Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/l0epaU0BXdnvFNXiizOc4Wk0GVs.roa
File: l0epaU0BXdnvFNXiizOc4Wk0GVs.roa (raw, json)
Hash identifier: 52vGMYSTthBo6TtAW4jiy89nBa+SlyLpaoMN+JUtN1s=
Subject key identifier: 97:47:A9:69:4D:01:5D:D9:EF:14:D5:E2:8B:33:9C:E1:69:34:19:5B
Certificate issuer: /CN=8a552a86e31b69e5d5320ede81d34bb128a45cee
Certificate serial: 0188E230201A0172FCD4B920202AAF95D90B
Authority key identifier: 8A:55:2A:86:E3:1B:69:E5:D5:32:0E:DE:81:D3:4B:B1:28:A4:5C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilUqhuMbaeXVMg7egdNLsSikXO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/l0epaU0BXdnvFNXiizOc4Wk0GVs.roa
Signing time: Thu 22 Jun 2023 08:19:44 +0000
ROA not before: Thu 22 Jun 2023 08:19:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60950
IP address blocks: 185.100.130.0/24 maxlen: 24
185.100.129.0/24 maxlen: 24
185.100.131.0/24 maxlen: 24
185.100.128.0/24 maxlen: 24
185.100.128.0/22 maxlen: 22
185.23.24.0/24 maxlen: 24
185.23.24.0/22 maxlen: 22
185.23.26.0/24 maxlen: 24
185.23.25.0/24 maxlen: 24
185.23.27.0/24 maxlen: 24
2a00:6960::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:30:20:1a:01:72:fc:d4:b9:20:20:2a:af:95:d9:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a552a86e31b69e5d5320ede81d34bb128a45cee
Validity
Not Before: Jun 22 08:19:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9747a9694d015dd9ef14d5e28b339ce16934195b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d1:f3:e8:d7:83:e1:ca:a4:52:24:76:66:69:
56:94:47:f8:e4:2d:bf:3d:60:99:8b:71:9b:9a:45:
2b:c7:4c:b7:14:0d:89:e9:3a:d0:47:0b:46:b7:45:
45:33:94:59:62:fa:7d:43:64:e4:ad:49:6f:60:7e:
3f:bd:0c:55:cb:86:61:03:4f:2a:d4:f3:eb:e7:73:
07:51:87:6d:3b:a7:e2:e7:7a:29:b0:64:85:b8:d3:
9d:91:a5:63:94:9a:a5:73:4f:73:0b:3a:23:b8:de:
0f:b1:9a:dc:98:c4:6e:56:46:c6:ac:87:06:d0:65:
bc:65:0b:47:f9:0f:3d:17:55:ce:b2:8c:d1:e1:a8:
9e:d2:75:95:90:46:85:f8:4f:e8:2f:05:6e:cf:f7:
fe:d8:a5:53:6f:4d:2e:98:be:f2:55:ea:b5:0f:72:
b5:c8:cb:95:72:c3:02:b2:c0:a8:e8:d0:0e:f3:ee:
75:80:fb:5b:b9:4e:c8:2a:c6:f6:96:c9:f7:02:72:
e6:6c:d1:7d:00:68:66:fb:37:39:b5:af:4b:76:57:
1d:5c:6c:13:ef:ed:a9:79:66:a0:20:32:b7:5a:6a:
54:6b:a1:eb:0d:6d:18:c3:36:26:a4:f1:7b:9c:68:
89:b7:84:2e:97:55:45:d0:93:2c:e1:d3:42:6d:60:
cf:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:47:A9:69:4D:01:5D:D9:EF:14:D5:E2:8B:33:9C:E1:69:34:19:5B
X509v3 Authority Key Identifier:
keyid:8A:55:2A:86:E3:1B:69:E5:D5:32:0E:DE:81:D3:4B:B1:28:A4:5C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilUqhuMbaeXVMg7egdNLsSikXO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/l0epaU0BXdnvFNXiizOc4Wk0GVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/ilUqhuMbaeXVMg7egdNLsSikXO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.24.0/22
