Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/uXa7lC00Lvis0XHsRf-au1rI9ZI.roa
File: uXa7lC00Lvis0XHsRf-au1rI9ZI.roa (raw, json)
Hash identifier: qw0/4y2/8Z99N8K2f4eUt8eeSZeOsBEKZnJ5Y6jAat4=
Subject key identifier: B9:76:BB:94:2D:34:2E:F8:AC:D1:71:EC:45:FF:9A:BB:5A:C8:F5:92
Certificate issuer: /CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Certificate serial: 018572C3961AA1232F13869CD8E4E10601A2
Authority key identifier: 9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/uXa7lC00Lvis0XHsRf-au1rI9ZI.roa
Signing time: Mon 02 Jan 2023 13:54:58 +0000
ROA not before: Mon 02 Jan 2023 13:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213145
IP address blocks: 188.125.175.0/24 maxlen: 24
188.125.173.0/24 maxlen: 24
185.117.99.0/24 maxlen: 24
185.117.123.0/24 maxlen: 24
185.117.120.0/22 maxlen: 24
185.117.122.0/24 maxlen: 24
188.125.172.0/24 maxlen: 24
188.125.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:96:1a:a1:23:2f:13:86:9c:d8:e4:e1:06:01:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Validity
Not Before: Jan 2 13:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b976bb942d342ef8acd171ec45ff9abb5ac8f592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:e5:1f:24:6d:24:66:bc:9b:02:5a:07:ee:
73:be:ea:53:b0:04:a0:ac:8a:d8:67:ee:af:f8:02:
fc:b4:89:37:eb:19:fd:c8:2b:85:45:cb:cc:29:a7:
ad:e0:75:c0:27:d9:61:4b:6d:e1:b6:7c:ff:0e:4a:
02:3f:f6:7a:a0:0c:84:04:96:0d:4d:e1:64:b9:f2:
a0:d6:e1:e9:8e:33:aa:cb:c0:00:4f:8f:f2:18:ac:
00:a0:bc:e2:00:62:e3:70:10:2e:ec:71:09:5b:90:
12:30:14:a6:eb:a2:43:f1:3d:97:02:4a:71:f4:b4:
2c:ff:74:af:86:f7:cd:9c:8d:70:81:12:7f:a0:9f:
ea:c1:aa:b2:3b:3f:4b:b3:67:00:f2:fc:74:83:88:
ef:67:38:78:6e:15:94:99:18:ca:de:e8:58:22:69:
ab:0b:6b:c9:8a:03:9f:04:d2:61:42:0d:73:ab:87:
16:c0:30:d5:91:88:b4:aa:52:97:59:a6:b1:38:56:
21:a6:30:b7:20:bb:8a:89:ea:1c:22:24:2a:6f:76:
0e:f8:a4:e3:d5:3f:66:4d:5e:e2:c6:33:3b:c9:3e:
81:3e:8d:fe:38:a4:dc:6f:72:2c:53:f0:58:6d:aa:
44:1c:62:ad:fb:1b:b8:71:2d:3f:1c:24:a4:3b:2d:
c9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:76:BB:94:2D:34:2E:F8:AC:D1:71:EC:45:FF:9A:BB:5A:C8:F5:92
X509v3 Authority Key Identifier:
keyid:9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/uXa7lC00Lvis0XHsRf-au1rI9ZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/np5oh-p1cqZBEwbIewzAiTl6Y1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.99.0/24
185.117.120.0/22
188.125.171.0-188.125.173.255
