Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/F1vp7aWkEFijRkneUe6vWZgmW4c.roa
File: F1vp7aWkEFijRkneUe6vWZgmW4c.roa (raw, json)
Hash identifier: +GDSO4X3S00/0/fKUgihIZSx/ta6b/f5dm7HfQ88XpI=
Subject key identifier: 17:5B:E9:ED:A5:A4:10:58:A3:46:49:DE:51:EE:AF:59:98:26:5B:87
Certificate issuer: /CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Certificate serial: 018572FA489432386F21B4D91E792F812100
Authority key identifier: 0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/F1vp7aWkEFijRkneUe6vWZgmW4c.roa
Signing time: Mon 02 Jan 2023 14:54:43 +0000
ROA not before: Mon 02 Jan 2023 14:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205367
IP address blocks: 185.220.181.0/24 maxlen: 24
185.220.180.0/24 maxlen: 24
185.220.183.0/24 maxlen: 24
185.220.180.0/22 maxlen: 22
185.220.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:48:94:32:38:6f:21:b4:d9:1e:79:2f:81:21:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Validity
Not Before: Jan 2 14:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=175be9eda5a41058a34649de51eeaf5998265b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:cf:cc:06:63:4a:b6:51:95:53:c9:ed:75:
e6:6b:51:58:82:c0:bd:ae:51:40:53:26:10:1a:fb:
4f:98:f3:d4:58:73:ae:0e:3b:40:ec:b5:bd:9f:07:
f2:0b:fc:68:51:80:65:56:27:2d:0a:d4:a8:99:80:
88:ac:af:38:81:3d:05:a0:74:20:6c:51:fc:b5:f5:
84:6e:b6:76:5d:41:aa:9b:92:28:a5:c8:c0:19:ac:
15:6e:9b:96:5c:93:64:c7:bb:a3:9b:18:91:fb:03:
35:f1:a8:2c:77:a0:14:38:64:9a:2f:fc:ee:09:4e:
4f:4f:48:42:4f:5c:60:e7:f0:ca:e3:38:fe:2e:3c:
c9:06:f2:80:1b:b3:f8:be:fb:43:93:ca:07:da:3e:
c1:01:93:61:40:f9:d6:31:cc:bf:34:4d:1c:64:e3:
a8:8e:3b:6c:d2:09:c2:e0:1b:11:7c:d5:10:cf:0f:
1e:aa:0c:ca:61:76:09:65:4f:85:a3:19:ce:c8:93:
d4:b5:12:5b:1e:14:65:f2:a3:26:c7:17:9a:a6:80:
c9:15:e7:2a:55:7d:22:60:c5:14:27:c9:ef:1f:82:
4c:c8:46:66:16:24:00:5c:84:b8:d8:cc:fd:a4:ae:
0d:c2:68:03:10:cd:f0:ef:70:7b:9b:fe:a5:a5:c1:
da:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5B:E9:ED:A5:A4:10:58:A3:46:49:DE:51:EE:AF:59:98:26:5B:87
X509v3 Authority Key Identifier:
keyid:0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/F1vp7aWkEFijRkneUe6vWZgmW4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.180.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:47:f2:f9:d7:e2:7b:77:28:c6:71:4d:eb:18:77:c6:c1:32:
77:7a:ee:f0:c3:b8:94:f9:d0:2f:51:54:e8:df:f3:ee:62:08:
6f:6e:37:c0:9d:37:8b:10:d5:06:2d:4a:26:e4:ac:ac:c1:67:
bd:d5:9b:d4:e4:41:1e:b2:e1:e4:fd:b1:c5:7e:7c:bf:a9:73:
0a:ba:31:16:b9:44:b5:cc:ee:89:31:2e:ea:91:25:1c:8e:10:
0f:0e:2d:7e:54:51:17:9a:bf:16:c7:15:ff:60:46:e6:38:5b:
d9:0e:54:b2:21:a3:6f:e5:54:99:e8:30:5e:7d:25:1c:88:4c:
a5:11:d6:8e:37:73:99:37:92:cf:23:75:d5:94:ac:cc:6d:44:
e3:5b:62:c6:4c:1b:a4:db:e1:7b:c5:1b:75:d0:84:e5:ab:77:
ed:60:af:5f:27:73:b6:dd:92:48:aa:12:0c:e2:f4:77:b0:52:
0a:a8:7e:7e:b9:95:54:b1:95:01:f7:a4:65:d9:ef:5f:1d:77:
ae:2f:79:30:b8:cc:6f:98:c0:93:78:5b:c7:a3:ce:36:1a:9f:
0e:03:86:ff:42:90:1f:bc:3e:5f:16:25:93:f2:1c:19:f0:2e:
0d:a9:49:98:09:ec:fd:1e:23:21:aa:ae:63:8d:4e:53:b0:93:
64:00:38:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+kiUMjhvIbTZHnkvgSEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTQyNzEwMWNiMmUyYmQ1NjUwODRkZTY0NzFmNmViNDhk
MjRmOTYwHhcNMjMwMTAyMTQ1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzViZTllZGE1YTQxMDU4YTM0NjQ5ZGU1MWVlYWY1OTk4MjY1Yjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR7PzAZjSrZRlVPJ7XXma1FYgsC9
rlFAUyYQGvtPmPPUWHOuDjtA7LW9nwfyC/xoUYBlVictCtSomYCIrK84gT0FoHQg
bFH8tfWEbrZ2XUGqm5IopcjAGawVbpuWXJNkx7ujmxiR+wM18agsd6AUOGSaL/zu
CU5PT0hCT1xg5/DK4zj+LjzJBvKAG7P4vvtDk8oH2j7BAZNhQPnWMcy/NE0cZOOo
jjts0gnC4BsRfNUQzw8eqgzKYXYJZU+FoxnOyJPUtRJbHhRl8qMmxxeapoDJFecq
VX0iYMUUJ8nvH4JMyEZmFiQAXIS42Mz9pK4NwmgDEM3w73B7m/6lpcHaMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdb6e2lpBBYo0ZJ3lHur1mYJluHMB8GA1UdIwQY
MBaAFArkJxAcsuK9VlCE3mRx9utI0k+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUt
N2M5ZTY4NGNjY2UyLzEvRjF2cDdhV2tFRmlqUmtuZVVlNnZXWmdtVzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUtN2M5ZTY4NGNjY2Uy
LzEvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudy0MA0G
CSqGSIb3DQEBCwUAA4IBAQC2R/L51+J7dyjGcU3rGHfGwTJ3eu7ww7iU+dAvUVTo
3/PuYghvbjfAnTeLENUGLUom5KyswWe91ZvU5EEesuHk/bHFfny/qXMKujEWuUS1
zO6JMS7qkSUcjhAPDi1+VFEXmr8WxxX/YEbmOFvZDlSyIaNv5VSZ6DBefSUciEyl
EdaON3OZN5LPI3XVlKzMbUTjW2LGTBuk2+F7xRt10ITlq3ftYK9fJ3O23ZJIqhIM
4vR3sFIKqH5+uZVUsZUB96Rl2e9fHXeuL3kwuMxvmMCTeFvHo842Gp8OA4b/QpAf
vD5fFiWT8hwZ8C4NqUmYCez9HiMhqq5jjU5TsJNkADhs
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:11 2025 by rpki-client