Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/aed946-9efa-48b7-a8c7-1465a4b52136/1/1-y_kJqarTvFMSi-Zh96Mbyvr_DI.roa
File: 1-y_kJqarTvFMSi-Zh96Mbyvr_DI.roa (raw, json)
Hash identifier: GyT5w9c7kKFueaDs0kr3dZxOReRgroMO/EcsgeecRa8=
Subject key identifier: FB:2F:E4:26:A6:AB:4E:F1:4C:4A:2F:99:87:DE:8C:6F:2B:EB:FC:32
Certificate issuer: /CN=ff4cb09de82650ee4cc4327eab6770b7ab147efb
Certificate serial: 11DF96A7
Authority key identifier: FF:4C:B0:9D:E8:26:50:EE:4C:C4:32:7E:AB:67:70:B7:AB:14:7E:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0ywnegmUO5MxDJ-q2dwt6sUfvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/aed946-9efa-48b7-a8c7-1465a4b52136/1/1-y_kJqarTvFMSi-Zh96Mbyvr_DI.roa
Signing time: Sat 01 Jan 2022 07:57:02 +0000
ROA not before: Sat 01 Jan 2022 07:57:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198614
IP address blocks: 87.238.252.0/22 maxlen: 22
87.238.248.0/22 maxlen: 22
185.200.75.0/24 maxlen: 24
185.200.72.0/24 maxlen: 24
185.200.74.0/24 maxlen: 24
185.200.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 299865767 (0x11df96a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4cb09de82650ee4cc4327eab6770b7ab147efb
Validity
Not Before: Jan 1 07:57:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb2fe426a6ab4ef14c4a2f9987de8c6f2bebfc32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ee:ec:74:14:10:ed:63:86:50:fe:c4:2e:10:
50:50:4c:3f:49:6e:ba:2e:93:48:96:12:f1:e2:3e:
7d:98:36:94:c9:d5:45:8d:c9:66:b9:13:c9:0d:ae:
75:f4:43:7c:0a:64:f7:7a:d0:5f:50:6d:c7:05:53:
b0:5a:fb:4f:ae:b3:d3:5b:af:37:d7:56:3f:87:ac:
cd:e6:f0:c2:ba:f3:14:17:97:71:86:27:dd:c1:3f:
13:b3:63:27:af:92:37:d7:de:2d:ec:81:05:4c:68:
30:6d:9e:4a:fe:f9:13:ff:69:d7:13:88:8e:6d:1b:
e1:73:0c:dd:76:a6:2d:7f:dd:22:05:f3:bb:8f:da:
55:0b:38:73:ca:88:5b:75:4f:cc:c7:0a:17:cf:2d:
74:5a:b5:9d:d0:4e:58:4a:90:d9:91:db:d3:6e:9a:
ce:5d:bd:e4:e6:e4:61:7b:14:1e:d4:47:90:95:56:
89:0f:a2:b0:76:f2:99:5c:30:d2:be:47:fc:f3:c8:
30:3d:75:62:42:36:fc:ec:ea:f4:a8:c2:cc:69:f4:
5d:a5:99:3b:7d:c7:85:e3:4f:f7:a9:c9:65:6b:64:
2c:95:e8:26:c3:4c:d5:a2:38:12:da:7e:43:5b:22:
69:1b:25:43:53:e3:1c:5e:e4:b4:f0:ff:78:9e:7f:
ca:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:2F:E4:26:A6:AB:4E:F1:4C:4A:2F:99:87:DE:8C:6F:2B:EB:FC:32
X509v3 Authority Key Identifier:
keyid:FF:4C:B0:9D:E8:26:50:EE:4C:C4:32:7E:AB:67:70:B7:AB:14:7E:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0ywnegmUO5MxDJ-q2dwt6sUfvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/aed946-9efa-48b7-a8c7-1465a4b52136/1/1-y_kJqarTvFMSi-Zh96Mbyvr_DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/aed946-9efa-48b7-a8c7-1465a4b52136/1/_0ywnegmUO5MxDJ-q2dwt6sUfvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.248.0/21
