Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/64a063-5c4d-410c-86aa-24afcef4f3f5/1/ix4H5QtePoeDR8_mSW6qTQm8abk.roa
File: ix4H5QtePoeDR8_mSW6qTQm8abk.roa (raw, json)
Hash identifier: GTgWri7GESNNPsRH+tNNONdqf5FK0iuWc6vGPhpkW80=
Subject key identifier: 8B:1E:07:E5:0B:5E:3E:87:83:47:CF:E6:49:6E:AA:4D:09:BC:69:B9
Certificate issuer: /CN=0541ea1bf2adaadd36a622eb3ea835dc9bb6819b
Certificate serial: 04F9FCDB
Authority key identifier: 05:41:EA:1B:F2:AD:AA:DD:36:A6:22:EB:3E:A8:35:DC:9B:B6:81:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUHqG_Ktqt02piLrPqg13Ju2gZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/64a063-5c4d-410c-86aa-24afcef4f3f5/1/ix4H5QtePoeDR8_mSW6qTQm8abk.roa
Signing time: Sat 01 Jan 2022 02:51:44 +0000
ROA not before: Sat 01 Jan 2022 02:51:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34134
IP address blocks: 185.25.144.0/23 maxlen: 23
185.25.146.0/23 maxlen: 23
195.160.212.0/23 maxlen: 23
195.160.214.0/23 maxlen: 23
2a04:15c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83492059 (0x4f9fcdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0541ea1bf2adaadd36a622eb3ea835dc9bb6819b
Validity
Not Before: Jan 1 02:51:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b1e07e50b5e3e878347cfe6496eaa4d09bc69b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6b:98:fd:2d:ce:98:45:5c:0a:e3:a1:76:17:
3d:e8:ba:a4:55:b4:a4:5b:21:e3:83:d6:76:3e:55:
3e:c8:54:a0:38:97:be:37:f3:99:9c:8a:fb:17:64:
ed:a1:82:39:70:c4:a8:62:e7:04:23:29:4c:28:da:
07:a7:08:59:b1:22:6f:e0:51:32:e7:9d:92:24:10:
54:76:fd:0a:92:dc:74:51:9b:f5:aa:f8:60:b1:92:
a9:1b:a9:b8:49:35:ec:6a:3c:42:c0:90:89:99:0d:
cf:e2:24:f7:ae:ab:ba:76:57:f8:a4:9d:51:7d:7e:
10:00:85:98:12:d8:c3:37:f8:e3:6a:66:25:96:30:
74:6c:99:25:e5:a6:51:9e:2c:dc:29:4a:e4:c9:a7:
7b:db:07:c7:51:4e:ea:7e:01:c4:2d:23:d6:9f:1e:
73:43:13:5c:60:8e:c8:db:6a:d0:87:26:73:a4:db:
fe:c6:de:93:bf:0e:6c:19:87:8d:5d:de:a4:6f:49:
a5:db:30:e1:2b:36:0e:4b:5f:35:b6:5a:c9:10:c1:
77:ba:5a:ff:33:0b:aa:43:56:ca:88:06:05:6e:bc:
28:f8:a1:96:59:0f:bc:d4:ce:bd:e1:56:32:13:f7:
34:b3:89:e0:d7:b7:52:00:d4:df:4e:84:30:3e:ec:
13:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1E:07:E5:0B:5E:3E:87:83:47:CF:E6:49:6E:AA:4D:09:BC:69:B9
X509v3 Authority Key Identifier:
keyid:05:41:EA:1B:F2:AD:AA:DD:36:A6:22:EB:3E:A8:35:DC:9B:B6:81:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUHqG_Ktqt02piLrPqg13Ju2gZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/64a063-5c4d-410c-86aa-24afcef4f3f5/1/ix4H5QtePoeDR8_mSW6qTQm8abk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/64a063-5c4d-410c-86aa-24afcef4f3f5/1/BUHqG_Ktqt02piLrPqg13Ju2gZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.144.0/22
