Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/nL_1bYeFeKL5Xx9MeHBaV7KVCls.roa
File: nL_1bYeFeKL5Xx9MeHBaV7KVCls.roa (raw, json)
Hash identifier: ueHffGBTVUN/Cf6g1PJ3GgDD3LmWJOu+ZidtmcRlMDU=
Subject key identifier: 9C:BF:F5:6D:87:85:78:A2:F9:5F:1F:4C:78:70:5A:57:B2:95:0A:5B
Certificate issuer: /CN=486c2d8af4ce50ce6f43e7df44e0b503700a86c0
Certificate serial: 018B47EEAEF8583BB1D44CBFD787CAB9921B
Authority key identifier: 48:6C:2D:8A:F4:CE:50:CE:6F:43:E7:DF:44:E0:B5:03:70:0A:86:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGwtivTOUM5vQ-ffROC1A3AKhsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/nL_1bYeFeKL5Xx9MeHBaV7KVCls.roa
Signing time: Thu 19 Oct 2023 12:35:06 +0000
ROA not before: Thu 19 Oct 2023 12:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201295
IP address blocks: 185.252.28.0/24 maxlen: 24
185.252.30.0/24 maxlen: 24
185.252.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:ee:ae:f8:58:3b:b1:d4:4c:bf:d7:87:ca:b9:92:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=486c2d8af4ce50ce6f43e7df44e0b503700a86c0
Validity
Not Before: Oct 19 12:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cbff56d878578a2f95f1f4c78705a57b2950a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2a:87:f4:ee:f3:46:e3:82:9e:22:49:6c:05:
19:ea:c2:45:1a:71:f5:50:af:db:dc:a5:17:e1:ab:
84:09:41:d0:66:f0:47:09:15:86:01:a1:db:41:ee:
0e:b1:7c:aa:e9:0a:77:24:a5:5d:ba:2a:b4:cc:bf:
60:79:35:3b:2f:d6:ad:82:da:f4:c0:68:97:98:cb:
74:61:3c:cf:15:5e:d8:59:fc:a0:c6:0e:3a:08:28:
52:8a:e2:b6:d3:d4:4c:ad:7c:d9:46:29:7e:0c:44:
bb:32:e5:7f:f8:4c:8e:d1:06:09:c1:1e:fc:fc:aa:
3a:05:4c:16:5b:6c:04:ed:d3:83:a7:92:cd:e1:35:
e2:4d:2d:cf:ac:39:11:ab:81:03:e5:5d:cc:33:27:
32:7b:c5:f2:f8:95:16:00:b3:38:f7:b3:1e:6a:1c:
af:4a:14:3a:7c:a6:bb:4a:54:6d:24:7e:d1:b1:67:
74:0e:e7:f6:66:75:2e:bd:4b:a3:cc:99:99:9b:e6:
00:46:88:31:0c:a8:f2:8e:dd:58:ef:ae:48:cd:c5:
c6:09:29:b5:ad:92:f9:37:47:e7:5c:bf:3e:e6:cb:
35:aa:80:d6:59:d5:87:fb:a2:4a:b0:da:0e:ff:34:
9c:63:89:fc:d7:ec:b9:15:a8:4c:1f:8a:08:56:4d:
57:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BF:F5:6D:87:85:78:A2:F9:5F:1F:4C:78:70:5A:57:B2:95:0A:5B
X509v3 Authority Key Identifier:
keyid:48:6C:2D:8A:F4:CE:50:CE:6F:43:E7:DF:44:E0:B5:03:70:0A:86:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGwtivTOUM5vQ-ffROC1A3AKhsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/nL_1bYeFeKL5Xx9MeHBaV7KVCls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/SGwtivTOUM5vQ-ffROC1A3AKhsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.28.0-185.252.30.255
