Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/282b19-68b9-4ef3-ad39-6ec8c81fdc3f/1/gKw6BWl8_l3Ia3ets-0QNSPfsxk.roa
File: gKw6BWl8_l3Ia3ets-0QNSPfsxk.roa (raw, json)
Hash identifier: 8EWfj+pJ+D4ge4MTCj/HjFD2D0zNVezHEj2X0gRY0hI=
Subject key identifier: 80:AC:3A:05:69:7C:FE:5D:C8:6B:77:AD:B3:ED:10:35:23:DF:B3:19
Certificate issuer: /CN=1d1e354362cb9224c016dac944e3d9d49909b17f
Certificate serial: 01856E8B3FFDC98FE37D50DF721E46B03AC6
Authority key identifier: 1D:1E:35:43:62:CB:92:24:C0:16:DA:C9:44:E3:D9:D4:99:09:B1:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HR41Q2LLkiTAFtrJROPZ1JkJsX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/282b19-68b9-4ef3-ad39-6ec8c81fdc3f/1/gKw6BWl8_l3Ia3ets-0QNSPfsxk.roa
Signing time: Sun 01 Jan 2023 18:14:57 +0000
ROA not before: Sun 01 Jan 2023 18:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197328
IP address blocks: 185.125.32.0/24 maxlen: 24
185.125.35.0/24 maxlen: 24
185.125.34.0/24 maxlen: 24
185.125.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:3f:fd:c9:8f:e3:7d:50:df:72:1e:46:b0:3a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d1e354362cb9224c016dac944e3d9d49909b17f
Validity
Not Before: Jan 1 18:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ac3a05697cfe5dc86b77adb3ed103523dfb319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d7:83:20:cd:23:a8:a1:81:ae:9c:cc:71:69:
76:34:9e:4a:cf:50:28:68:d2:21:22:c8:fc:af:9e:
a5:b1:42:a8:77:9d:51:02:f6:2a:b3:4e:e0:a7:dc:
d1:d8:3e:32:c2:fb:26:0c:7b:93:d0:0b:1d:49:45:
1b:7c:d3:60:08:61:09:32:4d:77:a2:43:30:fb:ac:
59:8d:5c:24:7b:ef:ef:37:0c:ee:95:f8:33:1d:ab:
17:c7:5d:cc:02:c0:2b:ef:c4:6f:a5:dd:d8:ab:4c:
7c:58:81:4a:4d:ee:03:a9:21:12:46:dc:d9:43:09:
40:0c:51:88:65:67:a2:76:98:25:61:2d:f0:9b:a6:
d4:a9:ed:7e:57:93:86:21:c5:c7:36:a0:6d:13:c3:
d3:d9:9f:38:35:c3:09:04:7e:5b:c9:40:83:54:55:
48:a4:d1:18:88:27:e5:ba:03:5e:f6:22:a6:e9:66:
67:31:4a:16:d9:a4:73:5a:0d:c1:7d:74:e4:7e:4e:
be:c9:7a:39:55:ee:3a:b2:ab:1c:3e:91:ca:e3:8b:
0e:03:f2:17:58:19:e8:ad:da:ff:b8:62:53:6e:79:
33:69:46:1d:f7:6d:a4:73:4e:4b:6a:14:18:d2:7e:
96:41:3c:39:f8:18:31:be:ca:31:9a:93:1f:d0:0b:
df:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:AC:3A:05:69:7C:FE:5D:C8:6B:77:AD:B3:ED:10:35:23:DF:B3:19
X509v3 Authority Key Identifier:
keyid:1D:1E:35:43:62:CB:92:24:C0:16:DA:C9:44:E3:D9:D4:99:09:B1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR41Q2LLkiTAFtrJROPZ1JkJsX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/282b19-68b9-4ef3-ad39-6ec8c81fdc3f/1/gKw6BWl8_l3Ia3ets-0QNSPfsxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/282b19-68b9-4ef3-ad39-6ec8c81fdc3f/1/HR41Q2LLkiTAFtrJROPZ1JkJsX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.32.0/22
