Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/g0N-TBsUEIwp5IPJom2VjQ9Vf90.roa
File: g0N-TBsUEIwp5IPJom2VjQ9Vf90.roa (raw, json)
Hash identifier: fqYGsj2rXEsxN/cCPLrjhATTwTA/utgfGec+Iv5hJWo=
Subject key identifier: 83:43:7E:4C:1B:14:10:8C:29:E4:83:C9:A2:6D:95:8D:0F:55:7F:DD
Certificate issuer: /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial: 01856E265E85835B73F5514D8587C91CC182
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/g0N-TBsUEIwp5IPJom2VjQ9Vf90.roa
Signing time: Sun 01 Jan 2023 16:24:46 +0000
ROA not before: Sun 01 Jan 2023 16:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61295
IP address blocks: 185.241.212.0/24 maxlen: 24
185.241.215.0/24 maxlen: 24
2a0c:bf80::/48 maxlen: 48
2a0c:bf81::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:5e:85:83:5b:73:f5:51:4d:85:87:c9:1c:c1:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
Validity
Not Before: Jan 1 16:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83437e4c1b14108c29e483c9a26d958d0f557fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:24:57:30:79:5b:29:6e:46:ec:b1:e8:88:b7:
1e:44:cc:54:d9:a1:21:ff:89:16:ea:0f:e9:45:95:
8a:6d:e0:f9:2a:c2:7b:0d:71:c9:0c:31:b5:7a:b0:
82:46:7f:f4:39:af:bc:49:7c:75:7e:8a:83:23:dc:
7e:56:26:67:ff:d0:49:49:28:cf:93:8a:0b:c5:9a:
8f:1b:82:9e:01:42:e6:ff:56:d2:84:ff:2f:e6:d2:
b3:d7:23:14:a6:9e:b1:89:e1:04:b8:16:5f:19:e3:
4f:a9:27:2a:16:30:32:f9:7f:91:9b:bb:58:2b:84:
21:4e:bb:cf:5e:85:d5:aa:41:d7:b8:9d:8e:4e:0e:
44:b3:ff:19:55:94:b2:57:d7:4e:67:f5:bd:2a:c3:
a4:9f:8e:0a:ed:f9:85:42:0a:b3:74:b6:ba:36:5c:
13:bc:4a:78:77:f1:f9:17:3d:df:26:e8:00:3d:2a:
bf:85:27:5d:b3:79:06:b3:69:c4:6f:44:6d:36:f8:
1f:71:1e:3b:67:31:72:7f:e6:92:3e:a2:76:4d:c2:
d9:af:2d:81:14:70:7d:5e:1e:45:13:30:8f:c8:61:
25:ce:00:76:5d:4d:94:2d:ad:8e:99:ce:f9:19:1b:
6a:28:20:07:ab:30:7e:ff:7e:1c:1a:e8:43:d5:20:
f9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:43:7E:4C:1B:14:10:8C:29:E4:83:C9:A2:6D:95:8D:0F:55:7F:DD
X509v3 Authority Key Identifier:
keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/g0N-TBsUEIwp5IPJom2VjQ9Vf90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.212.0/24
185.241.215.0/24
IPv6:
2a0c:bf80::/48
2a0c:bf81::/48
Signature Algorithm: sha256WithRSAEncryption
1d:57:ae:ba:d3:c3:d3:92:b0:dc:08:fd:28:fc:05:65:7b:38:
ef:7c:a1:66:93:eb:b7:d5:6d:aa:25:b3:63:2f:65:0d:4a:e5:
c1:ed:c6:9a:96:a6:b1:28:3a:05:d4:a4:28:2e:c3:b4:75:ab:
1a:58:41:07:db:41:0a:17:33:39:c3:78:0b:86:e4:0a:50:15:
f3:c5:f9:3a:34:ea:b5:97:1f:5c:d6:8b:0b:12:2e:25:a5:12:
5b:e2:d0:f1:10:49:5b:3e:94:bb:d9:45:cd:6c:70:2e:35:64:
4f:5c:e7:59:4f:ec:68:4c:f3:2b:22:24:5d:4f:63:15:9c:4b:
6c:0d:92:82:6f:22:ac:17:ad:f2:d3:9d:27:d5:2d:4b:3c:4e:
d0:cb:c6:6e:33:0e:ef:a6:94:e1:cd:05:b8:30:c2:ad:42:ec:
bf:6b:a0:be:fc:69:72:02:c7:24:21:66:fb:dd:2e:d2:a2:18:
1f:0d:a2:18:fb:64:b4:8b:77:3e:5c:1d:53:a0:4c:aa:40:f2:
ee:e5:79:59:e9:0f:48:54:aa:04:a6:78:7f:53:75:64:6e:fa:
12:60:9c:c3:2b:77:f4:c5:51:3f:ff:0b:75:50:fb:e9:9f:1b:
90:fc:42:c5:0d:dd:65:76:67:d1:4d:26:47:55:ee:6b:74:5b:
2d:24:f5:0e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuJl6Fg1tz9VFNhYfJHMGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWQwNDJmNjVlMWIxMzAzYTQ0ZTQzZTBlMDI3NDhhNzU4
MzdiNDQwHhcNMjMwMTAxMTYyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQzN2U0YzFiMTQxMDhjMjllNDgzYzlhMjZkOTU4ZDBmNTU3ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyRXMHlbKW5G7LHoiLceRMxU2aEh
/4kW6g/pRZWKbeD5KsJ7DXHJDDG1erCCRn/0Oa+8SXx1foqDI9x+ViZn/9BJSSjP
k4oLxZqPG4KeAULm/1bShP8v5tKz1yMUpp6xieEEuBZfGeNPqScqFjAy+X+Rm7tY
K4QhTrvPXoXVqkHXuJ2OTg5Es/8ZVZSyV9dOZ/W9KsOkn44K7fmFQgqzdLa6NlwT
vEp4d/H5Fz3fJugAPSq/hSdds3kGs2nEb0RtNvgfcR47ZzFyf+aSPqJ2TcLZry2B
FHB9Xh5FEzCPyGElzgB2XU2ULa2Omc75GRtqKCAHqzB+/34cGuhD1SD5YQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFINDfkwbFBCMKeSDyaJtlY0PVX/dMB8GA1UdIwQY
MBaAFIRdBC9l4bEwOkTkPg4CdIp1g3tEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgt
ZDhjMzUxZDkzZWM2LzEvZzBOLVRCc1VFSXdwNUlQSm9tMlZqUTlWZjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgtZDhjMzUxZDkzZWM2
LzEvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAufHUAwQA
ufHXMBgEAgACMBIDBwAqDL+AAAADBwAqDL+BAAAwDQYJKoZIhvcNAQELBQADggEB
AB1XrrrTw9OSsNwI/Sj8BWV7OO98oWaT67fVbaols2MvZQ1K5cHtxpqWprEoOgXU
pCguw7R1qxpYQQfbQQoXMznDeAuG5ApQFfPF+To06rWXH1zWiwsSLiWlElvi0PEQ
SVs+lLvZRc1scC41ZE9c51lP7GhM8ysiJF1PYxWcS2wNkoJvIqwXrfLTnSfVLUs8
TtDLxm4zDu+mlOHNBbgwwq1C7L9roL78aXICxyQhZvvdLtKiGB8Nohj7ZLSLdz5c
HVOgTKpA8u7leVnpD0hUqgSmeH9TdWRu+hJgnMMrd/TFUT//C3VQ++mfG5D8QsUN
3WV2Z9FNJkdV7mt0Wy0k9Q4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:38 2025 by rpki-client