Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/AWUoQtsapxGHVOz5-SUhX_c1YtA.roa
File: AWUoQtsapxGHVOz5-SUhX_c1YtA.roa (raw, json)
Hash identifier: PGXNRF9M6tD8ovQCgMTl6AZ1ADEccxYfv6GBPTOjL50=
Subject key identifier: 01:65:28:42:DB:1A:A7:11:87:54:EC:F9:F9:25:21:5F:F7:35:62:D0
Certificate issuer: /CN=8498f3fefce2fa0120336264df15010461082e8a
Certificate serial: 09E4C54E
Authority key identifier: 84:98:F3:FE:FC:E2:FA:01:20:33:62:64:DF:15:01:04:61:08:2E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJjz_vzi-gEgM2Jk3xUBBGEILoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/AWUoQtsapxGHVOz5-SUhX_c1YtA.roa
Signing time: Sat 01 Jan 2022 06:52:01 +0000
ROA not before: Sat 01 Jan 2022 06:52:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199993
IP address blocks: 185.39.210.0/24 maxlen: 24
185.39.208.0/24 maxlen: 24
185.39.209.0/24 maxlen: 24
2a04:6d81::/32 maxlen: 32
2a04:6d82::/32 maxlen: 32
2a04:6d80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165987662 (0x9e4c54e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8498f3fefce2fa0120336264df15010461082e8a
Validity
Not Before: Jan 1 06:52:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01652842db1aa7118754ecf9f925215ff73562d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:70:42:80:81:48:e5:79:da:4b:25:c6:0d:27:
cf:91:95:57:60:34:a2:88:a8:e1:cc:d7:92:bf:dc:
90:82:f6:01:b0:85:c6:0e:25:65:0c:b9:c0:88:90:
81:e1:4f:25:fb:6e:ad:49:de:4f:87:5c:b9:64:eb:
e2:25:94:df:d9:77:d5:6b:de:20:8d:f1:c7:7b:2d:
46:48:b8:6f:96:f7:a2:e0:85:d2:f1:10:64:10:50:
23:da:4c:1f:42:c8:6b:81:56:42:4c:01:01:01:20:
fd:1c:ab:45:4e:35:02:93:cb:db:47:35:2c:d4:13:
e4:13:07:86:6e:3f:66:70:ee:c0:f6:08:31:a7:22:
a0:d6:e8:f9:17:14:81:01:74:24:70:18:b5:d4:73:
87:fa:45:1d:1c:40:e4:28:d4:3e:30:82:1a:0e:7b:
85:0e:c2:f3:97:b0:f3:b5:66:41:92:23:51:89:47:
5b:76:ee:cd:95:ca:f7:d9:ae:32:18:b7:69:f0:21:
9c:79:26:56:1b:c9:c1:18:5c:9a:2b:75:a7:ab:a0:
ea:3e:4b:14:b7:df:45:2a:43:7b:65:70:8b:9d:9c:
b4:1a:f6:e5:1a:ff:c1:06:fe:eb:36:c6:86:2f:8b:
a1:e9:5a:29:d9:65:61:cc:f9:76:31:17:79:7d:bd:
b2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:65:28:42:DB:1A:A7:11:87:54:EC:F9:F9:25:21:5F:F7:35:62:D0
X509v3 Authority Key Identifier:
keyid:84:98:F3:FE:FC:E2:FA:01:20:33:62:64:DF:15:01:04:61:08:2E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJjz_vzi-gEgM2Jk3xUBBGEILoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/AWUoQtsapxGHVOz5-SUhX_c1YtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4611ff-40b2-4c0a-a7f8-404dfdb46477/1/hJjz_vzi-gEgM2Jk3xUBBGEILoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.208.0-185.39.210.255
