Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/GrDfPq5eGtpWrI8fxZJnDZAKFoA.roa
File: GrDfPq5eGtpWrI8fxZJnDZAKFoA.roa (raw, json)
Hash identifier: 9m/KK96/QU1cmWnRDobR7IvVPWPuJI3vJ/Jx9NVLqVw=
Subject key identifier: 1A:B0:DF:3E:AE:5E:1A:DA:56:AC:8F:1F:C5:92:67:0D:90:0A:16:80
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 01874BA784561EC7A3F7D7E66E57616F3B2E
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/GrDfPq5eGtpWrI8fxZJnDZAKFoA.roa
Signing time: Tue 04 Apr 2023 09:44:42 +0000
ROA not before: Tue 04 Apr 2023 09:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.125.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:a7:84:56:1e:c7:a3:f7:d7:e6:6e:57:61:6f:3b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Apr 4 09:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ab0df3eae5e1ada56ac8f1fc592670d900a1680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d9:7e:48:2c:e8:92:0b:e4:fc:c6:55:ad:48:
c3:9a:71:31:7c:3a:34:56:c6:df:50:8c:93:f6:34:
ef:c7:91:b4:51:61:5b:30:8a:4e:61:5f:fc:b8:9c:
12:9d:f4:32:36:5f:5c:0e:5f:b1:32:54:cc:83:35:
11:5b:0d:23:2f:20:8d:a1:c3:14:09:e5:35:f4:c0:
02:9f:d6:14:37:de:17:6a:34:51:3c:20:e3:dd:51:
0a:cf:77:a3:ef:ab:85:f8:bb:3a:72:23:a1:74:7a:
a4:de:de:a5:2b:92:c2:fd:1d:88:51:ea:29:34:09:
7d:96:bf:a2:16:03:26:ed:fc:1d:28:7b:5a:c0:59:
39:94:22:05:41:22:06:0b:02:98:d2:ce:d4:10:43:
ce:ca:f1:d8:be:1d:cb:72:fe:98:d7:d2:ee:d5:3a:
4b:9e:e2:ea:54:84:a2:9b:52:a1:04:0e:6e:3c:7e:
00:dd:d7:52:03:51:76:84:75:5d:46:d1:10:b3:30:
40:22:cc:28:56:3a:54:a5:65:c7:26:c6:79:d1:ec:
a4:d0:9a:3f:01:06:40:5c:ad:2b:67:7b:6e:9c:68:
3d:80:98:ea:06:17:ac:80:72:69:03:fd:40:28:91:
ed:c1:97:e5:c3:8c:c4:11:0d:be:b0:f4:2a:04:86:
fb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B0:DF:3E:AE:5E:1A:DA:56:AC:8F:1F:C5:92:67:0D:90:0A:16:80
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/GrDfPq5eGtpWrI8fxZJnDZAKFoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.20.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:12:b2:f3:6a:c8:23:b9:92:9c:cb:d8:ef:5e:92:5c:f6:14:
cd:c0:e0:e8:9f:23:dd:c9:25:c5:e1:79:93:1d:81:53:74:67:
c9:42:df:8c:9f:b5:08:2c:a7:e4:77:8a:2e:b3:b3:fb:00:22:
76:49:1a:73:ed:71:c1:18:31:e1:9d:12:64:b2:41:e3:3d:35:
3e:43:07:2c:88:03:28:f5:ef:42:af:99:df:77:22:12:63:a3:
f2:ed:68:bc:b3:12:41:ef:95:f0:06:c9:82:6f:26:b4:8c:38:
98:79:15:26:f0:3a:e6:73:d4:cf:e9:79:73:b0:9b:ed:27:10:
56:91:b2:8d:27:d1:0d:2f:76:29:88:ce:66:ac:5e:6c:e3:8c:
a6:3d:1f:5f:60:8c:9b:a7:f2:dc:07:01:7c:78:81:89:e1:57:
19:42:31:83:9b:25:6b:22:16:cd:8a:90:f5:d5:32:c1:a5:9b:
40:d4:5f:6b:e2:6e:94:bb:91:55:60:02:a9:28:61:48:74:fb:
91:e8:ec:88:a2:11:7d:89:95:3e:38:3a:64:f8:03:76:49:eb:
9c:8a:20:e6:c0:ce:40:aa:84:b4:0c:77:91:a5:eb:ac:36:83:
b0:88:ab:12:3d:65:38:dc:0c:aa:5e:6b:fd:9b:76:74:b2:d0:
60:01:52:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdLp4RWHsej99fmbldhbzsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjMwNDA0MDk0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWIwZGYzZWFlNWUxYWRhNTZhYzhmMWZjNTkyNjcwZDkwMGExNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNl+SCzokgvk/MZVrUjDmnExfDo0
VsbfUIyT9jTvx5G0UWFbMIpOYV/8uJwSnfQyNl9cDl+xMlTMgzURWw0jLyCNocMU
CeU19MACn9YUN94XajRRPCDj3VEKz3ej76uF+Ls6ciOhdHqk3t6lK5LC/R2IUeop
NAl9lr+iFgMm7fwdKHtawFk5lCIFQSIGCwKY0s7UEEPOyvHYvh3Lcv6Y19Lu1TpL
nuLqVISim1KhBA5uPH4A3ddSA1F2hHVdRtEQszBAIswoVjpUpWXHJsZ50eyk0Jo/
AQZAXK0rZ3tunGg9gJjqBhesgHJpA/1AKJHtwZflw4zEEQ2+sPQqBIb7EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqw3z6uXhraVqyPH8WSZw2QChaAMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvR3JEZlBxNWVHdHBXckk4ZnhaSm5EWkFLRm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX0UMA0G
CSqGSIb3DQEBCwUAA4IBAQCpErLzasgjuZKcy9jvXpJc9hTNwODonyPdySXF4XmT
HYFTdGfJQt+Mn7UILKfkd4ous7P7ACJ2SRpz7XHBGDHhnRJkskHjPTU+QwcsiAMo
9e9Cr5nfdyISY6Py7Wi8sxJB75XwBsmCbya0jDiYeRUm8Drmc9TP6XlzsJvtJxBW
kbKNJ9ENL3YpiM5mrF5s44ymPR9fYIybp/LcBwF8eIGJ4VcZQjGDmyVrIhbNipD1
1TLBpZtA1F9r4m6Uu5FVYAKpKGFIdPuR6OyIohF9iZU+ODpk+AN2SeuciiDmwM5A
qoS0DHeRpeusNoOwiKsSPWU43AyqXmv9m3Z0stBgAVLW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:32 2025 by rpki-client