Signature Algorithm: sha256WithRSAEncryption
89:b2:19:9a:eb:e5:cd:ec:b3:ff:4b:70:8c:28:15:14:f2:20:
28:b3:2f:5d:e8:88:46:65:de:4a:a6:e6:a0:9e:04:1f:f3:65:
9f:aa:fe:1d:a0:4c:fb:c6:66:3c:38:e3:f1:3a:22:49:1d:af:
d9:b3:37:1b:80:ec:44:c0:0d:09:cc:32:7a:56:a2:6d:d5:68:
3b:ba:04:4d:ee:07:b4:c2:fc:c5:67:f1:c4:01:bd:bb:5d:b7:
61:10:b6:36:77:aa:3f:5e:e1:17:89:c7:b1:af:8e:f6:da:61:
a2:87:9d:74:df:f4:45:b4:3a:da:cf:a4:5c:0c:b6:74:fc:11:
29:f2:c1:1c:9e:c9:e0:ee:cc:e1:e5:42:ec:13:ed:80:71:83:
4e:e6:d1:1f:d0:b3:46:c7:50:6d:d3:4a:a8:70:30:f1:18:e5:
f1:6f:45:c9:12:c9:3a:c0:27:27:26:84:71:58:e9:f1:42:38:
08:f6:97:2d:49:e5:a6:3e:38:81:96:83:65:9d:96:48:b9:fc:
8b:9c:23:c3:1f:7c:cd:81:d6:99:8d:0f:2e:21:8a:98:2d:66:
24:6f:de:6e:d9:b3:17:ee:2f:bf:48:33:8f:fe:74:5c:51:ef:
ce:db:a0:92:31:0b:a3:84:25:6e:f1:79:16:a6:7e:79:98:ea:
b8:81:ff:df
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtH7q74WDux1Ey/14fKuZIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NmMyZDhhZjRjZTUwY2U2ZjQzZTdkZjQ0ZTBiNTAzNzAw
YTg2YzAwHhcNMjMxMDE5MTIzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2JmZjU2ZDg3ODU3OGEyZjk1ZjFmNGM3ODcwNWE1N2IyOTUwYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCqH9O7zRuOCniJJbAUZ6sJFGnH1
UK/b3KUX4auECUHQZvBHCRWGAaHbQe4OsXyq6Qp3JKVduiq0zL9geTU7L9atgtr0
wGiXmMt0YTzPFV7YWfygxg46CChSiuK209RMrXzZRil+DES7MuV/+EyO0QYJwR78
/Ko6BUwWW2wE7dODp5LN4TXiTS3PrDkRq4ED5V3MMycye8Xy+JUWALM497Meahyv
ShQ6fKa7SlRtJH7RsWd0Duf2ZnUuvUujzJmZm+YARogxDKjyjt1Y765IzcXGCSm1
rZL5N0fnXL8+5ss1qoDWWdWH+6JKsNoO/zScY4n81+y5FahMH4oIVk1XMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJy/9W2HhXii+V8fTHhwWleylQpbMB8GA1UdIwQY
MBaAFEhsLYr0zlDOb0Pn30TgtQNwCobAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0d3dGl2VE9VTTV2US1mZlJPQzFBM0FLaHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kODI3YzAtZDZkNS00OGY2LThmNDUt
ZjFhNWRkZDc3OThiLzEvbkxfMWJZZUZlS0w1WHg5TWVIQmFWN0tWQ2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kODI3YzAtZDZkNS00OGY2LThmNDUtZjFhNWRkZDc3OThi
LzEvU0d3dGl2VE9VTTV2US1mZlJPQzFBM0FLaHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5/BwD
BAC5/B4wDQYJKoZIhvcNAQELBQADggEBAImyGZrr5c3ss/9LcIwoFRTyICizL13o
iEZl3kqm5qCeBB/zZZ+q/h2gTPvGZjw44/E6Ikkdr9mzNxuA7ETADQnMMnpWom3V
aDu6BE3uB7TC/MVn8cQBvbtdt2EQtjZ3qj9e4ReJx7GvjvbaYaKHnXTf9EW0OtrP
pFwMtnT8ESnywRyeyeDuzOHlQuwT7YBxg07m0R/Qs0bHUG3TSqhwMPEY5fFvRckS
yTrAJycmhHFY6fFCOAj2ly1J5aY+OIGWg2Wdlki5/IucI8MffM2B1pmNDy4hipgt
ZiRv3m7ZsxfuL79IM4/+dFxR787boJIxC6OEJW7xeRamfnmY6riB/98=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:55 2025 by rpki-client