Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/N1k13R0awzGb0o-irwk9_X2KpdQ.roa
File: N1k13R0awzGb0o-irwk9_X2KpdQ.roa (raw, json)
Hash identifier: nFf5d5suRbrxbqG8gm8CaruP6PDpOVQgThkrlSWI+FM=
Subject key identifier: 37:59:35:DD:1D:1A:C3:31:9B:D2:8F:A2:AF:09:3D:FD:7D:8A:A5:D4
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0188C3F1BA52FAEE4D0EB120B1C3E9660E67
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/N1k13R0awzGb0o-irwk9_X2KpdQ.roa
Signing time: Fri 16 Jun 2023 11:22:58 +0000
ROA not before: Fri 16 Jun 2023 11:22:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212157
IP address blocks: 185.52.4.0/22 maxlen: 24
147.181.0.0/22 maxlen: 24
2a04:9a00:1040::/44 maxlen: 48
2a04:9a00:1010::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:f1:ba:52:fa:ee:4d:0e:b1:20:b1:c3:e9:66:0e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jun 16 11:22:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=375935dd1d1ac3319bd28fa2af093dfd7d8aa5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:44:16:5e:ed:a5:e4:c0:87:73:da:5e:ce:36:
c6:26:e0:d2:0a:ec:1e:c9:bd:c8:12:92:6c:3b:16:
13:a5:52:f7:7a:0a:03:c6:7b:de:af:94:ab:da:e5:
6f:a2:47:ce:66:e8:ba:42:7b:ed:77:13:ec:22:0c:
bd:88:3b:9e:c3:c6:6f:c8:64:f6:23:63:ab:dc:83:
38:ec:a9:8d:96:e5:46:d7:32:fa:09:61:a3:f4:ea:
3c:3b:b3:6e:a2:0d:8d:85:b8:af:01:25:7c:ef:51:
31:a9:c9:18:15:4d:b2:30:2a:67:ee:41:e0:98:4a:
6f:f1:74:83:83:5c:82:70:76:2a:c6:63:49:35:9d:
dd:6c:18:49:d9:ab:df:58:73:ec:f8:c6:98:84:1f:
7c:19:8f:da:d0:8f:a0:24:b4:79:3d:70:ed:e2:df:
65:b5:7a:88:c3:3e:30:51:24:1c:c4:14:cd:b4:ff:
ff:ee:2c:b4:58:7e:62:8d:84:4e:33:10:a0:05:07:
b7:13:0e:f6:71:0c:7b:85:51:6e:28:63:b5:7c:f4:
7d:7b:ee:36:19:8e:fb:66:65:ec:b1:71:d9:55:ae:
13:45:ad:94:8b:01:df:d0:29:db:bd:2d:cd:fa:76:
ee:0a:7a:c5:38:c9:bd:61:94:17:d9:9f:91:a6:40:
cb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:59:35:DD:1D:1A:C3:31:9B:D2:8F:A2:AF:09:3D:FD:7D:8A:A5:D4
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/N1k13R0awzGb0o-irwk9_X2KpdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.0.0/22
185.52.4.0/22
IPv6:
2a04:9a00:1010::/44
2a04:9a00:1040::/44
Signature Algorithm: sha256WithRSAEncryption
9a:74:3f:ec:5b:72:60:a1:c8:0d:df:25:2b:94:f6:b1:fb:f9:
3d:53:6d:1e:21:18:94:0c:c2:a2:a2:c6:43:22:80:a2:13:cf:
33:e1:e4:0f:3a:4f:b6:fb:68:b1:53:d8:5f:ba:5c:06:d9:8a:
bc:16:09:50:de:b9:50:4e:31:02:1b:d6:9d:3c:15:25:01:cf:
ff:69:c8:0b:5d:e2:90:3c:af:df:d4:2e:a5:76:8e:35:fc:fc:
b5:7f:22:bb:ca:af:1c:ce:ef:a9:0c:4a:d9:32:3f:e9:c8:c6:
e4:79:60:98:da:cd:60:91:53:30:0b:d0:56:d3:4f:34:91:6c:
df:df:99:c3:e4:36:31:7e:0a:e0:7f:42:ce:02:40:28:da:d1:
c0:90:5f:84:91:a1:45:98:3a:e2:d4:e6:a8:06:b3:9d:c4:7c:
66:ff:fc:35:e0:c8:8d:be:b7:70:80:32:99:e1:91:e4:bb:02:
65:01:c5:82:6a:31:3b:ac:9e:eb:04:8d:b5:a2:95:07:0b:a5:
82:7a:6e:9d:0f:70:e4:40:3e:9a:26:b8:f1:40:7b:d0:af:26:
64:a1:56:38:13:e1:0b:e6:19:f5:29:36:10:d2:60:37:b8:80:
13:81:e9:f5:cf:7d:85:c1:7e:98:5c:48:27:83:8d:be:34:41:
c4:39:3d:53
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYjD8bpS+u5NDrEgscPpZg5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwNjE2MTEyMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzU5MzVkZDFkMWFjMzMxOWJkMjhmYTJhZjA5M2RmZDdkOGFhNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkQWXu2l5MCHc9pezjbGJuDSCuwe
yb3IEpJsOxYTpVL3egoDxnver5Sr2uVvokfOZui6QnvtdxPsIgy9iDuew8ZvyGT2
I2Or3IM47KmNluVG1zL6CWGj9Oo8O7Nuog2NhbivASV871ExqckYFU2yMCpn7kHg
mEpv8XSDg1yCcHYqxmNJNZ3dbBhJ2avfWHPs+MaYhB98GY/a0I+gJLR5PXDt4t9l
tXqIwz4wUSQcxBTNtP//7iy0WH5ijYROMxCgBQe3Ew72cQx7hVFuKGO1fPR9e+42
GY77ZmXssXHZVa4TRa2UiwHf0CnbvS3N+nbuCnrFOMm9YZQX2Z+RpkDL8wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDdZNd0dGsMxm9KPoq8JPf19iqXUMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvTjFrMTNSMGF3ekdiMG8taXJ3azlfWDJLcGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCk7UAAwQC
uTQEMBgEAgACMBIDBwQqBJoAEBADBwQqBJoAEEAwDQYJKoZIhvcNAQELBQADggEB
AJp0P+xbcmChyA3fJSuU9rH7+T1TbR4hGJQMwqKixkMigKITzzPh5A86T7b7aLFT
2F+6XAbZirwWCVDeuVBOMQIb1p08FSUBz/9pyAtd4pA8r9/ULqV2jjX8/LV/IrvK
rxzO76kMStkyP+nIxuR5YJjazWCRUzAL0FbTTzSRbN/fmcPkNjF+CuB/Qs4CQCja
0cCQX4SRoUWYOuLU5qgGs53EfGb//DXgyI2+t3CAMpnhkeS7AmUBxYJqMTusnusE
jbWilQcLpYJ6bp0PcORAPpomuPFAe9CvJmShVjgT4QvmGfUpNhDSYDe4gBOB6fXP
fYXBfphcSCeDjb40QcQ5PVM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:52 2025 by rpki-client