185.200.72.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:c2:e2:99:3d:e5:4b:04:ca:09:6a:e1:1b:af:92:67:3c:57:
ae:c1:8c:f0:3b:f6:45:e1:d2:6e:b5:f7:a0:9a:ee:61:64:9f:
a5:21:26:30:be:70:60:11:30:4e:c4:ff:a6:68:63:1c:a0:81:
7c:10:1d:79:ab:c9:84:58:82:e1:80:29:21:87:0a:03:7f:88:
74:3a:22:17:7a:2c:64:cf:83:be:65:74:5d:41:56:74:8c:c1:
5d:d8:3a:c8:bf:db:da:76:6f:57:ae:68:55:1e:3b:aa:e0:18:
0a:a3:94:a7:47:b5:53:7a:9e:d6:c8:70:d9:02:14:71:8f:e0:
08:9d:5d:e4:7e:f2:6b:b4:18:d7:b7:a9:c8:bb:51:2f:97:c1:
1e:01:52:53:ef:e6:1a:ad:a4:41:ac:8d:e2:09:0e:9d:f2:a1:
76:54:2b:85:34:ab:6d:3a:1f:08:6b:b9:d1:1c:7f:ac:09:17:
f6:87:d4:a2:7f:08:b5:80:30:81:60:57:74:cc:8b:ef:f2:a1:
f8:d1:94:8e:56:fc:9f:4b:8c:15:ee:79:67:2e:e1:ac:fb:aa:
cc:c1:70:e6:b2:27:35:20:ec:6e:ab:9f:e7:50:0e:f0:cc:da:
49:b1:ab:78:c0:60:b8:80:42:72:06:fd:33:9c:39:5c:8c:f1:
ae:17:77:4a
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEEd+WpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjRjYjA5ZGU4MjY1MGVlNGNjNDMyN2VhYjY3NzBiN2FiMTQ3ZWZiMB4XDTIyMDEw
MTA3NTcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIyZmU0MjZhNmFi
NGVmMTRjNGEyZjk5ODdkZThjNmYyYmViZmMzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPu7HQUEO1jhlD+xC4QUFBMP0luui6TSJYS8eI+fZg2lMnV
RY3JZrkTyQ2udfRDfApk93rQX1BtxwVTsFr7T66z01uvN9dWP4eszebwwrrzFBeX
cYYn3cE/E7NjJ6+SN9feLeyBBUxoMG2eSv75E/9p1xOIjm0b4XMM3XamLX/dIgXz
u4/aVQs4c8qIW3VPzMcKF88tdFq1ndBOWEqQ2ZHb026azl295ObkYXsUHtRHkJVW
iQ+isHbymVww0r5H/PPIMD11YkI2/Ozq9KjCzGn0XaWZO33HheNP96nJZWtkLJXo
JsNM1aI4Etp+Q1siaRslQ1PjHF7ktPD/eJ5/yokCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT7L+QmpqtO8UxKL5mH3oxvK+v8MjAfBgNVHSMEGDAWgBT/TLCd6CZQ7kzE
Mn6rZ3C3qxR++zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18weXduZWdtVU81TXhESi1xMmR3dDZzVWZ2cy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvYWVkOTQ2LTllZmEtNDhiNy1hOGM3LTE0NjVhNGI1MjEzNi8x
LzEteV9rSnFhclR2Rk1TaS1aaDk2TWJ5dnJfREkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYx
L2FlZDk0Ni05ZWZhLTQ4YjctYThjNy0xNDY1YTRiNTIxMzYvMS9fMHl3bmVnbVVP
NU14REotcTJkd3Q2c1VmdnMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANX7vgDBAK5yEgwDQYJKoZIhvcN
AQELBQADggEBADzC4pk95UsEyglq4Ruvkmc8V67BjPA79kXh0m6196Ca7mFkn6Uh
JjC+cGARME7E/6ZoYxyggXwQHXmryYRYguGAKSGHCgN/iHQ6Ihd6LGTPg75ldF1B
VnSMwV3YOsi/29p2b1euaFUeO6rgGAqjlKdHtVN6ntbIcNkCFHGP4AidXeR+8mu0
GNe3qci7US+XwR4BUlPv5hqtpEGsjeIJDp3yoXZUK4U0q206HwhrudEcf6wJF/aH
1KJ/CLWAMIFgV3TMi+/yofjRlI5W/J9LjBXueWcu4az7qszBcOayJzUg7G6rn+dQ
DvDM2kmxq3jAYLiAQnIG/TOcOVyM8a4Xd0o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:37 2025 by rpki-client