Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/xGsfEW0_4DCZsxw5Jy6i7RiOPrQ.roa
File: xGsfEW0_4DCZsxw5Jy6i7RiOPrQ.roa (raw, json)
Hash identifier: uDpDkCwBSf9u4HSCWNcVLvFn3vUOD6mXYVjt6hxznLI=
Subject key identifier: C4:6B:1F:11:6D:3F:E0:30:99:B3:1C:39:27:2E:A2:ED:18:8E:3E:B4
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 01867114D9BDA91E4EC93BF0E72D5F8EE0DC
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/xGsfEW0_4DCZsxw5Jy6i7RiOPrQ.roa
Signing time: Mon 20 Feb 2023 23:07:17 +0000
ROA not before: Mon 20 Feb 2023 23:07:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61423
IP address blocks: 185.202.132.0/24 maxlen: 24
2a0a:d6c0:9::/48 maxlen: 48
2a0a:d6c0:4::/48 maxlen: 48
2a0a:d6c0:efef::/48 maxlen: 48
2a0a:d6c0:efff::/48 maxlen: 48
2a0a:d6c0:8::/48 maxlen: 48
2a0a:d6c0:208::/48 maxlen: 48
2a0a:d6c0:3::/48 maxlen: 48
2a0a:d6c0:13::/48 maxlen: 48
2a0a:d6c0:eff3::/48 maxlen: 48
2a0a:d6c0:eff1::/48 maxlen: 48
2a0a:d6c0:11::/48 maxlen: 48
2a0a:d6c0:7::/48 maxlen: 48
2a0a:d6c0:eff2::/48 maxlen: 48
2a0a:d6c0:2::/48 maxlen: 48
2a0a:d6c0:5::/48 maxlen: 48
2a0a:d6c0::/48 maxlen: 48
2a0a:d6c0:eff0::/48 maxlen: 48
2a0a:d6c0:10::/48 maxlen: 48
2a0a:d6c0:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:71:14:d9:bd:a9:1e:4e:c9:3b:f0:e7:2d:5f:8e:e0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Feb 20 23:07:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c46b1f116d3fe03099b31c39272ea2ed188e3eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ad:10:ca:af:10:41:4a:46:3e:5c:75:50:be:
86:cc:34:b5:09:e9:6d:03:cd:45:e7:fd:99:10:69:
05:05:33:ef:91:c2:25:08:02:ae:92:45:44:ae:42:
a9:78:d5:66:2e:0a:8c:b7:c8:6f:2b:a3:5e:10:de:
c1:ef:c9:76:00:c7:78:0a:47:cc:63:b4:97:45:d5:
6a:d4:97:f5:33:41:56:1f:be:52:4a:74:c9:c4:46:
39:96:50:0e:77:6b:32:39:f0:3c:40:78:11:7c:04:
4a:00:87:cd:d0:28:17:1c:2f:a7:b4:d8:5a:3a:76:
32:c1:b9:97:9d:42:1e:27:ab:2c:8d:28:88:c4:17:
a0:29:7a:57:84:b7:b4:b9:75:0c:38:89:b1:ec:f4:
17:01:c4:7c:3d:ca:c4:e1:14:f7:59:8d:a9:a4:a8:
c1:0c:e3:8f:06:92:d3:33:f1:e5:88:21:2a:35:ae:
18:59:e0:d3:cf:68:4f:e9:1d:c3:c1:d1:b9:1a:25:
9a:be:32:d7:5a:71:b7:72:79:24:cc:be:1e:a6:d9:
c1:f6:c7:1b:66:72:a9:d1:0a:12:e3:84:a7:ea:5f:
02:bb:26:0b:cd:b9:ef:5a:1a:4f:8a:7c:06:9e:a5:
6e:cb:2e:55:f8:97:82:c5:83:9d:64:92:6b:56:48:
36:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6B:1F:11:6D:3F:E0:30:99:B3:1C:39:27:2E:A2:ED:18:8E:3E:B4
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/xGsfEW0_4DCZsxw5Jy6i7RiOPrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.132.0/24
