Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/GlaRyUlFAIGJPLCpoGA3FlHD4og.roa
File: GlaRyUlFAIGJPLCpoGA3FlHD4og.roa (raw, json)
Hash identifier: iA8koX0xKc7iZyFvb2yZVmN8HIaFBuN4sUMkoddbLVs=
Subject key identifier: 1A:56:91:C9:49:45:00:81:89:3C:B0:A9:A0:60:37:16:51:C3:E2:88
Certificate issuer: /CN=f3c86ea2995e934b65041911cb9eb65872c2289f
Certificate serial: 01856C9CD13C180A1B3F9D481E634CF7CA02
Authority key identifier: F3:C8:6E:A2:99:5E:93:4B:65:04:19:11:CB:9E:B6:58:72:C2:28:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88huoplek0tlBBkRy562WHLCKJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/GlaRyUlFAIGJPLCpoGA3FlHD4og.roa
Signing time: Sun 01 Jan 2023 09:14:54 +0000
ROA not before: Sun 01 Jan 2023 09:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209026
IP address blocks: 185.159.144.0/22 maxlen: 22
185.226.165.0/24 maxlen: 24
2a0d:e200::/29 maxlen: 29
2a0f:d540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:d1:3c:18:0a:1b:3f:9d:48:1e:63:4c:f7:ca:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3c86ea2995e934b65041911cb9eb65872c2289f
Validity
Not Before: Jan 1 09:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a5691c949450081893cb0a9a060371651c3e288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e8:fa:2f:3c:23:99:0c:ba:63:84:c1:85:a9:
f9:3b:fd:22:94:da:67:6b:0d:01:47:26:a3:e7:b2:
2a:fb:4c:79:48:70:ac:f1:9d:47:43:c5:7c:ca:5f:
40:89:06:25:9b:c8:9f:29:c0:45:d5:de:44:49:e1:
ba:51:3e:8c:64:48:f4:e8:11:58:34:55:a0:4d:4a:
91:23:63:f0:ba:2c:0a:69:18:1f:6b:22:9e:45:9f:
10:f0:c0:8e:19:92:5f:b4:f9:57:43:fb:7a:a5:57:
46:ae:08:28:25:9b:b1:2d:b9:d1:ca:a1:39:22:6e:
4e:d3:63:4b:ec:e3:4f:a3:b9:59:72:53:32:6a:6a:
2d:5b:30:5a:77:f5:4f:26:3f:0b:d9:96:b9:7b:8a:
89:e6:42:6e:cd:e3:d1:31:8e:9b:35:26:17:55:11:
d2:69:5a:c1:1c:c8:dc:3e:c5:a9:91:f0:e1:cb:bf:
60:ba:d8:44:a0:c8:7b:12:3d:63:17:0b:17:66:a2:
49:f3:23:f3:51:d4:a1:04:01:21:ca:2b:bb:51:41:
48:70:35:5b:d1:fd:8e:6d:01:18:ab:1d:7f:2f:6a:
96:f9:53:ae:08:a2:97:5d:86:07:2e:45:37:04:59:
37:bf:24:90:b5:34:f1:74:31:f4:3d:65:a2:bc:7f:
9a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:56:91:C9:49:45:00:81:89:3C:B0:A9:A0:60:37:16:51:C3:E2:88
X509v3 Authority Key Identifier:
keyid:F3:C8:6E:A2:99:5E:93:4B:65:04:19:11:CB:9E:B6:58:72:C2:28:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88huoplek0tlBBkRy562WHLCKJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/GlaRyUlFAIGJPLCpoGA3FlHD4og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/88huoplek0tlBBkRy562WHLCKJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.144.0/22
185.226.165.0/24
IPv6:
