Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/F1rP45nXCJDYvQXVFLfyRbVt41k.roa
File: F1rP45nXCJDYvQXVFLfyRbVt41k.roa (raw, json)
Hash identifier: rFxuT3wTS5xhMRBGKJLaXD3A1cVz6j2nmQj3HKqu2O8=
Subject key identifier: 17:5A:CF:E3:99:D7:08:90:D8:BD:05:D5:14:B7:F2:45:B5:6D:E3:59
Certificate issuer: /CN=f963247d0d83b9f608cf864f427cdfe94b252a10
Certificate serial: 018B417EBBDA6C3BF3795023C5C04D6A32F3
Authority key identifier: F9:63:24:7D:0D:83:B9:F6:08:CF:86:4F:42:7C:DF:E9:4B:25:2A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/F1rP45nXCJDYvQXVFLfyRbVt41k.roa
Signing time: Wed 18 Oct 2023 06:35:06 +0000
ROA not before: Wed 18 Oct 2023 06:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202191
IP address blocks: 185.26.211.0/24 maxlen: 24
185.26.210.0/24 maxlen: 24
185.26.210.0/23 maxlen: 23
185.26.208.0/24 maxlen: 24
193.53.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:7e:bb:da:6c:3b:f3:79:50:23:c5:c0:4d:6a:32:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f963247d0d83b9f608cf864f427cdfe94b252a10
Validity
Not Before: Oct 18 06:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=175acfe399d70890d8bd05d514b7f245b56de359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e8:be:c9:cd:55:77:0e:5c:ed:6a:73:a3:cd:
72:77:18:3b:d0:ad:6e:16:df:a4:11:ce:28:fa:70:
f7:e8:be:61:c8:71:e3:de:63:89:a9:36:38:d0:36:
20:d5:d1:1c:87:18:d9:ac:6d:57:55:c5:d8:8a:42:
6e:30:e7:9f:ba:e3:f3:aa:1c:d2:f1:fe:9c:e4:10:
20:4d:5e:79:e1:47:f5:93:12:2d:8f:c3:5e:5f:c8:
a0:60:3d:64:37:5a:e8:68:6f:6c:1b:60:17:e5:3c:
8f:a0:5a:71:b4:3b:a7:fc:5a:3a:eb:5c:ac:66:d1:
4d:f5:bb:69:9b:9d:51:12:88:ae:28:0d:c5:43:32:
4d:67:47:13:0b:24:93:41:3f:03:4f:98:04:31:75:
bc:74:8c:ae:99:13:3d:53:19:7b:9f:06:95:79:f3:
d7:5b:d7:66:db:f8:40:fd:62:05:53:df:18:21:de:
45:d2:f6:94:97:85:41:17:d0:c9:9b:43:7a:35:f3:
fe:ae:0a:7e:0a:20:cb:d9:02:f1:0e:02:28:04:5a:
5b:9a:b3:87:ac:d1:90:68:ed:e6:13:cf:01:f2:21:
66:14:15:67:0a:08:60:50:82:b4:b9:5c:29:cf:47:
cc:c7:22:10:3d:d0:b7:87:85:a3:f8:45:30:43:d0:
ee:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5A:CF:E3:99:D7:08:90:D8:BD:05:D5:14:B7:F2:45:B5:6D:E3:59
X509v3 Authority Key Identifier:
keyid:F9:63:24:7D:0D:83:B9:F6:08:CF:86:4F:42:7C:DF:E9:4B:25:2A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/F1rP45nXCJDYvQXVFLfyRbVt41k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.208.0/24
185.26.210.0/23
193.53.39.0/24
Signature Algorithm: sha256WithRSAEncryption
40:9c:c5:0e:ca:92:1e:7a:b0:ba:96:79:b5:21:f0:9c:d4:86:
2c:55:99:cf:49:80:68:f2:70:58:55:cf:4d:29:33:3c:0b:0e:
35:50:b2:a5:c4:00:50:85:9e:49:ec:4f:74:65:c8:69:ea:b2:
88:13:d0:c5:40:7f:36:13:e5:96:7b:bf:33:93:c2:8c:bd:9b:
59:46:ea:5b:59:66:af:42:b1:f9:04:5d:ef:d1:f3:16:f6:b0:
c7:ef:1b:47:51:14:1b:8d:67:41:10:91:1b:7f:3d:c7:5c:8a:
f3:cd:62:4b:c2:3b:aa:39:9d:c7:7c:6b:7b:64:7d:f4:4a:14:
d9:bb:6e:c9:9a:24:ac:ec:15:48:6d:1d:23:30:9b:75:00:2e:
71:e8:8e:7f:95:15:92:7f:d0:31:7f:70:b4:1a:ac:86:9b:06:
8c:20:30:a9:c3:b8:b4:ff:16:7c:7d:c5:02:c9:23:fd:16:36:
21:29:19:e2:ab:8a:c3:5e:a7:5c:9c:7a:69:af:ab:e1:3a:c8:
56:1b:f5:93:c4:0d:76:b4:40:09:81:dc:2f:8a:c3:c3:83:9d:
93:d9:ad:26:38:ff:70:5b:38:bf:00:a6:78:87:a6:f0:c8:78:
7b:74:61:4b:df:1e:55:0a:c2:27:84:a0:51:fd:d5:8b:54:4c:
f0:7b:42:bd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYtBfrvabDvzeVAjxcBNajLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NjMyNDdkMGQ4M2I5ZjYwOGNmODY0ZjQyN2NkZmU5NGIy
NTJhMTAwHhcNMjMxMDE4MDYzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzVhY2ZlMzk5ZDcwODkwZDhiZDA1ZDUxNGI3ZjI0NWI1NmRlMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqei+yc1Vdw5c7Wpzo81ydxg70K1u
Ft+kEc4o+nD36L5hyHHj3mOJqTY40DYg1dEchxjZrG1XVcXYikJuMOefuuPzqhzS
8f6c5BAgTV554Uf1kxItj8NeX8igYD1kN1roaG9sG2AX5TyPoFpxtDun/Fo661ys
ZtFN9btpm51REoiuKA3FQzJNZ0cTCySTQT8DT5gEMXW8dIyumRM9Uxl7nwaVefPX
W9dm2/hA/WIFU98YId5F0vaUl4VBF9DJm0N6NfP+rgp+CiDL2QLxDgIoBFpbmrOH
rNGQaO3mE88B8iFmFBVnCghgUIK0uVwpz0fMxyIQPdC3h4Wj+EUwQ9Du1QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBdaz+OZ1wiQ2L0F1RS38kW1beNZMB8GA1UdIwQY
MBaAFPljJH0Ng7n2CM+GT0J83+lLJSoQMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1XTWtmUTJEdWZZSXo0WlBRbnpmNlVzbEtoQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYvOTViNDM0LTNkZTAtNDhlOS04OGU5
LTJkN2YzODQ3NGMwOC8xL0YxclA0NW5YQ0pEWXZRWFZGTGZ5UmJWdDQxay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzYvOTViNDM0LTNkZTAtNDhlOS04OGU5LTJkN2YzODQ3NGMw
OC8xLzEtV01rZlEyRHVmWUl6NFpQUW56ZjZVc2xLaEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAC5GtAD
BAG5GtIDBADBNScwDQYJKoZIhvcNAQELBQADggEBAECcxQ7Kkh56sLqWebUh8JzU
hixVmc9JgGjycFhVz00pMzwLDjVQsqXEAFCFnknsT3RlyGnqsogT0MVAfzYT5ZZ7
vzOTwoy9m1lG6ltZZq9CsfkEXe/R8xb2sMfvG0dRFBuNZ0EQkRt/PcdcivPNYkvC
O6o5ncd8a3tkffRKFNm7bsmaJKzsFUhtHSMwm3UALnHojn+VFZJ/0DF/cLQarIab
BowgMKnDuLT/Fnx9xQLJI/0WNiEpGeKrisNep1ycemmvq+E6yFYb9ZPEDXa0QAmB
3C+Kw8ODnZPZrSY4/3BbOL8ApniHpvDIeHt0YUvfHlUKwieEoFH91YtUTPB7Qr0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:23:51 2025 by rpki-client