Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/0vG8CghCdL0GU-kUW9SvbCzGgzY.roa
File: 0vG8CghCdL0GU-kUW9SvbCzGgzY.roa (raw, json)
Hash identifier: ifOsXI4ONjwjJPm09BiObTQcpqRe+dR69wkAYp6IgXs=
Subject key identifier: D2:F1:BC:0A:08:42:74:BD:06:53:E9:14:5B:D4:AF:6C:2C:C6:83:36
Certificate issuer: /CN=199ef1b4eb6a0f812511b6bb2704801a3311f709
Certificate serial: 018BAF90B1AB07A1A980A50F5078962A1BE6
Authority key identifier: 19:9E:F1:B4:EB:6A:0F:81:25:11:B6:BB:27:04:80:1A:33:11:F7:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZ7xtOtqD4ElEba7JwSAGjMR9wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/0vG8CghCdL0GU-kUW9SvbCzGgzY.roa
Signing time: Wed 08 Nov 2023 15:32:57 +0000
ROA not before: Wed 08 Nov 2023 15:32:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206060
IP address blocks: 185.197.177.0/24 maxlen: 24
185.197.178.0/24 maxlen: 24
185.197.179.0/24 maxlen: 24
185.197.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:90:b1:ab:07:a1:a9:80:a5:0f:50:78:96:2a:1b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=199ef1b4eb6a0f812511b6bb2704801a3311f709
Validity
Not Before: Nov 8 15:32:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2f1bc0a084274bd0653e9145bd4af6c2cc68336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:13:32:ed:ae:66:64:55:3e:bc:c0:22:8b:b6:
82:87:44:76:7b:40:3a:54:8a:c9:7d:bb:98:6c:9a:
8c:e7:56:ae:92:59:b7:b6:75:1e:6a:c7:15:66:d3:
b3:c9:e3:17:fc:45:f2:91:c8:46:d3:aa:59:52:9e:
ff:86:15:33:3c:90:bb:23:a2:7e:9e:fe:78:e7:9a:
2e:93:6b:3f:ee:7f:f7:1f:a4:19:30:c4:22:ce:80:
79:64:01:70:6b:47:eb:d9:ea:f7:2b:75:c4:cb:d6:
51:31:8e:3b:21:0a:c8:4a:be:87:d9:f1:91:db:d7:
b3:90:f4:d0:8f:9a:e7:c0:35:bd:c6:1d:0b:fe:de:
b2:de:27:53:36:79:b1:50:7a:e1:31:43:3d:d2:75:
f3:a1:ff:ba:d4:bd:9d:43:bc:9c:15:12:f4:7b:ca:
31:11:b2:2c:4c:e6:45:4f:c6:65:9e:35:04:ee:8e:
a4:e6:5d:0d:f4:d1:28:00:62:33:e4:61:dd:d1:10:
0c:d9:46:a5:ab:4c:0c:f2:92:e2:5f:3e:ce:7a:16:
c1:6f:fe:30:2d:4f:ae:7c:e8:2d:ed:0e:79:54:08:
36:69:3d:2f:c2:20:0f:49:38:8b:00:df:74:1c:45:
f2:fb:89:ee:5e:4a:fb:de:a8:55:b6:4b:a3:a1:23:
d1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F1:BC:0A:08:42:74:BD:06:53:E9:14:5B:D4:AF:6C:2C:C6:83:36
X509v3 Authority Key Identifier:
keyid:19:9E:F1:B4:EB:6A:0F:81:25:11:B6:BB:27:04:80:1A:33:11:F7:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZ7xtOtqD4ElEba7JwSAGjMR9wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/0vG8CghCdL0GU-kUW9SvbCzGgzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/GZ7xtOtqD4ElEba7JwSAGjMR9wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.176.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:a7:08:12:af:a1:09:5f:de:89:e4:a8:8d:88:7d:b1:55:3d:
34:94:31:10:17:06:68:5a:5c:a8:7d:49:31:ae:36:e3:c8:84:
57:e7:43:ee:fc:e3:6a:a6:ee:2e:b2:cb:c1:c3:3b:4c:e2:f2:
72:f3:23:e3:2e:3f:99:4e:68:d0:a7:66:ec:f9:c3:0f:ab:ae:
13:62:3c:81:7f:59:71:70:2c:31:35:1a:03:2a:60:b5:ba:ce:
01:ba:b2:ce:53:94:5d:48:2f:e4:94:cf:6e:ed:8c:3b:59:c7:
b0:8b:5c:7d:98:9a:d7:f3:4e:fa:89:8c:95:f3:73:01:d9:b7:
57:f7:1a:c5:de:c4:44:ea:ec:63:32:b4:fa:6a:bb:bc:e5:eb:
94:9c:f6:a6:d0:5f:07:85:7b:b8:ea:a3:3c:07:6d:e1:45:65:
e5:c9:6f:e8:a2:34:68:ef:37:50:2e:a7:d8:55:5b:de:a4:74:
f9:d4:a9:56:cf:b6:b4:16:93:e9:8b:21:69:78:ab:0a:d5:a1:
3a:91:88:15:17:ab:e5:33:ee:ec:7d:d3:fc:2b:ff:9d:2d:2e:
d0:b7:87:5a:59:bc:c1:b7:3c:9c:88:f9:24:02:47:fa:8e:5b:
93:17:c0:3c:b0:45:b9:e1:a9:ac:56:e7:ec:1f:ad:17:54:d7:
a7:dc:1e:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuvkLGrB6GpgKUPUHiWKhvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5OWVmMWI0ZWI2YTBmODEyNTExYjZiYjI3MDQ4MDFhMzMx
MWY3MDkwHhcNMjMxMTA4MTUzMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmYxYmMwYTA4NDI3NGJkMDY1M2U5MTQ1YmQ0YWY2YzJjYzY4MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxMy7a5mZFU+vMAii7aCh0R2e0A6
VIrJfbuYbJqM51auklm3tnUeascVZtOzyeMX/EXykchG06pZUp7/hhUzPJC7I6J+
nv5455ouk2s/7n/3H6QZMMQizoB5ZAFwa0fr2er3K3XEy9ZRMY47IQrISr6H2fGR
29ezkPTQj5rnwDW9xh0L/t6y3idTNnmxUHrhMUM90nXzof+61L2dQ7ycFRL0e8ox
EbIsTOZFT8ZlnjUE7o6k5l0N9NEoAGIz5GHd0RAM2Ualq0wM8pLiXz7OehbBb/4w
LU+ufOgt7Q55VAg2aT0vwiAPSTiLAN90HEXy+4nuXkr73qhVtkujoSPRzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLxvAoIQnS9BlPpFFvUr2wsxoM2MB8GA1UdIwQY
MBaAFBme8bTrag+BJRG2uycEgBozEfcJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1o3eHRPdHFENEVsRWJhN0p3U0FHak1SOXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lYWZlNmUtY2ZlMy00MjQ1LTljMzYt
MDdhMjhhZDNjYjY0LzEvMHZHOENnaENkTDBHVS1rVVc5U3ZiQ3pHZ3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lYWZlNmUtY2ZlMy00MjQ1LTljMzYtMDdhMjhhZDNjYjY0
LzEvR1o3eHRPdHFENEVsRWJhN0p3U0FHak1SOXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucWwMA0G
CSqGSIb3DQEBCwUAA4IBAQCLpwgSr6EJX96J5KiNiH2xVT00lDEQFwZoWlyofUkx
rjbjyIRX50Pu/ONqpu4ussvBwztM4vJy8yPjLj+ZTmjQp2bs+cMPq64TYjyBf1lx
cCwxNRoDKmC1us4BurLOU5RdSC/klM9u7Yw7Wcewi1x9mJrX8076iYyV83MB2bdX
9xrF3sRE6uxjMrT6aru85euUnPam0F8HhXu46qM8B23hRWXlyW/oojRo7zdQLqfY
VVvepHT51KlWz7a0FpPpiyFpeKsK1aE6kYgVF6vlM+7sfdP8K/+dLS7Qt4daWbzB
tzyciPkkAkf6jluTF8A8sEW54amsVufsH60XVNen3B6T
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:10 2025 by rpki-client