IPv6:
2a0a:d6c0::/48
2a0a:d6c0:2::-2a0a:d6c0:9:ffff:ffff:ffff:ffff:ffff
2a0a:d6c0:10::/47
2a0a:d6c0:13::/48
2a0a:d6c0:208::/48
2a0a:d6c0:efef::-2a0a:d6c0:eff3:ffff:ffff:ffff:ffff:ffff
2a0a:d6c0:efff::/48
Signature Algorithm: sha256WithRSAEncryption
95:a9:42:61:d6:0c:37:64:e1:08:62:49:0b:96:88:81:39:0c:
4a:6d:37:21:eb:4b:7f:ae:83:3d:c9:9f:cb:d2:67:db:93:b9:
7a:01:5d:31:e1:40:76:62:c0:11:19:63:a0:0b:41:49:05:6d:
c7:6a:5a:78:8b:f8:96:3b:db:85:5b:dc:4a:60:43:77:3b:59:
ae:e7:2b:14:49:da:53:db:9e:b4:0f:f1:0d:33:fc:03:eb:71:
a1:56:d8:1d:70:e9:33:2c:03:1d:c1:9b:b0:ac:91:5d:06:38:
d8:81:f7:ed:98:5a:b5:04:a2:b7:57:be:72:f4:63:a0:31:ef:
fa:28:10:8e:39:f9:ff:c3:1a:59:2a:12:d5:61:28:37:8f:0b:
e4:35:2b:f3:27:87:85:8d:c5:9c:61:06:21:a8:0f:bf:c5:8c:
6d:d9:2b:df:0d:77:aa:d0:a7:d2:e2:71:be:34:16:2b:be:93:
16:e1:9b:2a:13:38:1d:5a:12:88:ee:ae:85:e1:b4:af:c5:33:
22:cb:15:c5:95:c8:50:c0:06:ab:61:f7:d7:62:3e:7e:5a:0c:
ee:8c:3b:08:5f:ce:d6:da:a3:eb:6f:6c:1c:fb:68:42:af:ab:
a5:c5:7f:4c:ca:49:25:5c:99:92:26:a4:3e:d8:23:57:17:40:
7a:95:23:1a
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYZxFNm9qR5OyTvw5y1fjuDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjMwMjIwMjMwNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDZiMWYxMTZkM2ZlMDMwOTliMzFjMzkyNzJlYTJlZDE4OGUzZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq0Qyq8QQUpGPlx1UL6GzDS1Celt
A81F5/2ZEGkFBTPvkcIlCAKukkVErkKpeNVmLgqMt8hvK6NeEN7B78l2AMd4CkfM
Y7SXRdVq1Jf1M0FWH75SSnTJxEY5llAOd2syOfA8QHgRfARKAIfN0CgXHC+ntNha
OnYywbmXnUIeJ6ssjSiIxBegKXpXhLe0uXUMOImx7PQXAcR8PcrE4RT3WY2ppKjB
DOOPBpLTM/HliCEqNa4YWeDTz2hP6R3DwdG5GiWavjLXWnG3cnkkzL4eptnB9scb
ZnKp0QoS44Sn6l8CuyYLzbnvWhpPinwGnqVuyy5V+JeCxYOdZJJrVkg20wIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFMRrHxFtP+AwmbMcOScuou0Yjj60MB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEveEdzZkVXMF80RENac3h3NUp5Nmk3UmlPUHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazAMBAIAATAGAwQAucqEMFsE
AgACMFUDBwAqCtbAAAAwEgMHASoK1sAAAgMHASoK1sAACAMHASoK1sAAEAMHACoK
1sAAEwMHACoK1sACCDASAwcAKgrWwO/vAwcCKgrWwO/wAwcAKgrWwO//MA0GCSqG
SIb3DQEBCwUAA4IBAQCVqUJh1gw3ZOEIYkkLloiBOQxKbTch60t/roM9yZ/L0mfb
k7l6AV0x4UB2YsARGWOgC0FJBW3Halp4i/iWO9uFW9xKYEN3O1mu5ysUSdpT2560
D/ENM/wD63GhVtgdcOkzLAMdwZuwrJFdBjjYgfftmFq1BKK3V75y9GOgMe/6KBCO
Ofn/wxpZKhLVYSg3jwvkNSvzJ4eFjcWcYQYhqA+/xYxt2SvfDXeq0KfS4nG+NBYr
vpMW4ZsqEzgdWhKI7q6F4bSvxTMiyxXFlchQwAarYffXYj5+WgzujDsIX87W2qPr
b2wc+2hCr6ulxX9MykklXJmSJqQ+2CNXF0B6lSMa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:59 2025 by rpki-client