195.160.212.0/22
IPv6:
2a04:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:4e:a8:4d:a5:a7:6a:65:48:c7:5a:e2:df:7f:f7:c3:86:58:
b6:10:69:54:26:6d:ef:57:0e:fb:57:d3:3c:ed:2e:75:0e:d0:
41:d1:c8:a4:e5:07:b4:72:80:79:ef:c1:ee:b3:ff:05:c3:a5:
74:1c:82:ec:b9:f7:44:ae:71:67:89:3c:60:bf:b2:80:56:b6:
0a:a0:fe:95:a5:e2:67:59:38:f1:81:70:f2:95:01:2d:71:dd:
a7:fa:60:04:e5:4b:93:9a:34:92:41:82:50:47:bf:fc:28:53:
d0:dd:2b:6f:69:f9:03:7b:c0:4d:bc:d2:d9:b8:77:9c:2f:f6:
51:73:4f:a1:38:5d:77:cf:4d:45:96:5f:04:67:32:fb:c8:e6:
ac:79:47:a6:1d:19:da:02:51:40:f2:a4:9a:a8:35:77:62:6f:
b3:59:c7:38:e7:68:e8:53:38:2e:ed:d1:ed:a9:ef:03:ab:e7:
5d:ce:a2:71:db:a6:7e:91:fc:36:db:4b:e1:b4:38:53:22:85:
79:c2:89:57:34:eb:01:23:d0:63:ab:e8:f0:9a:9a:43:b3:2b:
1b:81:8c:ce:1a:64:e6:1d:58:52:22:0e:c3:6a:bb:f1:ff:fe:
b5:c6:d7:64:b2:dc:1c:ff:15:52:6f:20:e0:f7:ed:26:66:de:
4e:12:8c:82
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBPn82zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQxZWExYmYyYWRhYWRkMzZhNjIyZWIzZWE4MzVkYzliYjY4MTliMB4XDTIyMDEw
MTAyNTE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIxZTA3ZTUwYjVl
M2U4NzgzNDdjZmU2NDk2ZWFhNGQwOWJjNjliOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZrmP0tzphFXArjoXYXPei6pFW0pFsh44PWdj5VPshUoDiX
vjfzmZyK+xdk7aGCOXDEqGLnBCMpTCjaB6cIWbEib+BRMuedkiQQVHb9CpLcdFGb
9ar4YLGSqRupuEk17Go8QsCQiZkNz+Ik966runZX+KSdUX1+EACFmBLYwzf442pm
JZYwdGyZJeWmUZ4s3ClK5Mmne9sHx1FO6n4BxC0j1p8ec0MTXGCOyNtq0Icmc6Tb
/sbek78ObBmHjV3epG9Jpdsw4Ss2DktfNbZayRDBd7pa/zMLqkNWyogGBW68KPih
llkPvNTOveFWMhP3NLOJ4Ne3UgDU306EMD7sE+MCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSLHgflC14+h4NHz+ZJbqpNCbxpuTAfBgNVHSMEGDAWgBQFQeob8q2q3Tam
Ius+qDXcm7aBmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVSHFHX0t0cXQwMnBpTHJQcWcxM0p1Mmdacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNjRhMDYzLTVjNGQtNDEwYy04NmFhLTI0YWZjZWY0ZjNmNS8x
L2l4NEg1UXRlUG9lRFI4X21TVzZxVFFtOGFiay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NjRhMDYzLTVjNGQtNDEwYy04NmFhLTI0YWZjZWY0ZjNmNS8xL0JVSHFHX0t0cXQw
MnBpTHJQcWcxM0p1Mmdacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkZkAMEAsOg1DANBAIAAjAHAwUD
KgQVwDANBgkqhkiG9w0BAQsFAAOCAQEAdE6oTaWnamVIx1ri33/3w4ZYthBpVCZt
71cO+1fTPO0udQ7QQdHIpOUHtHKAee/B7rP/BcOldByC7Ln3RK5xZ4k8YL+ygFa2
CqD+laXiZ1k48YFw8pUBLXHdp/pgBOVLk5o0kkGCUEe//ChT0N0rb2n5A3vATbzS
2bh3nC/2UXNPoThdd89NRZZfBGcy+8jmrHlHph0Z2gJRQPKkmqg1d2Jvs1nHOOdo
6FM4Lu3R7anvA6vnXc6icdumfpH8NttL4bQ4UyKFecKJVzTrASPQY6vo8JqaQ7Mr
G4GMzhpk5h1YUiIOw2q78f/+tcbXZLLcHP8VUm8g4PftJmbeThKMgg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:14 2025 by rpki-client