185.100.128.0/22
IPv6:
2a00:6960::/32
Signature Algorithm: sha256WithRSAEncryption
43:53:47:d1:23:38:6e:af:cf:c7:99:9a:c1:de:ec:09:f0:8b:
1d:f8:b3:49:51:59:6c:5c:b0:e4:47:db:60:af:09:81:5b:47:
69:03:41:e6:08:44:e5:69:ef:e4:c7:f8:a0:5f:e1:6c:1a:d4:
62:a9:94:88:23:f7:5b:32:e9:ba:c5:71:bd:96:3e:bf:49:72:
60:2c:f6:00:e6:ea:dd:fc:77:20:61:44:1e:a9:1b:a1:4a:95:
ea:81:01:c9:a7:5c:b1:66:53:1f:57:08:7e:3d:20:7f:75:12:
16:82:e1:5a:c6:d8:92:05:1d:11:b9:d4:44:4e:80:ba:87:46:
38:d2:8b:f6:d6:46:0a:ff:c3:ed:77:2b:b4:ed:8e:c8:9b:50:
cc:77:fe:75:87:3d:8b:7f:e9:fa:2a:f6:98:4e:53:c5:8d:f3:
54:e1:92:06:f5:25:53:86:3c:da:a6:61:be:fc:ee:ed:d3:f3:
eb:39:0c:ec:a4:9e:e0:91:4b:88:eb:a0:4e:54:f9:92:91:7e:
10:5e:75:8b:c8:68:80:f7:cf:2a:fc:05:b7:2d:f9:0e:b5:ae:
50:4c:d5:df:99:4d:3b:aa:7b:e5:77:4e:13:34:85:aa:25:83:
87:44:1c:bc:f4:8c:d6:c9:76:8c:5e:eb:e1:d3:19:17:c4:77:
1e:a3:ea:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYjiMCAaAXL81LkgICqvldkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNTUyYTg2ZTMxYjY5ZTVkNTMyMGVkZTgxZDM0YmIxMjhh
NDVjZWUwHhcNMjMwNjIyMDgxOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQ3YTk2OTRkMDE1ZGQ5ZWYxNGQ1ZTI4YjMzOWNlMTY5MzQxOTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdHz6NeD4cqkUiR2ZmlWlEf45C2/
PWCZi3GbmkUrx0y3FA2J6TrQRwtGt0VFM5RZYvp9Q2TkrUlvYH4/vQxVy4ZhA08q
1PPr53MHUYdtO6fi53opsGSFuNOdkaVjlJqlc09zCzojuN4PsZrcmMRuVkbGrIcG
0GW8ZQtH+Q89F1XOsozR4aie0nWVkEaF+E/oLwVuz/f+2KVTb00umL7yVeq1D3K1
yMuVcsMCssCo6NAO8+51gPtbuU7IKsb2lsn3AnLmbNF9AGhm+zc5ta9LdlcdXGwT
7+2peWagIDK3WmpUa6HrDW0YwzYmpPF7nGiJt4Qul1VF0JMs4dNCbWDPiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJdHqWlNAV3Z7xTV4osznOFpNBlbMB8GA1UdIwQY
MBaAFIpVKobjG2nl1TIO3oHTS7EopFzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxVcWh1TWJhZVhWTWc3ZWdkTkxzU2lrWE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lOTU0YjktODczOC00NDk2LTg5YWQt
NzhhMTI2YmYwYWRjLzEvbDBlcGFVMEJYZG52Rk5YaWl6T2M0V2swR1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lOTU0YjktODczOC00NDk2LTg5YWQtNzhhMTI2YmYwYWRj
LzEvaWxVcWh1TWJhZVhWTWc3ZWdkTkxzU2lrWE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRcYAwQC
uWSAMA0EAgACMAcDBQAqAGlgMA0GCSqGSIb3DQEBCwUAA4IBAQBDU0fRIzhur8/H
mZrB3uwJ8Isd+LNJUVlsXLDkR9tgrwmBW0dpA0HmCETlae/kx/igX+FsGtRiqZSI
I/dbMum6xXG9lj6/SXJgLPYA5urd/HcgYUQeqRuhSpXqgQHJp1yxZlMfVwh+PSB/
dRIWguFaxtiSBR0RudREToC6h0Y40ov21kYK/8Ptdyu07Y7Im1DMd/51hz2Lf+n6
KvaYTlPFjfNU4ZIG9SVThjzapmG+/O7t0/PrOQzspJ7gkUuI66BOVPmSkX4QXnWL
yGiA988q/AW3LfkOta5QTNXfmU07qnvld04TNIWqJYOHRBy89IzWyXaMXuvh0xkX
xHceo+qC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:24 2025 by rpki-client