Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/03s2oLG2RmB9avOWzFdGzygWAzs.roa
File: 03s2oLG2RmB9avOWzFdGzygWAzs.roa (raw, json)
Hash identifier: JQMRWa1NEni8sUBYiZJVCZi5bihUGOWQU7Y8i+myVFc=
Subject key identifier: D3:7B:36:A0:B1:B6:46:60:7D:6A:F3:96:CC:57:46:CF:28:16:03:3B
Certificate issuer: /CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Certificate serial: 018571D7C2F10438E6F2FEDB65F9DE03D48F
Authority key identifier: 4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/03s2oLG2RmB9avOWzFdGzygWAzs.roa
Signing time: Mon 02 Jan 2023 09:37:23 +0000
ROA not before: Mon 02 Jan 2023 09:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 185.85.195.0/24 maxlen: 24
128.65.202.0/24 maxlen: 24
128.65.206.0/24 maxlen: 24
128.65.203.0/24 maxlen: 24
128.65.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c2:f1:04:38:e6:f2:fe:db:65:f9:de:03:d4:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Validity
Not Before: Jan 2 09:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d37b36a0b1b646607d6af396cc5746cf2816033b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:73:7c:64:6e:6e:1a:74:8d:01:5d:e5:a6:9f:
d6:c5:e9:e5:1d:ca:11:3b:61:20:e7:27:a2:73:2f:
41:5c:20:5b:a7:5c:3e:91:83:2e:54:76:3f:b8:e6:
d2:e7:05:d8:0a:22:38:b1:bf:5b:6a:21:96:76:30:
30:e8:13:16:e5:62:65:b6:37:8e:8c:68:af:6d:d4:
b3:14:f8:cc:f5:16:17:f7:ec:ee:1b:36:d4:cc:3e:
54:2c:35:7e:1b:56:71:a7:54:8e:63:03:c9:4d:62:
e7:14:40:2c:cf:07:4d:24:7d:71:81:5a:ae:d1:fd:
38:4c:4d:9d:45:1b:66:24:f9:b1:86:78:2d:ec:4d:
1f:cd:90:bd:e5:74:57:14:17:b9:e6:6c:73:2e:c5:
67:88:5e:e6:67:71:92:8a:aa:c6:19:ad:e7:2c:ac:
07:68:30:b9:5e:e3:e8:60:6a:b0:d9:8e:4e:fb:1b:
a5:cc:dc:b1:93:3a:43:24:ee:ef:a5:5a:d4:97:56:
b4:f0:b4:9c:d0:ba:f6:be:20:5a:b8:44:31:38:5d:
76:cb:b0:9a:ac:87:3d:30:e7:e9:43:ad:e1:fa:6d:
c7:2a:53:80:b3:c7:f9:13:93:88:1d:14:00:7a:fb:
a5:d6:c3:a2:c9:90:c6:1c:83:a3:41:af:01:ee:0b:
8c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7B:36:A0:B1:B6:46:60:7D:6A:F3:96:CC:57:46:CF:28:16:03:3B
X509v3 Authority Key Identifier:
keyid:4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/03s2oLG2RmB9avOWzFdGzygWAzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.202.0/23
128.65.206.0/23
185.85.195.0/24
Signature Algorithm: sha256WithRSAEncryption
51:2c:14:70:67:97:4e:9d:0f:83:fe:dc:3c:90:7d:be:a2:a1:
1a:01:51:af:a3:ae:08:07:0e:d9:76:5b:64:19:ed:af:1f:12:
27:d2:25:8b:3f:81:7a:e4:93:6b:5a:fb:90:60:82:91:97:95:
05:2b:45:2a:f2:f8:c2:6d:1d:e7:90:f6:d2:a3:26:ce:18:6d:
bc:f6:4b:dc:52:b4:3e:07:37:15:a1:93:d5:6b:68:8c:ac:39:
20:20:af:9f:3a:27:c5:6c:3d:6a:3c:3b:0f:c2:67:c0:a9:45:
ea:e3:3f:29:3d:a0:77:ba:3e:51:77:86:31:43:4d:56:67:d6:
bf:21:1f:73:d0:bd:a7:56:b1:04:4e:93:53:07:df:dd:bc:da:
cd:ec:94:96:2e:56:ab:37:5e:3d:2b:e7:2c:84:a7:57:a4:3e:
72:25:db:54:5b:7f:d3:85:3b:44:94:0b:90:96:25:44:3e:72:
48:41:d3:77:d5:b5:8d:d3:51:05:be:57:9c:8d:80:75:a5:71:
98:a7:1e:59:e2:ba:26:71:33:ed:b5:4d:eb:dd:0e:aa:dc:cc:
d5:90:88:ac:9d:8b:2b:6d:87:47:d3:3e:64:42:01:d7:2d:e3:
c3:2d:85:9c:89:a7:b7:ce:77:f5:1a:a4:a7:74:78:37:10:b1:
29:1b:a8:2d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx18LxBDjm8v7bZfneA9SPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTE0NmJiNGUyMTk3NDRmNThjMjY4ZTllYzYyMWMxOGRk
MjI5YzMwHhcNMjMwMTAyMDkzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzdiMzZhMGIxYjY0NjYwN2Q2YWYzOTZjYzU3NDZjZjI4MTYwMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9HN8ZG5uGnSNAV3lpp/WxenlHcoR
O2Eg5yeicy9BXCBbp1w+kYMuVHY/uObS5wXYCiI4sb9baiGWdjAw6BMW5WJltjeO
jGivbdSzFPjM9RYX9+zuGzbUzD5ULDV+G1Zxp1SOYwPJTWLnFEAszwdNJH1xgVqu
0f04TE2dRRtmJPmxhngt7E0fzZC95XRXFBe55mxzLsVniF7mZ3GSiqrGGa3nLKwH
aDC5XuPoYGqw2Y5O+xulzNyxkzpDJO7vpVrUl1a08LSc0Lr2viBauEQxOF12y7Ca
rIc9MOfpQ63h+m3HKlOAs8f5E5OIHRQAevul1sOiyZDGHIOjQa8B7guM4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNN7NqCxtkZgfWrzlsxXRs8oFgM7MB8GA1UdIwQY
MBaAFE5RRrtOIZdE9Ywmjp7GIcGN0inDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQt
YzkyMGM1MTdkNjAwLzEvMDNzMm9MRzJSbUI5YXZPV3pGZEd6eWdXQXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQtYzkyMGM1MTdkNjAw
LzEvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBgEHKAwQB
gEHOAwQAuVXDMA0GCSqGSIb3DQEBCwUAA4IBAQBRLBRwZ5dOnQ+D/tw8kH2+oqEa
AVGvo64IBw7ZdltkGe2vHxIn0iWLP4F65JNrWvuQYIKRl5UFK0Uq8vjCbR3nkPbS
oybOGG289kvcUrQ+BzcVoZPVa2iMrDkgIK+fOifFbD1qPDsPwmfAqUXq4z8pPaB3
uj5Rd4YxQ01WZ9a/IR9z0L2nVrEETpNTB9/dvNrN7JSWLlarN149K+cshKdXpD5y
JdtUW3/ThTtElAuQliVEPnJIQdN31bWN01EFvlecjYB1pXGYpx5Z4romcTPttU3r
3Q6q3MzVkIisnYsrbYdH0z5kQgHXLePDLYWciae3znf1GqSndHg3ELEpG6gt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:34 2025 by rpki-client