Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RaD3uqnpK1ociHs6H1qDwVAFgbQ.roa
File: RaD3uqnpK1ociHs6H1qDwVAFgbQ.roa (raw, json)
Hash identifier: jYcIEhHq2ytAWHS9mhUTjfjlTuOhgC5xRSeyZx6Vrhs=
Subject key identifier: 45:A0:F7:BA:A9:E9:2B:5A:1C:88:7B:3A:1F:5A:83:C1:50:05:81:B4
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018B6222E6C069722DD8B94E936A051178D0
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RaD3uqnpK1ociHs6H1qDwVAFgbQ.roa
Signing time: Tue 24 Oct 2023 14:42:16 +0000
ROA not before: Tue 24 Oct 2023 14:42:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.49.0/24 maxlen: 24
185.26.32.0/23 maxlen: 24
185.124.172.0/22 maxlen: 24
178.239.159.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
37.32.47.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:22:e6:c0:69:72:2d:d8:b9:4e:93:6a:05:11:78:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Oct 24 14:42:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45a0f7baa9e92b5a1c887b3a1f5a83c1500581b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:82:73:b7:f0:ad:1e:b5:f9:f1:82:fe:4d:db:
6a:3b:3b:f1:56:21:f1:fc:20:8b:12:cb:43:72:16:
ae:1c:b1:0d:65:e2:e4:d2:75:a4:65:d8:48:af:9b:
8e:97:ba:39:17:59:b2:bc:0f:b7:c1:84:a6:56:86:
67:bc:5a:f1:5e:8a:53:af:ef:3d:4d:fa:b5:b5:71:
2c:f2:d3:e2:4f:39:84:80:f4:5f:4e:6e:1a:3e:97:
b9:4a:8a:7e:5d:69:aa:2e:35:f6:67:3c:49:6e:62:
14:e4:3e:90:55:08:a3:43:41:89:48:a8:08:37:7b:
92:9e:fd:aa:62:4d:75:b8:19:03:7d:f6:2a:00:e0:
07:4c:0f:ee:ed:2f:d3:dc:f5:ec:be:04:8d:10:08:
ea:1e:5a:e9:50:96:51:98:3a:9f:b2:f2:1c:2b:ba:
24:1e:47:fb:25:89:b9:2b:02:a0:cb:11:7b:03:fa:
b3:56:f4:a6:51:58:e3:d4:ce:f0:a2:d1:da:a6:31:
b0:c0:4d:24:8f:6f:d9:28:8b:30:c7:e4:61:d0:04:
95:88:6c:f4:10:41:37:a1:ef:f0:91:e3:42:cc:1e:
df:98:ca:a7:18:a3:63:da:98:02:38:fe:1c:ff:c2:
e3:65:5b:aa:45:c6:e9:63:ab:ac:a2:d3:f3:c8:01:
c1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A0:F7:BA:A9:E9:2B:5A:1C:88:7B:3A:1F:5A:83:C1:50:05:81:B4
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RaD3uqnpK1ociHs6H1qDwVAFgbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.47.0/24
178.239.159.0/24
185.26.32.0/22
185.124.172.0/22
185.243.49.0/24
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
8c:33:ac:6f:16:7f:30:e8:5d:43:b3:bf:f5:74:71:4c:47:c8:
de:d2:12:9c:bf:71:81:eb:98:c6:9d:b5:f8:65:d5:9e:f6:b5:
be:f3:0a:fb:80:09:9d:e1:34:48:7c:9c:fa:c2:85:bd:a1:de:
79:89:ee:e6:1e:17:25:9b:8a:3b:77:61:cf:b6:b2:b7:e8:30:
0e:31:14:ae:a5:9f:60:ba:79:2f:0a:75:55:f9:47:b8:97:41:
f1:6d:e3:4e:aa:8a:e6:11:75:63:6b:4e:ba:b7:08:51:c8:f3:
07:f3:3f:04:75:47:c6:c2:43:f1:9c:91:a6:2d:8b:ce:22:16:
89:fa:4f:79:0a:12:24:e3:c6:ef:ce:f3:1e:db:64:86:4d:c5:
e4:f6:49:7b:a4:28:fd:22:1d:31:b8:4b:75:80:1a:8f:c2:40:
d5:0e:e6:74:c5:04:8a:2e:63:00:8e:4e:fa:d2:4b:39:8f:da:
81:55:90:6a:91:33:3a:12:65:b6:16:b4:44:a8:bf:d3:52:b8:
ab:2f:fc:5e:b3:1b:87:6d:e9:dc:e2:dc:dc:4d:a7:98:61:d1:
26:54:75:ed:80:fc:20:10:4c:01:9e:08:62:7e:ca:9d:ad:36:
24:89:67:10:06:f8:39:4c:ca:d1:91:d0:d7:9c:64:f9:df:cf:
0f:73:de:f8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYtiIubAaXIt2LlOk2oFEXjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMDI0MTQ0MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWEwZjdiYWE5ZTkyYjVhMWM4ODdiM2ExZjVhODNjMTUwMDU4MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoJzt/CtHrX58YL+TdtqOzvxViHx
/CCLEstDchauHLENZeLk0nWkZdhIr5uOl7o5F1myvA+3wYSmVoZnvFrxXopTr+89
Tfq1tXEs8tPiTzmEgPRfTm4aPpe5Sop+XWmqLjX2ZzxJbmIU5D6QVQijQ0GJSKgI
N3uSnv2qYk11uBkDffYqAOAHTA/u7S/T3PXsvgSNEAjqHlrpUJZRmDqfsvIcK7ok
Hkf7JYm5KwKgyxF7A/qzVvSmUVjj1M7wotHapjGwwE0kj2/ZKIswx+Rh0ASViGz0
EEE3oe/wkeNCzB7fmMqnGKNj2pgCOP4c/8LjZVuqRcbpY6usotPzyAHBqQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEWg97qp6StaHIh7Oh9ag8FQBYG0MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvUmFEM3VxbnBLMW9jaUhzNkgxcUR3VkFGZ2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJSAvAwQA
su+fAwQCuRogAwQCuXysAwQAufMxMA0EAgACMAcDBQAqAHBAMA0GCSqGSIb3DQEB
CwUAA4IBAQCMM6xvFn8w6F1Ds7/1dHFMR8je0hKcv3GB65jGnbX4ZdWe9rW+8wr7
gAmd4TRIfJz6woW9od55ie7mHhclm4o7d2HPtrK36DAOMRSupZ9gunkvCnVV+Ue4
l0HxbeNOqormEXVja066twhRyPMH8z8EdUfGwkPxnJGmLYvOIhaJ+k95ChIk48bv
zvMe22SGTcXk9kl7pCj9Ih0xuEt1gBqPwkDVDuZ0xQSKLmMAjk760ks5j9qBVZBq
kTM6EmW2FrREqL/TUrirL/xesxuHbenc4tzcTaeYYdEmVHXtgPwgEEwBnghifsqd
rTYkiWcQBvg5TMrRkdDXnGT5388Pc974
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:35 2025 by rpki-client