Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/B5XXle3iKK-QcG2IK51meXoXBHQ.roa
File: B5XXle3iKK-QcG2IK51meXoXBHQ.roa (raw, json)
Hash identifier: vlbuFTJQ9nLuM/6aWN+4IWeleMopr5f5iEs346aKMlM=
Subject key identifier: 07:95:D7:95:ED:E2:28:AF:90:70:6D:88:2B:9D:66:79:7A:17:04:74
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018635B262B20F0878B0119BBC348B2560F5
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/B5XXle3iKK-QcG2IK51meXoXBHQ.roa
Signing time: Thu 09 Feb 2023 10:22:08 +0000
ROA not before: Thu 09 Feb 2023 10:22:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 185.243.50.0/23 maxlen: 24
185.215.228.0/23 maxlen: 23
178.239.144.0/22 maxlen: 22
185.212.50.0/23 maxlen: 24
178.239.148.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:b2:62:b2:0f:08:78:b0:11:9b:bc:34:8b:25:60:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Feb 9 10:22:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0795d795ede228af90706d882b9d66797a170474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:94:46:0d:78:94:31:71:1a:b9:d7:55:6c:ad:
8d:55:77:fa:25:20:f8:29:a4:84:d1:60:8e:58:55:
00:73:5a:f6:5b:0e:a1:ec:67:9c:4b:b2:66:fb:31:
e0:cd:f1:a6:78:3c:3c:89:c1:d0:16:5e:62:18:3c:
a5:76:bc:fb:3f:bd:d6:34:83:b6:37:8f:72:0b:0f:
df:1f:a5:63:e8:76:a1:2e:ab:70:7b:45:f7:10:c9:
f5:3b:cb:a3:a8:0b:d3:bd:4b:b3:1b:ce:b5:4a:4e:
4c:5c:10:e3:22:2e:74:19:63:ba:9f:aa:19:36:8d:
f4:71:72:08:b7:27:c9:f8:89:a7:8a:e5:85:ce:f8:
81:47:de:7c:dc:dc:fc:47:4c:9e:40:34:3f:70:ca:
14:8e:49:9e:54:ca:03:ff:19:1e:4c:32:48:42:81:
1c:f8:8d:73:75:62:94:72:c7:fc:dc:7a:c9:55:23:
c2:12:ca:2d:74:b2:69:1f:91:08:4e:73:7d:59:25:
00:fd:24:05:d7:76:c6:e0:81:e5:e5:11:c0:4e:b6:
5e:c6:28:b6:62:e9:6d:6e:38:81:1b:ea:64:9e:ae:
3e:23:2a:7e:4c:6a:7b:55:c4:35:f8:50:bd:e8:6a:
ee:13:12:70:da:d7:49:c3:f4:76:d3:5b:ff:a4:e6:
2d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:95:D7:95:ED:E2:28:AF:90:70:6D:88:2B:9D:66:79:7A:17:04:74
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/B5XXle3iKK-QcG2IK51meXoXBHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.144.0-178.239.149.255
185.212.50.0/23
185.215.228.0/23
185.243.50.0/23
Signature Algorithm: sha256WithRSAEncryption
82:b4:55:dc:9e:e3:d9:1c:e4:36:e9:5e:28:28:93:77:ba:d3:
b8:cc:ee:b3:b4:6b:53:9b:69:00:57:45:37:63:a9:bf:ff:e1:
c2:3a:4a:b2:d7:1c:c2:57:06:34:3e:05:ec:8d:bc:9f:f0:3a:
ae:fc:47:78:80:31:62:6d:15:e8:24:d6:47:9d:84:db:3f:a7:
45:b2:ce:96:c9:12:da:66:4d:ec:f1:05:4d:26:e7:15:10:b6:
57:ad:b1:40:4d:eb:ce:bb:49:47:c8:9b:e8:1c:45:d1:10:3a:
de:39:3b:c0:5c:68:2b:73:6e:7d:7c:be:ed:7f:36:aa:c3:18:
e3:66:5b:f1:0f:1f:95:21:b2:27:a9:ca:4e:37:a2:c3:f9:4d:
68:b7:e4:85:45:df:96:7b:fa:40:02:5e:13:5b:11:a1:30:2e:
b8:2f:63:5a:51:da:da:cf:f1:fa:36:84:ee:03:44:79:01:bb:
22:be:df:44:e7:8f:97:c8:98:73:7e:4b:85:0e:19:38:3f:0c:
7f:a1:c6:7d:04:6b:21:48:81:f7:ac:82:81:83:3c:d6:29:47:
17:85:12:b5:f3:e8:5f:8a:ca:c6:9f:9f:f4:99:62:9a:37:40:
6c:45:98:03:ff:f6:bd:b2:85:59:42:eb:f0:d5:7d:8a:43:1c:
3e:af:fd:99
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYY1smKyDwh4sBGbvDSLJWD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwMjA5MTAyMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzk1ZDc5NWVkZTIyOGFmOTA3MDZkODgyYjlkNjY3OTdhMTcwNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZRGDXiUMXEauddVbK2NVXf6JSD4
KaSE0WCOWFUAc1r2Ww6h7GecS7Jm+zHgzfGmeDw8icHQFl5iGDyldrz7P73WNIO2
N49yCw/fH6Vj6HahLqtwe0X3EMn1O8ujqAvTvUuzG861Sk5MXBDjIi50GWO6n6oZ
No30cXIItyfJ+ImniuWFzviBR9583Nz8R0yeQDQ/cMoUjkmeVMoD/xkeTDJIQoEc
+I1zdWKUcsf83HrJVSPCEsotdLJpH5EITnN9WSUA/SQF13bG4IHl5RHATrZexii2
YultbjiBG+pknq4+Iyp+TGp7VcQ1+FC96GruExJw2tdJw/R201v/pOYtTwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAeV15Xt4iivkHBtiCudZnl6FwR0MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvQjVYWGxlM2lLSy1RY0cySUs1MW1lWG9YQkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBASy75AD
BAGy75QDBAG51DIDBAG51+QDBAG58zIwDQYJKoZIhvcNAQELBQADggEBAIK0Vdye
49kc5DbpXigok3e607jM7rO0a1ObaQBXRTdjqb//4cI6SrLXHMJXBjQ+BeyNvJ/w
Oq78R3iAMWJtFegk1kedhNs/p0WyzpbJEtpmTezxBU0m5xUQtletsUBN6867SUfI
m+gcRdEQOt45O8BcaCtzbn18vu1/NqrDGONmW/EPH5Uhsiepyk43osP5TWi35IVF
35Z7+kACXhNbEaEwLrgvY1pR2trP8fo2hO4DRHkBuyK+30Tnj5fImHN+S4UOGTg/
DH+hxn0EayFIgfesgoGDPNYpRxeFErXz6F+Kysafn/SZYpo3QGxFmAP/9r2yhVlC
6/DVfYpDHD6v/Zk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:58 2025 by rpki-client