188.125.175.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:f7:00:e6:15:9c:17:ed:63:d8:38:e9:01:ad:76:73:08:83:
dc:38:1f:9e:4b:ec:57:33:4e:9f:f2:89:4a:74:79:23:73:26:
fc:a8:87:ce:5c:7c:c7:fd:67:1b:92:80:9f:d9:b2:51:42:e1:
1d:fc:c1:58:0e:3f:43:b0:1b:3f:fa:89:a6:f9:c3:23:41:62:
2c:af:f5:99:9f:86:43:41:1e:fa:36:37:c0:8f:e8:2c:4e:46:
bc:f0:6a:4d:17:f8:ae:04:9d:1a:be:7b:a2:95:f1:03:84:0a:
d8:f5:41:b6:dc:ab:d1:6f:f0:79:30:34:ae:d2:7b:e7:80:e3:
8a:02:6c:29:9c:5a:ae:95:12:89:15:1c:0f:0e:e9:65:9e:4f:
e3:66:94:52:d2:6b:d4:4e:c2:4f:f2:fb:a3:1f:d8:2d:de:08:
a2:7a:6e:d8:f1:05:7e:ff:da:12:41:fa:74:00:d7:08:e1:40:
a8:58:80:1c:fc:03:e1:9b:2d:08:52:ae:f2:22:dc:a0:09:89:
d0:2f:a5:bc:8c:07:79:f1:69:33:39:4f:fb:1e:13:ec:8d:a2:
93:03:cf:4a:66:af:bb:e6:ff:a1:31:7c:3f:4c:ca:2d:51:7a:
25:24:e8:33:b1:9c:f3:bd:09:5c:c0:89:c8:1f:95:e6:38:f0:
2f:e8:13:37
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyw5YaoSMvE4ac2OThBgGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOWU2ODg3ZWE3NTcyYTY0MTEzMDZjODdiMGNjMDg5Mzk3
YTYzNTQwHhcNMjMwMTAyMTM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc2YmI5NDJkMzQyZWY4YWNkMTcxZWM0NWZmOWFiYjVhYzhmNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllDlHyRtJGa8mwJaB+5zvupTsASg
rIrYZ+6v+AL8tIk36xn9yCuFRcvMKaet4HXAJ9lhS23htnz/DkoCP/Z6oAyEBJYN
TeFkufKg1uHpjjOqy8AAT4/yGKwAoLziAGLjcBAu7HEJW5ASMBSm66JD8T2XAkpx
9LQs/3SvhvfNnI1wgRJ/oJ/qwaqyOz9Ls2cA8vx0g4jvZzh4bhWUmRjK3uhYImmr
C2vJigOfBNJhQg1zq4cWwDDVkYi0qlKXWaaxOFYhpjC3ILuKieocIiQqb3YO+KTj
1T9mTV7ixjM7yT6BPo3+OKTcb3IsU/BYbapEHGKt+xu4cS0/HCSkOy3JHwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLl2u5QtNC74rNFx7EX/mrtayPWSMB8GA1UdIwQY
MBaAFJ6eaIfqdXKmQRMGyHsMwIk5emNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAt
ZWM1MDhkZWM3NzkzLzEvdVhhN2xDMDBMdmlzMFhIc1JmLWF1MXJJOVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAtZWM1MDhkZWM3Nzkz
LzEvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAuXVjAwQC
uXV4MAwDBAC8fasDBAG8fawDBAC8fa8wDQYJKoZIhvcNAQELBQADggEBAG33AOYV
nBftY9g46QGtdnMIg9w4H55L7FczTp/yiUp0eSNzJvyoh85cfMf9ZxuSgJ/ZslFC
4R38wVgOP0OwGz/6iab5wyNBYiyv9ZmfhkNBHvo2N8CP6CxORrzwak0X+K4EnRq+
e6KV8QOECtj1Qbbcq9Fv8HkwNK7Se+eA44oCbCmcWq6VEokVHA8O6WWeT+NmlFLS
a9ROwk/y+6Mf2C3eCKJ6btjxBX7/2hJB+nQA1wjhQKhYgBz8A+GbLQhSrvIi3KAJ
idAvpbyMB3nxaTM5T/seE+yNopMDz0pmr7vm/6ExfD9Myi1ReiUk6DOxnPO9CVzA
icgfleY48C/oEzc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:38 2025 by rpki-client