IPv6:
2a04:6d80::-2a04:6d82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
91:d3:37:83:c9:67:d6:29:ee:e5:5c:7d:93:d4:16:d5:a2:3b:
08:1a:23:3a:db:44:c8:b4:cc:7e:f8:24:f9:47:95:fe:96:b5:
c9:5c:64:07:6f:8d:68:15:58:12:69:1a:3f:9b:a8:6b:df:d7:
f2:5a:e2:c9:d1:fc:b3:16:a4:52:c9:60:87:db:89:2d:cb:bf:
8d:83:f7:24:3b:7a:23:f7:0b:a6:cc:41:16:0e:bc:b9:be:dd:
e8:3a:e8:38:42:21:96:0c:c3:a5:a3:67:c2:1c:6f:30:6b:f2:
9c:8a:e0:8d:11:5a:02:82:76:f8:0f:b4:8f:d0:8e:0a:59:34:
7e:4d:6f:d4:d6:92:2a:f9:0e:c9:57:e7:23:03:79:0c:d0:84:
d0:69:c5:2a:5d:1c:0f:24:93:91:1a:ad:04:b7:8d:b3:5d:af:
6e:37:48:5f:e4:3b:9b:0d:80:14:f9:fd:08:d5:9a:88:a7:24:
06:d3:7b:84:e7:98:93:35:6d:ef:9a:27:e8:3f:82:01:8f:cc:
23:19:88:14:2b:1e:7e:32:31:d0:43:c7:b0:b3:fa:e2:2a:89:
e8:8f:64:2b:8a:0b:9d:36:ae:e9:22:04:39:42:b1:81:e7:47:
99:ae:a2:0c:f5:b5:ac:96:94:e3:80:6c:d6:cc:e6:88:67:ca:
c4:46:b5:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIECeTFTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDk4ZjNmZWZjZTJmYTAxMjAzMzYyNjRkZjE1MDEwNDYxMDgyZThhMB4XDTIyMDEw
MTA2NTIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE2NTI4NDJkYjFh
YTcxMTg3NTRlY2Y5ZjkyNTIxNWZmNzM1NjJkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlwQoCBSOV52kslxg0nz5GVV2A0ooio4czXkr/ckIL2AbCF
xg4lZQy5wIiQgeFPJfturUneT4dcuWTr4iWU39l31WveII3xx3stRki4b5b3ouCF
0vEQZBBQI9pMH0LIa4FWQkwBAQEg/RyrRU41ApPL20c1LNQT5BMHhm4/ZnDuwPYI
MacioNbo+RcUgQF0JHAYtdRzh/pFHRxA5CjUPjCCGg57hQ7C85ew87VmQZIjUYlH
W3buzZXK99muMhi3afAhnHkmVhvJwRhcmit1p6ug6j5LFLffRSpDe2Vwi52ctBr2
5Rr/wQb+6zbGhi+LoelaKdllYcz5djEXeX29sokCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQBZShC2xqnEYdU7Pn5JSFf9zVi0DAfBgNVHSMEGDAWgBSEmPP+/OL6ASAz
YmTfFQEEYQguijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hKanpfdnppLWdFZ00ySmszeFVCQkdFSUxvby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvNDYxMWZmLTQwYjItNGMwYS1hN2Y4LTQwNGRmZGI0NjQ3Ny8x
L0FXVW9RdHNhcHhHSFZPejUtU1VoWF9jMVl0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
NDYxMWZmLTQwYjItNGMwYS1hN2Y4LTQwNGRmZGI0NjQ3Ny8xL2hKanpfdnppLWdF
Z00ySmszeFVCQkdFSUxvby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wFAQCAAEwDjAMAwQEuSfQAwQAuSfSMBYEAgACMBAw
DgMFByoEbYADBQAqBG2CMA0GCSqGSIb3DQEBCwUAA4IBAQCR0zeDyWfWKe7lXH2T
1BbVojsIGiM620TItMx++CT5R5X+lrXJXGQHb41oFVgSaRo/m6hr39fyWuLJ0fyz
FqRSyWCH24kty7+Ng/ckO3oj9wumzEEWDry5vt3oOug4QiGWDMOlo2fCHG8wa/Kc
iuCNEVoCgnb4D7SP0I4KWTR+TW/U1pIq+Q7JV+cjA3kM0ITQacUqXRwPJJORGq0E
t42zXa9uN0hf5DubDYAU+f0I1ZqIpyQG03uE55iTNW3vmifoP4IBj8wjGYgUKx5+
MjHQQ8ews/riKonoj2QrigudNq7pIgQ5QrGB50eZrqIM9bWslpTjgGzWzOaIZ8rE
RrWK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:43 2025 by rpki-client