Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/imNxIYHebASQr0_kUYmlPOLmqRE.roa
File: imNxIYHebASQr0_kUYmlPOLmqRE.roa (raw, json)
Hash identifier: LBqzUwpTZzk4iGoUNMCGPZOnnoxXm176XwkO3w06lsA=
Subject key identifier: 8A:63:71:21:81:DE:6C:04:90:AF:4F:E4:51:89:A5:3C:E2:E6:A9:11
Certificate issuer: /CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Certificate serial: 018C1AA13580D4A116BAFE2B6A1B8AF551EE
Authority key identifier: 14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/imNxIYHebASQr0_kUYmlPOLmqRE.roa
Signing time: Wed 29 Nov 2023 10:30:21 +0000
ROA not before: Wed 29 Nov 2023 10:30:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42724
IP address blocks: 194.62.40.0/24 maxlen: 24
193.3.167.0/24 maxlen: 24
194.36.84.0/24 maxlen: 24
194.36.86.0/24 maxlen: 24
194.36.87.0/24 maxlen: 24
45.155.127.0/24 maxlen: 24
45.155.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:a1:35:80:d4:a1:16:ba:fe:2b:6a:1b:8a:f5:51:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Validity
Not Before: Nov 29 10:30:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a63712181de6c0490af4fe45189a53ce2e6a911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2e:30:c6:7f:a7:84:0d:40:7e:ed:a2:52:ec:
a2:7b:b7:22:86:31:f6:a6:03:8c:99:24:ca:6d:6d:
f3:26:cd:78:19:69:cd:c7:1b:78:71:7b:bc:a8:2e:
2d:24:65:7a:48:35:4e:6c:bb:c4:fb:de:d2:0b:6f:
16:03:0e:5e:3c:84:9b:a2:59:71:fc:55:74:1e:9f:
e9:12:e0:31:69:91:10:28:64:c9:89:e8:51:81:c0:
e1:da:db:fd:38:0b:d8:b9:9c:09:b7:54:ed:9a:e9:
40:b0:50:52:6b:1a:cc:d5:3b:15:9a:fd:57:bc:ad:
0f:5b:7e:f0:2f:9a:20:db:16:d3:73:05:be:74:b7:
6c:cd:b1:52:ba:c4:a2:6c:05:b1:35:be:06:97:6f:
76:45:d1:6a:3b:c2:cf:9b:f4:4f:8f:41:2c:e6:cd:
d6:ea:ea:6c:4e:87:13:ee:91:80:02:61:d6:08:19:
f8:bd:fc:f6:f5:cf:c7:f7:f4:67:af:d3:80:e8:30:
7c:1b:bf:b8:e2:a4:10:60:8d:a0:28:bf:12:b7:9b:
19:db:2c:ae:fd:bf:a8:a4:48:33:3a:b9:7c:b1:a8:
37:39:da:d3:e5:cf:22:2d:30:a1:f7:41:1d:df:79:
a8:c9:e0:98:83:4b:ff:8c:80:e9:2f:da:06:99:66:
01:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:63:71:21:81:DE:6C:04:90:AF:4F:E4:51:89:A5:3C:E2:E6:A9:11
X509v3 Authority Key Identifier:
keyid:14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/imNxIYHebASQr0_kUYmlPOLmqRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.126.0/23
193.3.167.0/24
194.36.84.0/24
194.36.86.0/23
194.62.40.0/24
Signature Algorithm: sha256WithRSAEncryption
80:ac:f3:65:da:58:1b:94:6d:66:45:68:66:72:47:fd:f2:c2:
fd:4d:e5:6a:c2:c4:a8:40:f1:ea:6b:25:32:13:04:81:30:1c:
b5:39:0a:7d:d0:17:c1:3c:84:e8:a0:a1:3a:8c:b1:a4:ed:f0:
8c:ea:10:d9:8d:34:b5:08:ce:4b:f2:fd:29:c9:a9:ae:3e:1f:
ea:da:e0:ef:ea:f6:7a:c8:50:63:5f:18:46:f3:1c:94:0a:90:
6f:56:2c:10:30:e1:db:ca:24:32:36:78:e6:3b:d9:00:33:9a:
f0:c7:f7:42:33:ac:dc:d1:a0:08:17:ee:32:16:61:0b:fb:35:
e6:9a:84:44:5b:4e:64:5f:df:fe:51:53:b4:ca:d3:47:60:05:
e0:df:a6:a6:4f:0b:dc:cd:dc:c2:f0:00:33:5b:28:4c:52:3f:
9c:09:37:d5:e0:87:9a:38:09:27:2b:42:d6:89:62:f5:ff:b3:
97:d6:74:57:a7:10:e3:73:12:59:2c:07:b1:cf:cd:f5:ac:04:
dc:48:ad:35:6d:02:4b:8c:f8:0b:5a:12:21:b5:2e:0e:05:38:
42:d0:0a:e9:f0:35:b3:e8:ac:7c:db:ee:9b:24:ae:5f:7d:ec:
61:d1:97:e6:a1:53:a1:f5:04:c8:1b:60:85:28:dc:db:6a:73:
5a:8e:07:58
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwaoTWA1KEWuv4rahuK9VHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MzIzOTY1MWRiNmFhYjFiY2I2NzMyNWY3ODViNWVlMWY0
MDI1Y2IwHhcNMjMxMTI5MTAzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTYzNzEyMTgxZGU2YzA0OTBhZjRmZTQ1MTg5YTUzY2UyZTZhOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS4wxn+nhA1Afu2iUuyie7cihjH2
pgOMmSTKbW3zJs14GWnNxxt4cXu8qC4tJGV6SDVObLvE+97SC28WAw5ePISbollx
/FV0Hp/pEuAxaZEQKGTJiehRgcDh2tv9OAvYuZwJt1TtmulAsFBSaxrM1TsVmv1X
vK0PW37wL5og2xbTcwW+dLdszbFSusSibAWxNb4Gl292RdFqO8LPm/RPj0Es5s3W
6upsTocT7pGAAmHWCBn4vfz29c/H9/Rnr9OA6DB8G7+44qQQYI2gKL8St5sZ2yyu
/b+opEgzOrl8sag3OdrT5c8iLTCh90Ed33moyeCYg0v/jIDpL9oGmWYBnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIpjcSGB3mwEkK9P5FGJpTzi5qkRMB8GA1UdIwQY
MBaAFBQyOWUdtqqxvLZzJfeFte4fQCXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQt
NmVlYzc3ZDliOTg1LzEvaW1OeElZSGViQVNRcjBfa1VZbWxQT0xtcVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQtNmVlYzc3ZDliOTg1
LzEvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLZt+AwQA
wQOnAwQAwiRUAwQBwiRWAwQAwj4oMA0GCSqGSIb3DQEBCwUAA4IBAQCArPNl2lgb
lG1mRWhmckf98sL9TeVqwsSoQPHqayUyEwSBMBy1OQp90BfBPITooKE6jLGk7fCM
6hDZjTS1CM5L8v0pyamuPh/q2uDv6vZ6yFBjXxhG8xyUCpBvViwQMOHbyiQyNnjm
O9kAM5rwx/dCM6zc0aAIF+4yFmEL+zXmmoREW05kX9/+UVO0ytNHYAXg36amTwvc
zdzC8AAzWyhMUj+cCTfV4IeaOAknK0LWiWL1/7OX1nRXpxDjcxJZLAexz831rATc
SK01bQJLjPgLWhIhtS4OBThC0Arp8DWz6Kx82+6bJK5ffexh0ZfmoVOh9QTIG2CF
KNzbanNajgdY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:29 2025 by rpki-client