Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/v5PbuXwLFcZGweyTXLcwXRPpcDU.roa
File: v5PbuXwLFcZGweyTXLcwXRPpcDU.roa (raw, json)
Hash identifier: ofUor51NS2hJ2F5gW1JruKzhZLt/ZwZNQ0K4txvZSgg=
Subject key identifier: BF:93:DB:B9:7C:0B:15:C6:46:C1:EC:93:5C:B7:30:5D:13:E9:70:35
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 178A9A99
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/v5PbuXwLFcZGweyTXLcwXRPpcDU.roa
Signing time: Thu 31 Mar 2022 08:01:11 +0000
ROA not before: Thu 31 Mar 2022 08:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199484
IP address blocks: 185.153.248.0/22 maxlen: 22
185.153.249.0/24 maxlen: 24
185.153.250.0/24 maxlen: 24
185.153.248.0/24 maxlen: 24
185.153.251.0/24 maxlen: 24
2a07:89c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 394959513 (0x178a9a99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Mar 31 08:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf93dbb97c0b15c646c1ec935cb7305d13e97035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f4:41:f6:37:ff:a7:6d:b3:1b:4d:14:a6:84:
85:0a:d8:e3:e3:a6:43:97:f8:c1:16:90:f1:df:75:
3d:19:c5:43:e4:6b:f5:36:9f:15:4b:ad:88:87:fa:
0b:99:7a:68:df:0a:10:51:db:d7:35:1a:61:7a:ca:
24:96:50:f1:1f:70:2b:b9:81:c8:8b:5a:26:e8:07:
41:b2:a0:39:8d:10:ae:ec:d4:8b:9d:de:29:0b:8a:
42:d4:de:f2:5e:8b:df:bb:da:e8:09:c0:c2:a3:4e:
6d:4e:ae:b0:09:8d:07:57:c0:a8:41:d8:d3:cd:3d:
8b:a3:d8:6f:c0:13:09:12:28:d7:2a:00:06:70:1c:
b5:5a:f6:83:93:5c:34:6c:d8:ad:1e:ca:3e:d7:aa:
87:d1:93:9b:dc:34:91:33:fb:e1:40:12:5f:9f:87:
9b:f9:6b:cc:62:13:6f:c6:bd:b0:96:1c:fe:c2:4e:
10:ec:9d:50:d3:45:2d:4c:32:dd:58:1c:5f:c1:39:
06:d9:fd:28:6e:94:2e:9f:a9:6f:41:7c:d6:49:c7:
3b:a3:ed:b9:a9:6e:9d:38:c8:87:0c:79:d9:63:23:
f2:e0:2b:f3:90:df:55:ef:65:d4:fb:01:05:47:db:
1a:db:51:ec:77:9e:ef:6d:63:04:54:15:c9:4f:34:
d7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:93:DB:B9:7C:0B:15:C6:46:C1:EC:93:5C:B7:30:5D:13:E9:70:35
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/v5PbuXwLFcZGweyTXLcwXRPpcDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.248.0/22
IPv6:
2a07:89c0::/48
Signature Algorithm: sha256WithRSAEncryption
a5:46:ce:b0:73:a9:d9:e9:ea:7f:f3:bd:d1:bf:eb:f9:eb:22:
d5:1a:7b:de:f4:36:ea:93:f0:8e:c8:07:61:a8:4f:b9:5a:8f:
59:e6:d7:07:1e:e3:ff:8d:45:8d:9d:c7:e8:60:66:6a:bd:ce:
f8:ab:23:0d:a0:ad:94:18:80:fb:c8:28:21:6b:21:2c:5d:02:
65:42:38:ab:b0:1f:c6:a5:06:cd:c4:fd:15:25:57:5c:f4:e9:
35:20:89:45:ff:88:dd:8d:54:d5:db:12:05:8f:aa:8a:99:b9:
09:75:01:d8:6f:36:31:79:e5:c5:59:8a:70:0f:ef:d8:73:bc:
8d:9c:8b:2a:6b:c7:7b:8b:ef:a0:24:4a:9c:f4:23:df:f2:3a:
94:2b:68:8a:87:5a:6c:5c:9d:53:93:b9:bd:35:b7:80:4d:3e:
db:b1:d7:c6:64:6d:01:37:b0:96:8a:fc:e9:bb:ac:be:f6:f5:
77:7f:53:b4:92:4a:92:a4:28:4f:1a:b7:a7:73:e4:fc:9c:3b:
51:e9:13:44:b0:4f:ad:75:32:fb:7a:bc:50:e3:68:e0:81:03:
b8:f3:95:34:c5:de:bd:a3:16:9b:c2:71:24:61:f8:96:91:79:
0f:6f:6e:ff:9a:95:bc:ff:08:69:df:c1:9e:ac:54:57:fe:63:
ad:80:04:c4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEF4qamTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDY3MzY3OTY3ZGM3NjMzNDlmZDBiNTBlMzFmNzViODIzMDI4NTkwMB4XDTIyMDMz
MTA4MDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY5M2RiYjk3YzBi
MTVjNjQ2YzFlYzkzNWNiNzMwNWQxM2U5NzAzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMr0QfY3/6dtsxtNFKaEhQrY4+OmQ5f4wRaQ8d91PRnFQ+Rr
9TafFUutiIf6C5l6aN8KEFHb1zUaYXrKJJZQ8R9wK7mByItaJugHQbKgOY0QruzU
i53eKQuKQtTe8l6L37va6AnAwqNObU6usAmNB1fAqEHY0809i6PYb8ATCRIo1yoA
BnActVr2g5NcNGzYrR7KPteqh9GTm9w0kTP74UASX5+Hm/lrzGITb8a9sJYc/sJO
EOydUNNFLUwy3VgcX8E5Btn9KG6ULp+pb0F81knHO6PtualunTjIhwx52WMj8uAr
85DfVe9l1PsBBUfbGttR7Hee721jBFQVyU8014MCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS/k9u5fAsVxkbB7JNctzBdE+lwNTAfBgNVHSMEGDAWgBS0ZzZ5Z9x2M0n9
C1DjH3W4IwKFkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RHYzJlV2ZjZGpOSl9RdFE0eDkxdUNNQ2haQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvZGZjNGYyLWVkN2QtNDYxMC04NjBjLWI4MTM3M2M0MGRjOS8x
L3Y1UGJ1WHdMRmNaR3dleVRYTGN3WFJQcGNEVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
ZGZjNGYyLWVkN2QtNDYxMC04NjBjLWI4MTM3M2M0MGRjOS8xL3RHYzJlV2ZjZGpO
Sl9RdFE0eDkxdUNNQ2haQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArmZ+DAPBAIAAjAJAwcAKgeJwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQClRs6wc6nZ6ep/873Rv+v56yLVGnve9Dbqk/CO
yAdhqE+5Wo9Z5tcHHuP/jUWNncfoYGZqvc74qyMNoK2UGID7yCghayEsXQJlQjir
sB/GpQbNxP0VJVdc9Ok1IIlF/4jdjVTV2xIFj6qKmbkJdQHYbzYxeeXFWYpwD+/Y
c7yNnIsqa8d7i++gJEqc9CPf8jqUK2iKh1psXJ1Tk7m9NbeATT7bsdfGZG0BN7CW
ivzpu6y+9vV3f1O0kkqSpChPGrenc+T8nDtR6RNEsE+tdTL7erxQ42jggQO485U0
xd69oxabwnEkYfiWkXkPb27/mpW8/whp38GerFRX/mOtgATE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:24 2025 by rpki-client