Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/Gh65IUHHWkAarg6dle92RyAnfMw.roa
File: Gh65IUHHWkAarg6dle92RyAnfMw.roa (raw, json)
Hash identifier: rQ7BBqFCYWxXxoTzccFxieiWJrBwZ/8X8Y+TQYRiR9o=
Subject key identifier: 1A:1E:B9:21:41:C7:5A:40:1A:AE:0E:9D:95:EF:76:47:20:27:7C:CC
Certificate issuer: /CN=3a539e501dff37cdc92cbee0cddb92ed2e81c13c
Certificate serial: 018571151D96CDC1621184AF98DC6B62026B
Authority key identifier: 3A:53:9E:50:1D:FF:37:CD:C9:2C:BE:E0:CD:DB:92:ED:2E:81:C1:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OlOeUB3_N83JLL7gzduS7S6BwTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/Gh65IUHHWkAarg6dle92RyAnfMw.roa
Signing time: Mon 02 Jan 2023 06:04:47 +0000
ROA not before: Mon 02 Jan 2023 06:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44347
IP address blocks: 185.14.32.0/23 maxlen: 23
185.14.32.0/22 maxlen: 22
188.65.48.0/22 maxlen: 22
188.65.48.0/21 maxlen: 21
188.65.52.0/22 maxlen: 22
46.43.192.0/19 maxlen: 19
46.43.192.0/18 maxlen: 18
46.43.224.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:1d:96:cd:c1:62:11:84:af:98:dc:6b:62:02:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a539e501dff37cdc92cbee0cddb92ed2e81c13c
Validity
Not Before: Jan 2 06:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a1eb92141c75a401aae0e9d95ef764720277ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:76:b7:42:97:3b:ac:a3:fd:d2:7b:f0:4b:9e:
9a:8e:34:46:6a:82:b3:3a:37:37:9f:69:c8:dd:c7:
9e:3c:8e:c2:35:55:fa:81:de:44:97:a0:34:41:cc:
ae:3c:50:86:bf:95:00:8c:3c:9e:6d:18:19:c9:9e:
1a:17:21:b6:fc:d9:41:8f:7e:44:11:f9:da:29:8c:
a1:a8:f0:4b:bc:9c:98:cc:dc:24:83:da:a0:5d:fa:
98:73:ac:a2:76:21:4c:f0:67:fd:66:28:f9:58:66:
73:bf:3b:3b:b4:4b:5c:7b:57:99:c6:28:b4:4f:58:
a3:ac:42:43:41:a1:0f:9f:40:29:f3:0b:c4:d2:59:
d6:58:c1:cc:11:f6:d5:b9:e0:e3:89:1e:47:d7:d9:
4d:45:e8:8e:43:8c:df:96:e4:47:ab:c1:38:8b:b6:
82:0f:6d:36:a6:b2:f8:74:99:41:1f:79:a2:52:dd:
8b:14:fa:72:fa:b0:01:00:9c:29:df:30:3c:dd:3f:
44:43:16:f7:49:b0:3a:d3:91:33:16:97:75:02:b8:
04:f6:5e:4d:74:3f:61:41:58:e4:f1:d9:81:dc:2e:
65:72:45:5f:98:6f:dc:31:0c:67:57:3d:b0:f7:66:
7f:f9:aa:6b:74:35:26:7b:38:b8:05:36:8f:ec:2f:
f1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1E:B9:21:41:C7:5A:40:1A:AE:0E:9D:95:EF:76:47:20:27:7C:CC
X509v3 Authority Key Identifier:
keyid:3A:53:9E:50:1D:FF:37:CD:C9:2C:BE:E0:CD:DB:92:ED:2E:81:C1:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OlOeUB3_N83JLL7gzduS7S6BwTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/Gh65IUHHWkAarg6dle92RyAnfMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/OlOeUB3_N83JLL7gzduS7S6BwTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.43.192.0/18
