Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/GNeehcXdwtRznqwpSP5Q7uVGzfY.roa
File: GNeehcXdwtRznqwpSP5Q7uVGzfY.roa (raw, json)
Hash identifier: YENvRhC2TMePj2GQAPJoq98fYWs27AurymaSRQYkGRU=
Subject key identifier: 18:D7:9E:85:C5:DD:C2:D4:73:9E:AC:29:48:FE:50:EE:E5:46:CD:F6
Certificate issuer: /CN=fdad61d8e8c1abda8596930e21f18211a517681f
Certificate serial: 01856C1CC4A65676ACD5B82DAE58C59A2C7C
Authority key identifier: FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/GNeehcXdwtRznqwpSP5Q7uVGzfY.roa
Signing time: Sun 01 Jan 2023 06:55:02 +0000
ROA not before: Sun 01 Jan 2023 06:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49764
IP address blocks: 185.218.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:c4:a6:56:76:ac:d5:b8:2d:ae:58:c5:9a:2c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdad61d8e8c1abda8596930e21f18211a517681f
Validity
Not Before: Jan 1 06:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18d79e85c5ddc2d4739eac2948fe50eee546cdf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ff:fa:16:ab:28:ae:10:7e:45:82:54:8e:7f:
65:3d:9b:1f:9e:38:fd:f4:70:8b:e4:b1:ac:09:e6:
b1:a2:19:e3:41:8b:48:13:20:47:38:40:b0:a6:a8:
a4:a9:50:84:87:37:ac:fe:8f:4a:c2:4e:c2:0c:b4:
a1:4b:55:cd:7d:53:90:e2:e5:7f:a0:bd:4a:84:ab:
14:90:be:f8:2e:40:15:d6:86:53:42:c6:cd:50:1a:
82:23:d3:65:0a:23:65:c1:cd:5d:cb:46:e4:ce:81:
ae:4a:34:ea:14:1f:01:6b:2b:b5:79:12:a8:20:fb:
0d:a5:56:15:02:bc:7b:c9:48:bb:78:eb:31:0f:f2:
43:d9:f3:a9:7e:36:f4:28:2c:7c:d7:57:27:39:d0:
91:82:07:e1:1e:c7:94:56:41:19:7a:2a:0e:13:ee:
67:92:57:e8:08:44:b6:c6:c5:03:34:4e:67:37:e7:
71:33:e8:c0:54:72:57:b5:d2:b8:22:42:7f:5b:eb:
53:d7:f5:1c:66:13:63:45:05:6a:a1:05:43:4b:d7:
8f:b7:56:77:9e:c8:3a:49:fc:25:57:8c:a3:42:7f:
cf:67:ad:be:56:98:2e:11:5f:c6:37:d3:29:02:2b:
de:31:df:09:8a:5c:57:bb:0c:4d:9e:55:fd:62:5b:
dc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D7:9E:85:C5:DD:C2:D4:73:9E:AC:29:48:FE:50:EE:E5:46:CD:F6
X509v3 Authority Key Identifier:
keyid:FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/GNeehcXdwtRznqwpSP5Q7uVGzfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/_a1h2OjBq9qFlpMOIfGCEaUXaB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.71.0/24
Signature Algorithm: sha256WithRSAEncryption
06:95:a4:39:61:6b:86:1a:93:f0:2a:13:ba:27:03:32:4b:95:
57:af:3a:ca:17:36:50:e9:d4:78:0d:ee:35:d6:10:d8:76:64:
de:df:2b:f3:06:4c:6b:10:d3:67:70:fc:b1:e1:60:3c:ee:fd:
1d:f1:24:cd:15:17:fa:29:ae:59:a1:d7:f1:f1:d7:85:70:24:
13:1f:de:84:02:e4:3b:c5:35:8b:ac:a5:4c:38:e0:98:e6:fe:
c6:81:44:9c:87:40:72:73:d7:a0:85:8b:8f:3a:00:1b:46:5b:
11:03:3d:ed:12:4b:b8:93:6c:bb:43:19:c3:f9:00:e5:08:1a:
07:f7:d1:1d:1d:1f:42:2f:b4:ce:f7:bf:ba:00:d3:f5:45:72:
13:e0:fb:c6:aa:23:ed:61:8c:a4:bd:5f:b2:f1:8c:dd:64:e3:
dc:ad:58:26:30:f1:eb:9e:f4:d7:a1:b6:f3:7d:42:d5:bb:9a:
94:e1:67:86:15:24:e1:e1:b8:ca:a1:59:91:3b:79:32:08:e9:
b4:79:51:e2:d8:c1:8b:3f:1f:fc:28:e0:81:3b:af:b6:38:45:
b0:90:ea:9c:4a:ea:23:1e:f9:34:68:dd:33:aa:12:d5:c0:ca:
60:b4:05:af:e8:91:47:29:07:2c:75:cc:96:a0:bf:8a:73:73:
6e:03:40:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHMSmVnas1bgtrljFmix8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYWQ2MWQ4ZThjMWFiZGE4NTk2OTMwZTIxZjE4MjExYTUx
NzY4MWYwHhcNMjMwMTAxMDY1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ3OWU4NWM1ZGRjMmQ0NzM5ZWFjMjk0OGZlNTBlZWU1NDZjZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8//6FqsorhB+RYJUjn9lPZsfnjj9
9HCL5LGsCeaxohnjQYtIEyBHOECwpqikqVCEhzes/o9Kwk7CDLShS1XNfVOQ4uV/
oL1KhKsUkL74LkAV1oZTQsbNUBqCI9NlCiNlwc1dy0bkzoGuSjTqFB8Bayu1eRKo
IPsNpVYVArx7yUi7eOsxD/JD2fOpfjb0KCx811cnOdCRggfhHseUVkEZeioOE+5n
klfoCES2xsUDNE5nN+dxM+jAVHJXtdK4IkJ/W+tT1/UcZhNjRQVqoQVDS9ePt1Z3
nsg6SfwlV4yjQn/PZ62+VpguEV/GN9MpAiveMd8JilxXuwxNnlX9Ylvc3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjXnoXF3cLUc56sKUj+UO7lRs32MB8GA1UdIwQY
MBaAFP2tYdjowavahZaTDiHxghGlF2gfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2Et
ODRlZTIyYTNlZTViLzEvR05lZWhjWGR3dFJ6bnF3cFNQNVE3dVZHemZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2EtODRlZTIyYTNlZTVi
LzEvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudpHMA0G
CSqGSIb3DQEBCwUAA4IBAQAGlaQ5YWuGGpPwKhO6JwMyS5VXrzrKFzZQ6dR4De41
1hDYdmTe3yvzBkxrENNncPyx4WA87v0d8STNFRf6Ka5Zodfx8deFcCQTH96EAuQ7
xTWLrKVMOOCY5v7GgUSch0Byc9eghYuPOgAbRlsRAz3tEku4k2y7QxnD+QDlCBoH
99EdHR9CL7TO97+6ANP1RXIT4PvGqiPtYYykvV+y8YzdZOPcrVgmMPHrnvTXobbz
fULVu5qU4WeGFSTh4bjKoVmRO3kyCOm0eVHi2MGLPx/8KOCBO6+2OEWwkOqcSuoj
Hvk0aN0zqhLVwMpgtAWv6JFHKQcsdcyWoL+Kc3NuA0AG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:52 2025 by rpki-client