Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-b740XxCtQOgGlVTsEdmfps5vA0.roa
File: 1-b740XxCtQOgGlVTsEdmfps5vA0.roa (raw, json)
Hash identifier: 7AChw7xTBylW/1fQYN5TKMwk3kFSMsfmYQbZK7VmFxA=
Subject key identifier: F9:BE:F8:D1:7C:42:B5:03:A0:1A:55:53:B0:47:66:7E:9B:39:BC:0D
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018C5248EEBC0895CAD0BB731E466CE54529
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-b740XxCtQOgGlVTsEdmfps5vA0.roa
Signing time: Sun 10 Dec 2023 05:52:40 +0000
ROA not before: Sun 10 Dec 2023 05:52:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 185.243.50.0/23 maxlen: 24
185.215.228.0/23 maxlen: 23
178.239.144.0/22 maxlen: 22
185.212.50.0/23 maxlen: 24
178.239.148.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:52:48:ee:bc:08:95:ca:d0:bb:73:1e:46:6c:e5:45:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 10 05:52:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9bef8d17c42b503a01a5553b047667e9b39bc0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2c:d2:7a:ec:d0:21:50:8f:83:e9:e0:c1:e5:
e4:21:2e:10:99:1b:0e:97:15:92:53:8e:5d:5c:f6:
24:75:97:fe:da:99:7f:10:78:8f:16:cf:4c:1f:7d:
e4:15:c2:64:19:fa:d5:df:69:ff:a9:9a:8f:0b:57:
57:33:31:b0:f4:e6:14:72:66:9a:55:6d:b0:a5:58:
25:b1:0c:b1:41:37:69:1b:81:f8:ed:bc:fd:a9:0a:
fb:03:ee:b3:60:9e:3c:9a:74:9b:d2:39:d4:c8:e0:
16:44:d1:5b:41:f8:f7:c8:6d:ca:53:6e:c5:26:10:
7c:93:e9:4c:f9:80:3d:8a:91:73:ca:3b:ba:7f:0d:
6b:86:83:78:e3:d6:db:8f:2d:1c:a0:7e:36:87:2e:
71:4a:2b:1c:a0:eb:10:39:7b:62:60:3b:65:96:51:
0d:9d:46:1c:c8:a0:6c:ce:28:65:81:24:d8:49:7f:
82:5c:77:e4:e9:85:8e:a1:01:dd:47:34:ce:41:cf:
1f:64:06:9e:12:ed:cb:93:d8:1d:8a:ab:b2:fa:16:
64:d9:00:46:98:26:5a:45:3a:0a:95:a4:f9:fe:05:
a7:6a:7b:9e:5b:65:8c:1b:41:72:c2:42:e3:09:34:
66:84:b9:2d:4c:2f:c1:e5:03:44:36:00:c3:d9:53:
62:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BE:F8:D1:7C:42:B5:03:A0:1A:55:53:B0:47:66:7E:9B:39:BC:0D
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-b740XxCtQOgGlVTsEdmfps5vA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.144.0-178.239.149.255
185.212.50.0/23
185.215.228.0/23
185.243.50.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:77:9e:af:28:6e:69:a3:df:6b:4a:89:74:47:c3:2d:c2:a1:
f6:00:42:30:7b:92:c5:1b:42:04:9f:01:0d:1e:fc:65:e1:36:
d1:dc:58:cf:ef:31:d3:5d:dd:29:c8:d2:f6:73:ae:d7:15:2e:
a9:c6:36:f0:12:df:07:73:8e:eb:d2:98:3f:95:a2:98:b7:c3:
f4:e3:f8:45:a2:7f:38:a0:1e:8f:24:68:86:41:84:7e:e8:ee:
3f:45:32:9d:04:22:7c:2a:14:37:47:27:c0:17:6c:2d:54:7d:
f1:db:49:60:d5:24:87:f9:65:88:3f:09:a4:a3:ee:f1:24:96:
e8:05:81:46:18:8d:e9:cc:fb:a7:f3:31:88:33:35:b3:54:b4:
b1:48:58:af:38:e5:97:79:60:7c:51:3e:cc:2c:3e:0d:cb:dc:
20:e1:1f:75:e0:0d:a3:10:6f:51:04:f7:88:f0:1f:d6:dd:07:
c7:10:04:53:5c:54:89:a8:99:1e:80:03:b9:37:88:9d:ef:7b:
af:62:65:61:bd:3b:f4:ee:96:84:08:16:b7:f6:b3:77:16:c5:
d8:4f:b6:6f:21:17:59:1c:2f:33:74:25:38:19:ed:6a:69:76:
cd:af:5d:d6:45:f2:e6:e7:46:53:f6:2d:da:d5:f0:af:92:b5:
4e:74:6c:a7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYxSSO68CJXK0LtzHkZs5UUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMjEwMDU1MjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJlZjhkMTdjNDJiNTAzYTAxYTU1NTNiMDQ3NjY3ZTliMzliYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyzSeuzQIVCPg+ngweXkIS4QmRsO
lxWSU45dXPYkdZf+2pl/EHiPFs9MH33kFcJkGfrV32n/qZqPC1dXMzGw9OYUcmaa
VW2wpVglsQyxQTdpG4H47bz9qQr7A+6zYJ48mnSb0jnUyOAWRNFbQfj3yG3KU27F
JhB8k+lM+YA9ipFzyju6fw1rhoN449bbjy0coH42hy5xSiscoOsQOXtiYDtlllEN
nUYcyKBszihlgSTYSX+CXHfk6YWOoQHdRzTOQc8fZAaeEu3Lk9gdiquy+hZk2QBG
mCZaRToKlaT5/gWnanueW2WMG0FywkLjCTRmhLktTC/B5QNENgDD2VNixwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPm++NF8QrUDoBpVU7BHZn6bObwNMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvMS1iNzQwWHhDdFFPZ0dsVlRzRWRtZnBzNXZBMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2
OS8xLzhUVXpPWjlWNjFMbXNpQU1mSzVDY3JkTlpHUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQEsu+Q
AwQBsu+UAwQBudQyAwQBudfkAwQBufMyMA0GCSqGSIb3DQEBCwUAA4IBAQB9d56v
KG5po99rSol0R8MtwqH2AEIwe5LFG0IEnwENHvxl4TbR3FjP7zHTXd0pyNL2c67X
FS6pxjbwEt8Hc47r0pg/laKYt8P04/hFon84oB6PJGiGQYR+6O4/RTKdBCJ8KhQ3
RyfAF2wtVH3x20lg1SSH+WWIPwmko+7xJJboBYFGGI3pzPun8zGIMzWzVLSxSFiv
OOWXeWB8UT7MLD4Ny9wg4R914A2jEG9RBPeI8B/W3QfHEARTXFSJqJkegAO5N4id
73uvYmVhvTv07paECBa39rN3FsXYT7ZvIRdZHC8zdCU4Ge1qaXbNr13WRfLm50ZT
9i3a1fCvkrVOdGyn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:57 2025 by rpki-client