Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/obT8Mfa5PAJ2XXDemIrSAXwfdWM.roa
File: obT8Mfa5PAJ2XXDemIrSAXwfdWM.roa (raw, json)
Hash identifier: 1TBMtupvEUJYHf7GbJ679I7+l30Z1+PKJZf7oQezBzU=
Subject key identifier: A1:B4:FC:31:F6:B9:3C:02:76:5D:70:DE:98:8A:D2:01:7C:1F:75:63
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 018C90B6A649048E6DC163FF7319CBA1EC6F
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/obT8Mfa5PAJ2XXDemIrSAXwfdWM.roa
Signing time: Fri 22 Dec 2023 08:48:58 +0000
ROA not before: Fri 22 Dec 2023 08:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203847
IP address blocks: 185.206.52.0/23 maxlen: 23
193.162.128.0/24 maxlen: 24
185.122.44.0/22 maxlen: 22
45.142.15.0/24 maxlen: 24
2a01:57e0:200::/39 maxlen: 39
2a01:57e0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:90:b6:a6:49:04:8e:6d:c1:63:ff:73:19:cb:a1:ec:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Dec 22 08:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1b4fc31f6b93c02765d70de988ad2017c1f7563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:62:a8:f4:44:ac:59:24:c3:55:90:dd:60:e9:
cf:6c:dc:a6:9e:49:e9:27:6b:38:85:c9:f9:71:70:
c7:aa:cd:a6:df:ee:89:a8:93:b8:35:94:4d:71:44:
d1:25:08:37:bd:c2:6e:9d:94:be:86:26:25:59:37:
f7:35:fb:3e:a6:a5:cd:df:02:93:cd:1b:7b:61:f9:
0c:2b:27:28:25:87:85:5d:23:8e:c8:72:c2:3a:56:
04:86:b4:cc:0a:c6:f8:45:a1:38:1c:51:a9:fe:55:
96:6d:8d:a5:c3:37:60:f8:5f:30:d0:5f:a3:1c:60:
42:ae:67:6a:cf:68:8d:05:84:13:6e:37:b0:90:fc:
63:6d:93:5d:08:7a:78:e5:b7:8a:b9:19:e0:b5:d2:
4c:83:40:72:49:00:3e:a7:71:04:ce:cc:b5:01:7b:
37:cb:e8:b5:3d:96:82:31:b3:47:df:a7:ba:b4:20:
c4:7b:fb:74:d3:8b:62:5e:67:c7:05:7e:cf:4f:d8:
fd:e5:64:cf:8d:21:b4:ba:38:8b:31:60:c7:f5:0b:
2d:02:cb:6a:05:5f:29:3d:9f:31:3a:33:59:15:32:
32:05:c6:09:ad:b0:cf:05:4e:35:3b:d2:1d:38:b0:
7d:fb:d0:85:82:65:64:52:7d:e2:39:1f:f2:ac:42:
04:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B4:FC:31:F6:B9:3C:02:76:5D:70:DE:98:8A:D2:01:7C:1F:75:63
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/obT8Mfa5PAJ2XXDemIrSAXwfdWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.15.0/24
185.122.44.0/22
185.206.52.0/23
193.162.128.0/24
IPv6:
2a01:57e0::/29
Signature Algorithm: sha256WithRSAEncryption
05:24:3f:d4:b0:54:49:e6:e6:43:5b:3a:e6:f0:ac:d5:31:3f:
dd:ae:5b:b5:a9:a3:08:5c:8a:72:4d:89:48:2e:1a:c8:e7:c0:
04:37:4f:a9:f1:37:e4:e0:00:d1:02:11:7a:32:be:27:9e:7d:
60:42:68:12:96:14:c6:20:a6:99:a0:c3:00:41:30:cc:62:67:
b6:7b:aa:7b:6a:7d:73:f8:26:74:c1:56:25:5b:8d:98:74:84:
59:06:f8:a3:7c:d4:ce:14:14:71:35:63:77:37:34:2c:42:fd:
34:71:a7:d0:5e:c0:02:b6:62:73:94:db:d4:17:98:05:74:e4:
b9:1e:34:32:d8:20:37:a6:29:b4:fa:15:99:c2:0d:8e:59:c8:
49:5d:d4:20:e0:2f:bb:8e:f8:db:ba:fc:1b:c0:5b:ca:f2:3a:
f9:a2:fd:fc:da:2f:19:3a:91:f1:62:c7:39:25:4e:56:a8:d6:
27:bc:4f:fd:00:0f:98:53:43:a3:de:50:90:68:95:12:8b:98:
6a:da:58:cc:2d:a3:1e:0a:c2:aa:d5:e2:5d:6b:28:86:9c:1e:
24:9d:59:4b:3e:3f:90:b6:d8:ae:bd:57:26:b5:c5:ee:24:8c:
c2:12:61:25:67:72:b4:72:91:d9:52:18:1d:e1:63:91:a4:d0:
c9:e6:01:ff
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYyQtqZJBI5twWP/cxnLoexvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjMxMjIyMDg0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWI0ZmMzMWY2YjkzYzAyNzY1ZDcwZGU5ODhhZDIwMTdjMWY3NTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2Ko9ESsWSTDVZDdYOnPbNymnknp
J2s4hcn5cXDHqs2m3+6JqJO4NZRNcUTRJQg3vcJunZS+hiYlWTf3Nfs+pqXN3wKT
zRt7YfkMKycoJYeFXSOOyHLCOlYEhrTMCsb4RaE4HFGp/lWWbY2lwzdg+F8w0F+j
HGBCrmdqz2iNBYQTbjewkPxjbZNdCHp45beKuRngtdJMg0BySQA+p3EEzsy1AXs3
y+i1PZaCMbNH36e6tCDEe/t004tiXmfHBX7PT9j95WTPjSG0ujiLMWDH9QstAstq
BV8pPZ8xOjNZFTIyBcYJrbDPBU41O9IdOLB9+9CFgmVkUn3iOR/yrEIE7wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKG0/DH2uTwCdl1w3piK0gF8H3VjMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvb2JUOE1mYTVQQUoyWFhEZW1JclNBWHdmZFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALY4PAwQC
uXosAwQBuc40AwQAwaKAMA0EAgACMAcDBQMqAVfgMA0GCSqGSIb3DQEBCwUAA4IB
AQAFJD/UsFRJ5uZDWzrm8KzVMT/drlu1qaMIXIpyTYlILhrI58AEN0+p8Tfk4ADR
AhF6Mr4nnn1gQmgSlhTGIKaZoMMAQTDMYme2e6p7an1z+CZ0wVYlW42YdIRZBvij
fNTOFBRxNWN3NzQsQv00cafQXsACtmJzlNvUF5gFdOS5HjQy2CA3pim0+hWZwg2O
WchJXdQg4C+7jvjbuvwbwFvK8jr5ov382i8ZOpHxYsc5JU5WqNYnvE/9AA+YU0Oj
3lCQaJUSi5hq2ljMLaMeCsKq1eJdayiGnB4knVlLPj+QttiuvVcmtcXuJIzCEmEl
Z3K0cpHZUhgd4WORpNDJ5gH/
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:15 2025 by rpki-client