185.14.32.0/22
188.65.48.0/21
Signature Algorithm: sha256WithRSAEncryption
06:8f:50:67:04:1d:47:22:d7:9f:80:e0:45:74:6d:f4:d8:4b:
c0:22:72:7c:67:ed:b9:95:31:bf:f9:f0:75:78:5f:05:15:2b:
2e:52:04:cc:86:84:8f:22:00:ff:ab:56:63:6f:bc:79:e5:b7:
1e:92:03:bd:30:0a:f9:32:86:9c:06:15:e9:e6:f5:fa:2c:d9:
b0:98:c0:f7:39:c9:3f:08:82:07:ed:9c:48:10:94:31:5d:27:
cb:ae:7e:ec:f6:7f:97:c7:03:f3:0a:49:f0:24:e4:37:57:e5:
3c:9b:66:86:4b:0b:ab:79:73:cf:22:2d:21:57:6b:b8:9a:70:
49:12:48:e1:80:a7:7b:03:b8:d5:60:b1:95:f8:be:54:88:63:
0a:cf:ed:e5:0a:d9:9d:b5:aa:ba:9a:51:56:b7:d5:81:4c:df:
bd:60:90:a0:ce:f1:78:40:60:8e:6c:1d:f1:8e:4b:d6:32:4f:
c9:ad:98:b2:90:e1:06:1f:9f:79:da:2a:c3:bd:76:6f:04:47:
e6:05:0b:b3:7d:d8:f1:00:06:3e:ee:5c:fa:62:ac:28:38:55:
c6:7f:70:12:62:a0:22:be:de:6d:53:0e:29:19:5c:83:f1:58:
0c:49:48:c6:0f:f2:7e:63:be:f6:5b:9d:22:ca:43:8f:51:80:
b0:07:24:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxFR2WzcFiEYSvmNxrYgJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNTM5ZTUwMWRmZjM3Y2RjOTJjYmVlMGNkZGI5MmVkMmU4
MWMxM2MwHhcNMjMwMTAyMDYwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTFlYjkyMTQxYzc1YTQwMWFhZTBlOWQ5NWVmNzY0NzIwMjc3Y2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3a3Qpc7rKP90nvwS56ajjRGaoKz
Ojc3n2nI3ceePI7CNVX6gd5El6A0QcyuPFCGv5UAjDyebRgZyZ4aFyG2/NlBj35E
EfnaKYyhqPBLvJyYzNwkg9qgXfqYc6yidiFM8Gf9Zij5WGZzvzs7tEtce1eZxii0
T1ijrEJDQaEPn0Ap8wvE0lnWWMHMEfbVueDjiR5H19lNReiOQ4zfluRHq8E4i7aC
D202prL4dJlBH3miUt2LFPpy+rABAJwp3zA83T9EQxb3SbA605EzFpd1ArgE9l5N
dD9hQVjk8dmB3C5lckVfmG/cMQxnVz2w92Z/+aprdDUmezi4BTaP7C/xTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBoeuSFBx1pAGq4OnZXvdkcgJ3zMMB8GA1UdIwQY
MBaAFDpTnlAd/zfNySy+4M3bku0ugcE8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2xPZVVCM19OODNKTEw3Z3pkdVM3UzZCd1R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODFhNDMtNDgyYS00NDMzLWE3YTIt
MDI3YzBkNjQyNGUzLzEvR2g2NUlVSEhXa0Fhcmc2ZGxlOTJSeUFuZk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kODFhNDMtNDgyYS00NDMzLWE3YTItMDI3YzBkNjQyNGUz
LzEvT2xPZVVCM19OODNKTEw3Z3pkdVM3UzZCd1R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGLivAAwQC
uQ4gAwQDvEEwMA0GCSqGSIb3DQEBCwUAA4IBAQAGj1BnBB1HItefgOBFdG302EvA
InJ8Z+25lTG/+fB1eF8FFSsuUgTMhoSPIgD/q1Zjb7x55bcekgO9MAr5MoacBhXp
5vX6LNmwmMD3Ock/CIIH7ZxIEJQxXSfLrn7s9n+XxwPzCknwJOQ3V+U8m2aGSwur
eXPPIi0hV2u4mnBJEkjhgKd7A7jVYLGV+L5UiGMKz+3lCtmdtaq6mlFWt9WBTN+9
YJCgzvF4QGCObB3xjkvWMk/JrZiykOEGH5952irDvXZvBEfmBQuzfdjxAAY+7lz6
YqwoOFXGf3ASYqAivt5tUw4pGVyD8VgMSUjGD/J+Y772W50iykOPUYCwBySx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:00 2025 by rpki-client