Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/el23C1LQMOXA0haQ-nqJ6SR-kzQ.roa
File: el23C1LQMOXA0haQ-nqJ6SR-kzQ.roa (raw, json)
Hash identifier: 2SokbwwwBH55zalJaJU/4/t1f6Rz7nppCjZ81p3qKzc=
Subject key identifier: 7A:5D:B7:0B:52:D0:30:E5:C0:D2:16:90:FA:7A:89:E9:24:7E:93:34
Certificate issuer: /CN=1fa8ac37f9695169627f75e098963396de9638cc
Certificate serial: 018570150D3E252B0BE9A206FAD189DA74B7
Authority key identifier: 1F:A8:AC:37:F9:69:51:69:62:7F:75:E0:98:96:33:96:DE:96:38:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/el23C1LQMOXA0haQ-nqJ6SR-kzQ.roa
Signing time: Mon 02 Jan 2023 01:25:05 +0000
ROA not before: Mon 02 Jan 2023 01:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51728
IP address blocks: 185.40.89.0/24 maxlen: 24
185.40.88.0/24 maxlen: 24
185.40.91.0/24 maxlen: 24
185.40.90.0/24 maxlen: 24
146.66.24.0/21 maxlen: 21
91.190.192.0/21 maxlen: 21
80.66.160.0/20 maxlen: 20
2a00:ac00::/32 maxlen: 32
2a00:ac01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:0d:3e:25:2b:0b:e9:a2:06:fa:d1:89:da:74:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa8ac37f9695169627f75e098963396de9638cc
Validity
Not Before: Jan 2 01:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a5db70b52d030e5c0d21690fa7a89e9247e9334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:75:a5:50:1a:cc:02:5f:1e:61:45:a2:42:b4:
de:24:a8:31:1d:d3:bb:bf:e2:6d:a0:b1:69:e2:98:
3d:5e:40:5f:a8:cc:c4:0d:21:2f:92:41:56:6a:7d:
01:97:1f:6f:dc:aa:f1:1e:9a:67:ab:ce:04:fe:ca:
93:05:59:f7:51:a2:0c:99:0a:f6:65:c9:b3:59:98:
96:c4:c4:1e:89:c9:78:33:b6:b4:9d:3e:22:2a:c0:
19:b5:51:14:41:ac:5b:84:80:07:47:6a:1f:dc:52:
18:df:75:6b:bf:16:10:b8:5d:34:3e:b7:94:f0:42:
39:8e:d8:ec:e6:57:7c:d3:b1:6e:db:fc:72:97:35:
ed:9d:4b:df:b2:31:c3:1f:51:53:50:19:09:e3:95:
b9:ae:c3:25:19:05:17:19:83:18:62:1f:62:08:d5:
a4:34:31:4f:57:a6:2e:dd:97:fc:19:af:c0:8f:99:
0d:76:6f:e8:bc:83:c0:db:8e:7b:65:e0:19:bc:9b:
d7:2f:5f:62:fa:c5:e4:d5:66:bf:30:71:0e:10:9c:
77:81:92:26:3e:9d:33:51:a9:f2:8d:1e:66:b8:f8:
a8:b8:dd:09:37:a6:86:29:49:4b:be:d6:a9:ed:36:
ee:57:b1:d9:b4:b0:59:71:1e:4e:90:d5:ac:9d:5b:
7b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:5D:B7:0B:52:D0:30:E5:C0:D2:16:90:FA:7A:89:E9:24:7E:93:34
X509v3 Authority Key Identifier:
keyid:1F:A8:AC:37:F9:69:51:69:62:7F:75:E0:98:96:33:96:DE:96:38:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/el23C1LQMOXA0haQ-nqJ6SR-kzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/H6isN_lpUWlif3XgmJYzlt6WOMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.160.0/20
91.190.192.0/21
146.66.24.0/21
185.40.88.0/22
IPv6:
2a00:ac00::/31
Signature Algorithm: sha256WithRSAEncryption
8c:87:d9:77:fc:e5:1b:89:a2:f3:e6:be:b9:cf:a3:61:d3:0e:
b2:10:48:3c:1e:8b:15:f0:be:71:38:55:5d:ee:a9:19:f4:0c:
53:3f:53:6c:a6:fd:89:b7:a9:32:36:63:c4:de:f7:84:45:bb:
f7:42:fb:ca:d9:f0:c4:b9:1c:6e:af:d9:13:2d:a6:b9:f5:2e:
91:87:c0:f5:a8:52:3f:15:e4:61:91:e6:ea:9e:06:c1:b0:92:
2a:bf:07:02:3a:07:53:02:95:f9:e7:31:71:81:f4:c4:ae:48:
69:b1:43:66:81:d2:15:19:6e:c6:7d:bf:43:70:ac:76:fe:41:
86:05:4b:06:21:56:97:f6:de:3e:90:81:f3:75:f8:33:98:cf:
28:80:16:97:f4:5c:bb:ce:13:0b:24:31:28:a1:4b:de:de:b0:
cf:4b:bb:ab:03:fe:db:46:45:58:30:b7:58:28:49:35:f5:f6:
cf:11:44:4d:e4:41:b8:7b:ed:de:0c:72:53:94:8d:04:73:2d:
f5:65:34:23:3a:41:a0:63:e2:b4:9f:06:da:5c:c3:38:b8:a2:
48:1b:12:96:04:aa:35:f4:52:fc:25:41:ea:14:4e:22:92:87:
b5:75:59:7f:64:f7:e4:82:6c:79:84:ff:a2:c5:ce:df:c4:92:
d2:5e:15:19
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwFQ0+JSsL6aIG+tGJ2nS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYThhYzM3Zjk2OTUxNjk2MjdmNzVlMDk4OTYzMzk2ZGU5
NjM4Y2MwHhcNMjMwMTAyMDEyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTVkYjcwYjUyZDAzMGU1YzBkMjE2OTBmYTdhODllOTI0N2U5MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3WlUBrMAl8eYUWiQrTeJKgxHdO7
v+JtoLFp4pg9XkBfqMzEDSEvkkFWan0Blx9v3KrxHppnq84E/sqTBVn3UaIMmQr2
ZcmzWZiWxMQeicl4M7a0nT4iKsAZtVEUQaxbhIAHR2of3FIY33VrvxYQuF00PreU
8EI5jtjs5ld807Fu2/xylzXtnUvfsjHDH1FTUBkJ45W5rsMlGQUXGYMYYh9iCNWk
NDFPV6Yu3Zf8Ga/Aj5kNdm/ovIPA2457ZeAZvJvXL19i+sXk1Wa/MHEOEJx3gZIm
Pp0zUanyjR5muPiouN0JN6aGKUlLvtap7TbuV7HZtLBZcR5OkNWsnVt7ZwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHpdtwtS0DDlwNIWkPp6iekkfpM0MB8GA1UdIwQY
MBaAFB+orDf5aVFpYn914JiWM5beljjMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZpc05fbHBVV2xpZjNYZ21KWXpsdDZXT013LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81YmMxY2MtZDAyYy00OGVlLTk5MzUt
MDIzYjZjMDc5M2YxLzEvZWwyM0MxTFFNT1hBMGhhUS1ucUo2U1Ita3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81YmMxY2MtZDAyYy00OGVlLTk5MzUtMDIzYjZjMDc5M2Yx
LzEvSDZpc05fbHBVV2xpZjNYZ21KWXpsdDZXT013LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEKgAwQD
W77AAwQDkkIYAwQCuShYMA0EAgACMAcDBQEqAKwAMA0GCSqGSIb3DQEBCwUAA4IB
AQCMh9l3/OUbiaLz5r65z6Nh0w6yEEg8HosV8L5xOFVd7qkZ9AxTP1Nspv2Jt6ky
NmPE3veERbv3QvvK2fDEuRxur9kTLaa59S6Rh8D1qFI/FeRhkebqngbBsJIqvwcC
OgdTApX55zFxgfTErkhpsUNmgdIVGW7Gfb9DcKx2/kGGBUsGIVaX9t4+kIHzdfgz
mM8ogBaX9Fy7zhMLJDEooUve3rDPS7urA/7bRkVYMLdYKEk19fbPEURN5EG4e+3e
DHJTlI0Ecy31ZTQjOkGgY+K0nwbaXMM4uKJIGxKWBKo19FL8JUHqFE4ikoe1dVl/
ZPfkgmx5hP+ixc7fxJLSXhUZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:23 2025 by rpki-client