2a0d:e200::/29
2a0f:d540::/29
Signature Algorithm: sha256WithRSAEncryption
b7:ca:b4:14:12:d4:de:f8:35:36:e3:93:09:2c:f5:57:02:20:
86:e7:68:5f:df:10:75:28:3b:6f:0d:e9:29:93:02:fc:d9:b4:
97:fe:0c:73:a0:76:94:6b:9a:76:0a:f8:92:ed:ff:ed:fc:fe:
1a:63:b0:b8:4d:4d:34:c5:a6:23:c5:cd:ff:bc:03:3f:d2:65:
5e:e1:c0:33:66:0d:6e:fb:c4:cd:3f:06:8d:dd:0f:31:64:40:
5c:1c:99:48:a4:b3:dd:21:fc:00:b5:83:c9:81:47:16:77:f6:
4c:d3:69:c8:72:0e:dd:a4:16:36:cc:e1:59:17:7e:52:d2:38:
1d:2a:df:70:21:3b:bd:75:82:b9:7e:9a:5b:83:d0:41:6c:d3:
b0:41:25:df:18:4d:be:da:b7:b3:b2:b4:d3:e8:a9:82:29:f0:
1a:23:30:5a:ed:13:1f:63:24:a3:57:9b:b8:fb:d4:28:74:43:
cb:33:8d:34:8e:3a:7a:b1:91:be:a0:ce:fb:6f:a4:05:da:7f:
e0:e8:ee:3b:71:79:e6:54:1a:cb:4c:d8:12:96:c5:ea:cb:f2:
31:8e:32:63:50:e7:36:a6:c6:e7:f6:7c:c2:ea:c8:a0:6c:c9:
c3:fb:65:34:62:42:71:d3:60:5d:bf:99:c7:71:38:ed:1f:cc:
3f:79:8c:c1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVsnNE8GAobP51IHmNM98oCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYzg2ZWEyOTk1ZTkzNGI2NTA0MTkxMWNiOWViNjU4NzJj
MjI4OWYwHhcNMjMwMTAxMDkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTU2OTFjOTQ5NDUwMDgxODkzY2IwYTlhMDYwMzcxNjUxYzNlMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+j6LzwjmQy6Y4TBhan5O/0ilNpn
aw0BRyaj57Iq+0x5SHCs8Z1HQ8V8yl9AiQYlm8ifKcBF1d5ESeG6UT6MZEj06BFY
NFWgTUqRI2PwuiwKaRgfayKeRZ8Q8MCOGZJftPlXQ/t6pVdGrggoJZuxLbnRyqE5
Im5O02NL7ONPo7lZclMyamotWzBad/VPJj8L2Za5e4qJ5kJuzePRMY6bNSYXVRHS
aVrBHMjcPsWpkfDhy79guthEoMh7Ej1jFwsXZqJJ8yPzUdShBAEhyiu7UUFIcDVb
0f2ObQEYqx1/L2qW+VOuCKKXXYYHLkU3BFk3vySQtTTxdDH0PWWivH+aUwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBpWkclJRQCBiTywqaBgNxZRw+KIMB8GA1UdIwQY
MBaAFPPIbqKZXpNLZQQZEcuetlhywiifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODhodW9wbGVrMHRsQkJrUnk1NjJXSExDS0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNTU0YWEtZTRlZC00OTQ4LWI2ZmMt
YzYzNWQ4ZWVkNDQ3LzEvR2xhUnlVbEZBSUdKUExDcG9HQTNGbEhENG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNTU0YWEtZTRlZC00OTQ4LWI2ZmMtYzYzNWQ4ZWVkNDQ3
LzEvODhodW9wbGVrMHRsQkJrUnk1NjJXSExDS0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuZ+QAwQA
ueKlMBQEAgACMA4DBQMqDeIAAwUDKg/VQDANBgkqhkiG9w0BAQsFAAOCAQEAt8q0
FBLU3vg1NuOTCSz1VwIghudoX98QdSg7bw3pKZMC/Nm0l/4Mc6B2lGuadgr4ku3/
7fz+GmOwuE1NNMWmI8XN/7wDP9JlXuHAM2YNbvvEzT8Gjd0PMWRAXByZSKSz3SH8
ALWDyYFHFnf2TNNpyHIO3aQWNszhWRd+UtI4HSrfcCE7vXWCuX6aW4PQQWzTsEEl
3xhNvtq3s7K00+ipginwGiMwWu0TH2Mko1ebuPvUKHRDyzONNI46erGRvqDO+2+k
Bdp/4OjuO3F55lQay0zYEpbF6svyMY4yY1DnNqbG5/Z8wurIoGzJw/tlNGJCcdNg
Xb+Zx3E47R/MP3mMwQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:08:08 2025 by rpki-client