Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/1-reVr58H8J6lKaut8U7R_fBftBU.roa
File: 1-reVr58H8J6lKaut8U7R_fBftBU.roa (raw, json)
Hash identifier: 8GDYroFYUKQ+a9Q3sIeA5u+o1o+HwsDCe1zwCOkK+mU=
Subject key identifier: FA:B7:95:AF:9F:07:F0:9E:A5:29:AB:AD:F1:4E:D1:FD:F0:5F:B4:15
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 0189F3F7270B606FD138DE22D30D75F45FBC
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/1-reVr58H8J6lKaut8U7R_fBftBU.roa
Signing time: Mon 14 Aug 2023 12:13:28 +0000
ROA not before: Mon 14 Aug 2023 12:13:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.28.0/22 maxlen: 24
188.64.104.0/22 maxlen: 24
188.64.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:f7:27:0b:60:6f:d1:38:de:22:d3:0d:75:f4:5f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Aug 14 12:13:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fab795af9f07f09ea529abadf14ed1fdf05fb415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ba:60:9a:11:6b:84:68:f7:2c:23:f5:5a:8c:
3b:fa:61:55:3d:65:b4:96:ed:e7:58:d8:d1:a5:09:
8c:6b:c3:c3:2f:fe:ce:44:da:eb:4e:76:21:b4:73:
6a:22:8d:b4:93:da:be:ed:c8:e6:5d:c5:e0:7b:9f:
e2:09:46:66:ec:be:cf:da:40:e2:23:c5:07:41:4d:
cd:34:b9:80:b5:d8:6e:40:de:bf:41:cf:69:6d:72:
d5:3c:88:3b:8b:ac:f9:a5:6d:49:5c:7d:02:15:78:
d8:11:52:ef:93:dd:fb:45:59:39:f1:3b:36:c6:da:
69:88:97:3d:ba:98:c9:96:3c:64:2d:d3:61:b1:44:
45:09:f8:ed:b5:d0:30:06:b3:f7:f4:4a:ca:ba:8a:
fa:5c:73:4b:3c:ef:55:9e:d7:39:ed:4a:8e:6f:6c:
d5:18:1a:cd:6c:a8:cb:d7:06:3a:2f:c2:b1:9c:3d:
34:90:cb:11:a9:7f:a3:18:40:16:64:69:7e:55:d0:
6f:d7:53:22:ac:8c:53:90:1b:b6:ba:29:17:dc:be:
9e:f3:11:ca:7e:1b:f6:f4:14:74:82:5a:8b:3d:9b:
53:1c:8c:9c:f7:ab:c4:59:60:cc:a5:82:35:5b:50:
53:e1:4a:d6:02:3f:0d:df:76:ac:57:c3:86:38:ee:
28:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B7:95:AF:9F:07:F0:9E:A5:29:AB:AD:F1:4E:D1:FD:F0:5F:B4:15
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/1-reVr58H8J6lKaut8U7R_fBftBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.28.0/22
188.64.104.0/21
Signature Algorithm: sha256WithRSAEncryption
00:45:05:df:1d:f2:5f:09:7c:80:e1:62:8e:04:14:f0:bd:c5:
b1:88:0a:45:92:34:14:56:01:d4:88:a0:f4:1d:5a:a9:54:95:
66:4c:b9:0c:8c:6f:1e:54:6b:c9:17:30:42:a0:26:b0:fc:64:
5b:01:31:08:3e:4d:80:3c:82:5b:ea:ed:bc:1b:4f:87:f6:f0:
bf:e9:29:2b:5c:05:00:be:9c:61:bd:8a:0c:32:d2:53:60:69:
2a:a9:b3:4e:1b:ae:8f:67:05:68:8e:29:84:32:f8:ae:47:6e:
01:fe:34:c6:45:76:70:d2:bb:25:41:ec:8f:08:ae:f5:53:c7:
e3:11:2c:a0:2e:32:ed:a8:dc:6e:96:3d:b3:8f:de:79:73:e1:
88:87:e3:d7:d4:18:79:62:ff:0b:6b:30:84:b2:0f:4e:3d:f0:
65:2e:91:9f:c1:02:70:2e:1a:82:a2:de:d4:1a:a3:1f:d9:d9:
d7:e8:f2:74:67:97:b6:0b:a9:4e:c0:75:bb:72:5c:b9:18:e9:
c9:46:f4:a9:4f:23:dc:0b:f7:2c:ac:ca:e4:6f:b2:30:4b:9a:
a6:79:4b:ba:fc:d5:d5:d2:d5:0c:9c:84:ec:b0:d4:27:44:ec:
bd:eb:93:1b:b0:2e:68:49:05:84:1b:28:71:a4:f6:ad:ce:0c:
2e:76:8d:bf
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYnz9ycLYG/RON4i0w119F+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwODE0MTIxMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWI3OTVhZjlmMDdmMDllYTUyOWFiYWRmMTRlZDFmZGYwNWZiNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibpgmhFrhGj3LCP1Wow7+mFVPWW0
lu3nWNjRpQmMa8PDL/7ORNrrTnYhtHNqIo20k9q+7cjmXcXge5/iCUZm7L7P2kDi
I8UHQU3NNLmAtdhuQN6/Qc9pbXLVPIg7i6z5pW1JXH0CFXjYEVLvk937RVk58Ts2
xtppiJc9upjJljxkLdNhsURFCfjttdAwBrP39ErKuor6XHNLPO9Vntc57UqOb2zV
GBrNbKjL1wY6L8KxnD00kMsRqX+jGEAWZGl+VdBv11MirIxTkBu2uikX3L6e8xHK
fhv29BR0glqLPZtTHIyc96vEWWDMpYI1W1BT4UrWAj8N33asV8OGOO4ofwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPq3la+fB/CepSmrrfFO0f3wX7QVMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvMS1yZVZyNThIOEo2bEthdXQ4VTdSX2ZCZnRCVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5
MC8xL0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlRHAME
A7xAaDANBgkqhkiG9w0BAQsFAAOCAQEAAEUF3x3yXwl8gOFijgQU8L3FsYgKRZI0
FFYB1Iig9B1aqVSVZky5DIxvHlRryRcwQqAmsPxkWwExCD5NgDyCW+rtvBtPh/bw
v+kpK1wFAL6cYb2KDDLSU2BpKqmzThuuj2cFaI4phDL4rkduAf40xkV2cNK7JUHs
jwiu9VPH4xEsoC4y7ajcbpY9s4/eeXPhiIfj19QYeWL/C2swhLIPTj3wZS6Rn8EC
cC4agqLe1BqjH9nZ1+jydGeXtgupTsB1u3JcuRjpyUb0qU8j3Av3LKzK5G+yMEua
pnlLuvzV1dLVDJyE7LDUJ0TsveuTG7AuaEkFhBsocaT2rc4MLnaNvw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:17 2025 by rpki-client