Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/1PUgglkqG3CPe6mqHWurOAbg8J8.roa
File: 1PUgglkqG3CPe6mqHWurOAbg8J8.roa (raw, json)
Hash identifier: BzIxkSL6LAFsKHqP/SMhvFF29lSBpWzuqMgghRNbeBM=
Subject key identifier: D4:F5:20:82:59:2A:1B:70:8F:7B:A9:AA:1D:6B:AB:38:06:E0:F0:9F
Certificate issuer: /CN=b2f27953ad4690c068fb40f9f356003379bb63f8
Certificate serial: 01856E38EBF8503BA8193D7B707C3A9BABD8
Authority key identifier: B2:F2:79:53:AD:46:90:C0:68:FB:40:F9:F3:56:00:33:79:BB:63:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/1PUgglkqG3CPe6mqHWurOAbg8J8.roa
Signing time: Sun 01 Jan 2023 16:45:02 +0000
ROA not before: Sun 01 Jan 2023 16:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9085
IP address blocks: 212.180.128.0/17 maxlen: 17
185.53.124.0/22 maxlen: 22
212.75.96.0/19 maxlen: 19
2001:4c30::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:eb:f8:50:3b:a8:19:3d:7b:70:7c:3a:9b:ab:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2f27953ad4690c068fb40f9f356003379bb63f8
Validity
Not Before: Jan 1 16:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4f52082592a1b708f7ba9aa1d6bab3806e0f09f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:e5:0c:23:a5:86:89:3e:2d:d8:b1:df:70:
70:f8:02:a2:39:d0:f6:a7:5d:34:b9:42:32:99:34:
09:50:16:63:0c:6a:3b:2f:97:e8:e6:df:a5:34:e5:
d1:94:c8:9c:a6:c5:87:63:0b:e9:c0:02:97:60:35:
83:31:ac:fb:b9:3f:e9:3e:a3:bb:ab:23:93:7f:11:
64:b1:9a:7d:40:24:07:62:d4:26:38:19:4b:4b:ac:
ec:c6:8f:25:7d:1a:c4:ce:6e:36:f1:96:cf:e8:28:
30:50:82:3d:52:d7:fa:dd:2f:ce:50:d2:18:d6:80:
40:4b:21:7e:9e:58:c6:ea:c8:29:dc:c5:23:fb:da:
e9:f3:65:43:d4:cf:8b:50:3f:67:7b:fb:d2:a8:97:
55:48:bf:a8:3e:9e:fb:53:43:a0:14:19:3d:cd:eb:
1b:a5:e6:27:c5:72:10:1b:b4:f4:c0:8f:68:79:11:
93:6e:26:80:16:18:31:de:97:fc:2a:62:67:01:30:
30:7c:10:a3:53:d1:76:3c:f1:59:cb:43:79:8a:e4:
de:7d:66:47:99:66:4b:b5:a4:d8:00:e4:a1:25:2e:
a3:ba:89:29:91:92:35:89:1a:66:bf:50:35:08:78:
ea:c6:d5:1c:dc:8c:41:4f:4a:84:c7:37:2d:65:ca:
c5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F5:20:82:59:2A:1B:70:8F:7B:A9:AA:1D:6B:AB:38:06:E0:F0:9F
X509v3 Authority Key Identifier:
keyid:B2:F2:79:53:AD:46:90:C0:68:FB:40:F9:F3:56:00:33:79:BB:63:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/1PUgglkqG3CPe6mqHWurOAbg8J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/svJ5U61GkMBo-0D581YAM3m7Y_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.124.0/22
212.75.96.0/19
212.180.128.0/17
IPv6:
2001:4c30::/32
Signature Algorithm: sha256WithRSAEncryption
