Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1H-_lcXACPBH4v84LVGNMq-E4u0.roa
File: 1H-_lcXACPBH4v84LVGNMq-E4u0.roa (raw, json)
Hash identifier: JXB4ITEYw1OWqfKnaKkWSKCPcnpkbBbH4eGPpFR2Ai4=
Subject key identifier: D4:7F:BF:95:C5:C0:08:F0:47:E2:FF:38:2D:51:8D:32:AF:84:E2:ED
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 17525320
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1H-_lcXACPBH4v84LVGNMq-E4u0.roa
Signing time: Sat 01 Jan 2022 16:03:54 +0000
ROA not before: Sat 01 Jan 2022 16:03:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50667
IP address blocks: 188.214.156.0/24 maxlen: 24
185.99.89.0/24 maxlen: 24
185.99.88.0/24 maxlen: 24
188.240.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391271200 (0x17525320)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:03:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d47fbf95c5c008f047e2ff382d518d32af84e2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:16:5b:a8:50:30:7a:60:48:d4:ea:9f:09:8f:
44:c5:37:c1:51:88:ab:35:ef:73:a9:48:9f:33:da:
59:a6:8b:b1:40:b7:5f:b4:ad:42:47:fc:9c:81:79:
4f:df:d4:55:1b:7d:82:c2:86:c3:b3:f1:11:df:77:
b9:66:89:7f:80:59:ef:ef:c3:49:fa:0a:3a:c8:7e:
fa:12:af:f3:7a:83:29:d2:d7:07:f0:79:d4:af:c1:
a9:e1:df:26:4b:fd:9d:49:56:eb:82:35:30:e5:8c:
1a:9d:58:7f:99:98:e9:27:7a:85:82:dd:08:74:99:
5c:1f:5f:6b:8c:89:e4:97:90:38:a3:d3:66:58:01:
1c:e6:e0:38:b4:5d:dd:b8:bc:df:d0:9c:55:cf:14:
02:a7:95:cd:5b:9d:f9:77:15:39:00:17:df:c3:7a:
85:e4:3c:99:7a:b7:26:5d:fe:96:1d:91:1e:21:6e:
d9:55:22:47:b9:11:d9:c7:67:41:15:c0:e4:c3:5d:
74:e5:d3:45:5b:8d:e8:01:c1:04:d5:f9:4f:59:1d:
81:ca:72:32:60:03:12:3c:87:59:06:9f:b6:38:1b:
ef:a8:c8:0d:ca:0d:66:e2:d4:2a:5f:4e:42:cd:ec:
e5:6b:0b:6c:a6:1f:c8:79:93:7f:9e:33:d1:09:8b:
48:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7F:BF:95:C5:C0:08:F0:47:E2:FF:38:2D:51:8D:32:AF:84:E2:ED
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1H-_lcXACPBH4v84LVGNMq-E4u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.88.0/23
188.214.156.0/24
188.240.12.0/24
Signature Algorithm: sha256WithRSAEncryption
56:cb:fe:1c:bd:b3:28:93:34:8c:18:2f:c1:ac:95:d1:99:31:
a1:12:3d:99:7b:8f:b3:49:0f:64:a3:8b:bd:50:8c:d3:02:5b:
f2:33:fb:db:3e:10:80:cc:35:9c:bb:ca:b1:38:0c:8f:a0:12:
ff:0e:a0:a0:2c:0e:ea:55:b4:a9:f2:ec:41:7c:d9:b4:1e:4f:
e4:29:44:bd:d6:0e:a7:5c:41:c0:f0:24:9d:2a:85:af:e6:de:
5b:5a:0b:04:41:7b:b1:98:ac:8f:87:7e:74:aa:a4:ca:c6:03:
02:08:7c:0e:7a:3e:3b:67:f5:d2:2c:b7:89:1d:c4:0e:1e:b7:
d5:b9:a8:8f:4d:da:02:94:42:3c:47:9b:cf:a9:c1:92:50:12:
06:8e:26:43:63:de:22:cd:0d:22:b1:3c:e0:13:39:8c:0d:56:
3a:e1:fb:2f:35:c8:54:09:e6:2a:21:0a:b7:85:c9:02:5a:b2:
0c:3b:74:d6:a7:ba:c6:be:05:99:28:09:f0:2c:3e:24:4f:de:
92:4f:da:a2:e3:95:7b:b6:9a:13:77:cc:aa:d4:ef:77:24:58:
01:14:2a:b2:fe:d9:b8:9c:47:16:93:85:c6:55:90:30:0a:02:
2e:3f:73:bf:22:3b:ee:c6:94:4a:0d:8d:8e:22:32:19:4e:36:
ec:cb:b9:07
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEF1JTIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGYxMzJkZjEzZTRiZTUzZDgyNTBjOGM0ODQyMDI2NGVlZjZjMTRjMB4XDTIyMDEw
MTE2MDM1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQ3ZmJmOTVjNWMw
MDhmMDQ3ZTJmZjM4MmQ1MThkMzJhZjg0ZTJlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJEWW6hQMHpgSNTqnwmPRMU3wVGIqzXvc6lInzPaWaaLsUC3
X7StQkf8nIF5T9/UVRt9gsKGw7PxEd93uWaJf4BZ7+/DSfoKOsh++hKv83qDKdLX
B/B51K/BqeHfJkv9nUlW64I1MOWMGp1Yf5mY6Sd6hYLdCHSZXB9fa4yJ5JeQOKPT
ZlgBHObgOLRd3bi839CcVc8UAqeVzVud+XcVOQAX38N6heQ8mXq3Jl3+lh2RHiFu
2VUiR7kR2cdnQRXA5MNddOXTRVuN6AHBBNX5T1kdgcpyMmADEjyHWQaftjgb76jI
DcoNZuLUKl9OQs3s5WsLbKYfyHmTf54z0QmLSDcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTUf7+VxcAI8Efi/zgtUY0yr4Ti7TAfBgNVHSMEGDAWgBR98TLfE+S+U9gl
DIxIQgJk7vbBTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8x
LzFILV9sY1hBQ1BCSDR2ODRMVkdOTXEtRTR1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8xL2ZmRXkzeFBrdmxQ
WUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAbljWAMEALzWnAMEALzwDDANBgkq
hkiG9w0BAQsFAAOCAQEAVsv+HL2zKJM0jBgvwayV0ZkxoRI9mXuPs0kPZKOLvVCM
0wJb8jP72z4QgMw1nLvKsTgMj6AS/w6goCwO6lW0qfLsQXzZtB5P5ClEvdYOp1xB
wPAknSqFr+beW1oLBEF7sZisj4d+dKqkysYDAgh8Dno+O2f10iy3iR3EDh631bmo
j03aApRCPEebz6nBklASBo4mQ2PeIs0NIrE84BM5jA1WOuH7LzXIVAnmKiEKt4XJ
AlqyDDt01qe6xr4FmSgJ8Cw+JE/ekk/aouOVe7aaE3fMqtTvdyRYARQqsv7ZuJxH
FpOFxlWQMAoCLj9zvyI77saUSg2NjiIyGU427Mu5Bw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:46 2025 by rpki-client