBJgyo88VP1W1h6Uu0gDPjAS8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQKJkMobfVhfKjItHTeIU54MXGX4jAfBgNVHSMEGDAWgBQCthDNQ7r87ZFI
D6v9yq6CBJ+/cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FyWVF6VU82X08yUlNBLXJfY3F1Z2dTZnYzRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvZTNkZWNjLTNlZjctNGNiMi04MWQxLTkwMTNjYTk5NmIxNi8x
L0NpWkRLRzMxWVh5b3lMUjAzaUZPZURGeGwtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
ZTNkZWNjLTNlZjctNGNiMi04MWQxLTkwMTNjYTk5NmIxNi8xL0FyWVF6VU82X08y
UlNBLXJfY3F1Z2dTZnYzRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA7L46AMEArlBlAMEArlebDANBAIA
AjAHAwUAKgNwwDANBgkqhkiG9w0BAQsFAAOCAQEAQTyehrMDohVbds7zU3akg29K
Mcs+C9RG9OqYLVS2RccRDmb1hHVY8fuMwo0R3GN56lrz4KJmRA8Fw7e4LkFAFB+s
DjJ6TkVEWd3Ym0d5b1ollGGmEkLBaNS26l/2SxobAUwyaiYLGmrmjCRlFKbTMoWb
PDG3dhQqVBHiC3Vasi9eEK+mAtQu/MlYs3OZH1LGOUf7UZ1JdlVyGvAYfMmoes+U
8kZmMqH2LpkgN+DS8ehHXBoB61SOWY8tKxWvcfY/2bFwnDwmP8T763FL9xcVzWZs
GJrTmL99AtRyakg1BoNpi0yzcfUs6e+5Rf8xd/BtQpiRByjWYf2ZD9fDtJ9TEw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:16 2025 by rpki-client