1f:ba:fd:e9:5f:4b:1f:1c:f4:f2:cf:4d:0d:35:42:47:07:d7:
77:be:cb:eb:ec:2e:2e:2e:0f:3d:5c:5f:e3:3e:a2:7e:8f:55:
36:5a:2c:4d:b2:4e:47:49:ce:4c:14:32:61:b3:94:ca:23:6f:
79:60:61:3e:41:80:78:c0:67:73:77:b7:a4:d2:cf:23:b2:63:
7b:eb:65:18:0b:70:6c:d7:d3:c7:9b:8b:bc:e8:0a:6f:b6:14:
8d:3f:d8:8f:47:bd:b6:cb:c3:79:bf:ec:ce:96:b3:c8:8e:da:
72:05:1e:a7:e1:26:f8:fc:85:d9:19:f2:00:e3:a5:d1:ab:55:
e4:0c:9b:44:b8:0e:70:24:11:c2:3f:7f:11:6d:f5:92:41:31:
47:d3:5a:4d:0a:c3:98:28:f8:ad:9e:72:7f:42:ef:fc:86:c8:
24:05:6f:3c:99:d4:19:1c:58:9b:bf:95:fb:e2:5d:f4:8c:04:
aa:8c:14:94:59:f0:6e:21:75:4f:12:f1:f5:61:77:ed:17:c0:
0e:be:55:80:40:be:cd:96:50:75:d7:6d:4c:2a:a6:ca:d4:3e:
40:db:55:2b:66:70:7b:e3:e4:32:ef:0e:aa:74:81:d4:77:20:
5a:f3:a5:c3:6b:59:9b:bb:23:4b:00:ae:29:51:b9:8b:0f:fa:
d1:2b:2a:9e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuOOv4UDuoGT17cHw6m6vYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZjI3OTUzYWQ0NjkwYzA2OGZiNDBmOWYzNTYwMDMzNzli
YjYzZjgwHhcNMjMwMTAxMTY0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY1MjA4MjU5MmExYjcwOGY3YmE5YWExZDZiYWIzODA2ZTBmMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuPlDCOlhok+Ldix33Bw+AKiOdD2
p100uUIymTQJUBZjDGo7L5fo5t+lNOXRlMicpsWHYwvpwAKXYDWDMaz7uT/pPqO7
qyOTfxFksZp9QCQHYtQmOBlLS6zsxo8lfRrEzm428ZbP6CgwUII9Utf63S/OUNIY
1oBASyF+nljG6sgp3MUj+9rp82VD1M+LUD9ne/vSqJdVSL+oPp77U0OgFBk9zesb
peYnxXIQG7T0wI9oeRGTbiaAFhgx3pf8KmJnATAwfBCjU9F2PPFZy0N5iuTefWZH
mWZLtaTYAOShJS6juokpkZI1iRpmv1A1CHjqxtUc3IxBT0qExzctZcrFcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNT1IIJZKhtwj3upqh1rqzgG4PCfMB8GA1UdIwQY
MBaAFLLyeVOtRpDAaPtA+fNWADN5u2P4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ZKNVU2MUdrTUJvLTBENTgxWUFNM203WV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wODk3M2YtZmI2YS00MWU1LTg3MjAt
ZmI0Y2YxMzdjMWU5LzEvMVBVZ2dsa3FHM0NQZTZtcUhXdXJPQWJnOEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wODk3M2YtZmI2YS00MWU1LTg3MjAtZmI0Y2YxMzdjMWU5
LzEvc3ZKNVU2MUdrTUJvLTBENTgxWUFNM203WV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuTV8AwQF
1EtgAwQH1LSAMA0EAgACMAcDBQAgAUwwMA0GCSqGSIb3DQEBCwUAA4IBAQAfuv3p
X0sfHPTyz00NNUJHB9d3vsvr7C4uLg89XF/jPqJ+j1U2WixNsk5HSc5MFDJhs5TK
I295YGE+QYB4wGdzd7ek0s8jsmN762UYC3Bs19PHm4u86ApvthSNP9iPR722y8N5
v+zOlrPIjtpyBR6n4Sb4/IXZGfIA46XRq1XkDJtEuA5wJBHCP38RbfWSQTFH01pN
CsOYKPitnnJ/Qu/8hsgkBW88mdQZHFibv5X74l30jASqjBSUWfBuIXVPEvH1YXft
F8AOvlWAQL7NllB1121MKqbK1D5A21UrZnB74+Qy7w6qdIHUdyBa86XDa1mbuyNL
AK4pUbmLD/rRKyqe
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:37:31 2025 by rpki-client