Signature Algorithm: sha256WithRSAEncryption
66:de:8a:f4:3a:ae:f4:68:b1:1e:5a:e2:44:9a:93:6e:9b:0d:
53:2f:14:80:dd:e4:e4:34:3f:22:c3:8a:f4:93:8a:99:ce:00:
e0:4a:38:6b:55:e2:38:66:46:19:2f:d6:a7:45:7c:f4:14:8f:
84:eb:2a:20:24:21:58:8e:86:4b:48:32:a3:6d:e7:61:4c:ca:
8d:79:3e:4d:da:d9:f0:f1:6e:f9:5b:a2:ca:bf:b8:c6:6f:d4:
b9:4d:05:9a:e0:8f:47:5a:6b:de:93:ae:49:ba:3a:89:fa:2a:
ea:18:b8:24:9a:d5:05:62:b7:38:0d:c6:a1:ca:2b:17:6d:07:
d3:ce:0a:f6:ee:d2:f1:4c:5c:79:00:89:f9:f3:0b:93:8a:ff:
15:da:b0:dc:20:01:0b:25:c6:f5:71:34:12:17:c2:9f:7b:28:
da:91:f3:fb:e6:3b:1a:75:02:aa:e9:f4:ff:18:10:8c:4f:b1:
c8:3c:ef:f1:d1:a6:2a:ad:19:a4:94:4d:42:b9:e3:ea:ec:0a:
10:1a:c1:f9:51:da:0a:fc:ca:ae:48:31:84:ac:50:c0:54:29:
e1:10:6c:32:c7:3a:44:a7:f1:da:fc:6a:48:d6:25:e5:f4:f6:
b5:65:62:34:d3:b5:6c:44:b5:c0:d7:76:33:6d:50:82:5d:df:
53:e7:3e:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuiz/9yY/jfVDfch5GsDrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWUzNTQzNjJjYjkyMjRjMDE2ZGFjOTQ0ZTNkOWQ0OTkw
OWIxN2YwHhcNMjMwMTAxMTgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGFjM2EwNTY5N2NmZTVkYzg2Yjc3YWRiM2VkMTAzNTIzZGZiMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9eDIM0jqKGBrpzMcWl2NJ5Kz1Ao
aNIhIsj8r56lsUKod51RAvYqs07gp9zR2D4ywvsmDHuT0AsdSUUbfNNgCGEJMk13
okMw+6xZjVwke+/vNwzulfgzHasXx13MAsAr78Rvpd3Yq0x8WIFKTe4DqSESRtzZ
QwlADFGIZWeidpglYS3wm6bUqe1+V5OGIcXHNqBtE8PT2Z84NcMJBH5byUCDVFVI
pNEYiCflugNe9iKm6WZnMUoW2aRzWg3BfXTkfk6+yXo5Ve46sqscPpHK44sOA/IX
WBnordr/uGJTbnkzaUYd922kc05LahQY0n6WQTw5+BgxvsoxmpMf0AvfQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFICsOgVpfP5dyGt3rbPtEDUj37MZMB8GA1UdIwQY
MBaAFB0eNUNiy5IkwBbayUTj2dSZCbF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFI0MVEyTExraVRBRnRySlJPUFoxSmtKc1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8yODJiMTktNjhiOS00ZWYzLWFkMzkt
NmVjOGM4MWZkYzNmLzEvZ0t3NkJXbDhfbDNJYTNldHMtMFFOU1Bmc3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8yODJiMTktNjhiOS00ZWYzLWFkMzktNmVjOGM4MWZkYzNm
LzEvSFI0MVEyTExraVRBRnRySlJPUFoxSmtKc1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX0gMA0G
CSqGSIb3DQEBCwUAA4IBAQBm3or0Oq70aLEeWuJEmpNumw1TLxSA3eTkND8iw4r0
k4qZzgDgSjhrVeI4ZkYZL9anRXz0FI+E6yogJCFYjoZLSDKjbedhTMqNeT5N2tnw
8W75W6LKv7jGb9S5TQWa4I9HWmvek65JujqJ+irqGLgkmtUFYrc4DcahyisXbQfT
zgr27tLxTFx5AIn58wuTiv8V2rDcIAELJcb1cTQSF8KfeyjakfP75jsadQKq6fT/
GBCMT7HIPO/x0aYqrRmklE1CuePq7AoQGsH5UdoK/MquSDGErFDAVCnhEGwyxzpE
p/Ha/GpI1iXl9Pa1ZWI007VsRLXA13YzbVCCXd9T5z68
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:43:23 2025 by rpki-client