Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/0e1bOfNYzEg1Ju2w6VadAEYcQTg.roa
File: 0e1bOfNYzEg1Ju2w6VadAEYcQTg.roa (raw, json)
Hash identifier: WzIUnsWogbkulyjqpcZEp+o9YFS0DaKeI1AgEsuOMu0=
Subject key identifier: D1:ED:5B:39:F3:58:CC:48:35:26:ED:B0:E9:56:9D:00:46:1C:41:38
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018CC3F53D53BA949C0C52E968F22E90A567
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/0e1bOfNYzEg1Ju2w6VadAEYcQTg.roa
Signing time: Mon 01 Jan 2024 07:37:58 +0000
ROA not before: Mon 01 Jan 2024 07:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.49.0/24 maxlen: 24
185.124.172.0/22 maxlen: 24
178.239.159.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:f5:3d:53:ba:94:9c:0c:52:e9:68:f2:2e:90:a5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 1 07:37:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1ed5b39f358cc483526edb0e9569d00461c4138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:da:be:d3:e6:e5:98:f2:ed:84:db:67:31:77:
19:78:0d:88:3e:58:0a:cf:70:37:37:d8:eb:da:2e:
14:a3:62:9b:50:f3:e0:43:1b:7d:32:38:37:cd:44:
b0:0d:af:56:2c:6c:11:08:1f:3f:4f:42:6a:26:b6:
69:0c:51:51:1c:d8:b3:1d:af:ca:29:21:52:f6:21:
cc:23:f6:aa:e7:90:e8:af:c9:58:fd:23:64:7c:69:
50:69:7f:d3:77:1f:3b:1d:c4:a7:f4:fd:ab:51:33:
e7:ee:71:5b:50:a1:4d:c7:25:99:cb:c3:0b:74:bf:
e2:e2:28:d2:e5:e3:6a:34:e1:d5:46:f8:f0:54:7c:
a2:47:c5:6b:9e:4c:81:7b:26:9c:78:3c:35:87:16:
b0:88:df:5b:94:c3:d8:92:e7:b2:6b:f6:dd:ad:88:
cd:51:f5:5a:94:c3:aa:5f:5c:8b:42:82:86:0a:0a:
65:d0:7d:8c:e7:a0:73:75:b3:e6:95:2a:3f:6b:a1:
2c:31:87:8a:9c:01:4b:dd:3a:e1:1a:19:50:3b:a4:
b0:c2:16:2f:79:44:70:19:f3:78:d3:2b:b7:31:93:
d8:36:05:82:39:05:49:31:76:df:71:d2:db:c6:ac:
57:60:6b:26:23:cf:f6:c7:e8:35:5a:02:aa:f7:35:
25:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:ED:5B:39:F3:58:CC:48:35:26:ED:B0:E9:56:9D:00:46:1C:41:38
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/0e1bOfNYzEg1Ju2w6VadAEYcQTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.159.0/24
185.26.34.0/23
185.124.172.0/22
185.243.49.0/24
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
4b:f8:1d:71:a2:f0:b9:24:40:32:af:1b:25:e6:09:9b:dd:51:
d7:f5:77:06:86:45:87:f6:cb:23:4c:04:02:c6:1a:66:0b:8c:
c0:31:76:c8:b1:30:58:45:e5:75:05:ef:4f:18:bc:17:1b:b2:
62:51:4e:a1:cd:45:b8:38:ca:07:78:75:8b:e1:8d:b8:67:de:
db:13:67:3a:49:b4:e4:61:4e:fd:21:e1:cc:11:a6:1a:68:20:
cd:76:ab:f6:6a:ec:2b:0c:44:f6:be:01:62:60:bd:98:80:40:
61:01:9c:27:00:71:87:f7:b0:b3:26:d4:d5:48:c0:18:7d:1e:
23:08:0f:6a:62:7a:6e:39:ad:33:0f:d5:bd:3e:8d:60:61:74:
c4:d7:2f:dd:36:df:8f:f8:74:95:c4:e8:1a:09:0c:8a:40:6e:
48:c2:9f:bf:90:0a:86:e0:17:3a:89:ab:d1:9c:5d:30:48:22:
65:47:91:17:89:f2:73:ac:d1:a0:66:73:23:f6:b7:f9:2d:f9:
df:33:bf:c3:77:b4:6b:6b:1a:04:34:4e:90:10:f2:3d:0f:0b:
63:95:26:92:ab:40:85:5a:f9:87:6e:01:29:98:35:29:dc:a7:
ad:93:85:46:a2:c5:ff:be:de:ff:8c:71:a9:24:7d:0b:18:d1:
82:ae:d0:4c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzD9T1TupScDFLpaPIukKVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTAxMDczNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWVkNWIzOWYzNThjYzQ4MzUyNmVkYjBlOTU2OWQwMDQ2MWM0MTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtq+0+blmPLthNtnMXcZeA2IPlgK
z3A3N9jr2i4Uo2KbUPPgQxt9Mjg3zUSwDa9WLGwRCB8/T0JqJrZpDFFRHNizHa/K
KSFS9iHMI/aq55Dor8lY/SNkfGlQaX/Tdx87HcSn9P2rUTPn7nFbUKFNxyWZy8ML
dL/i4ijS5eNqNOHVRvjwVHyiR8VrnkyBeyaceDw1hxawiN9blMPYkueya/bdrYjN
UfValMOqX1yLQoKGCgpl0H2M56BzdbPmlSo/a6EsMYeKnAFL3TrhGhlQO6SwwhYv
eURwGfN40yu3MZPYNgWCOQVJMXbfcdLbxqxXYGsmI8/2x+g1WgKq9zUlzQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNHtWznzWMxINSbtsOlWnQBGHEE4MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvMGUxYk9mTll6RWcxSnUydzZWYWRBRVljUVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAsu+fAwQB
uRoiAwQCuXysAwQAufMxMA0EAgACMAcDBQAqAHBAMA0GCSqGSIb3DQEBCwUAA4IB
AQBL+B1xovC5JEAyrxsl5gmb3VHX9XcGhkWH9ssjTAQCxhpmC4zAMXbIsTBYReV1
Be9PGLwXG7JiUU6hzUW4OMoHeHWL4Y24Z97bE2c6SbTkYU79IeHMEaYaaCDNdqv2
auwrDET2vgFiYL2YgEBhAZwnAHGH97CzJtTVSMAYfR4jCA9qYnpuOa0zD9W9Po1g
YXTE1y/dNt+P+HSVxOgaCQyKQG5Iwp+/kAqG4Bc6iavRnF0wSCJlR5EXifJzrNGg
ZnMj9rf5LfnfM7/Dd7RraxoENE6QEPI9DwtjlSaSq0CFWvmHbgEpmDUp3Ketk4VG
osX/vt7/jHGpJH0LGNGCrtBM
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:29:36 2025 by rpki-client