Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/8KMclKPOpQCYgcZfMQV3zXh8QCE.roa
File: 8KMclKPOpQCYgcZfMQV3zXh8QCE.roa (raw, json)
Hash identifier: 8U/CxucIs5IF9rRBAe9jh+QRyD9vL3MxqQI49zOOWsA=
Subject key identifier: F0:A3:1C:94:A3:CE:A5:00:98:81:C6:5F:31:05:77:CD:78:7C:40:21
Certificate issuer: /CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Certificate serial: 0185069AE6D11F37F07CDE6104DF3BF4E00C
Authority key identifier: 1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/8KMclKPOpQCYgcZfMQV3zXh8QCE.roa
Signing time: Mon 12 Dec 2022 13:51:33 +0000
ROA not before: Mon 12 Dec 2022 13:51:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41176
IP address blocks: 188.117.93.0/24 maxlen: 24
185.20.152.0/24 maxlen: 24
185.20.152.0/22 maxlen: 22
188.117.124.0/24 maxlen: 24
212.76.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:9a:e6:d1:1f:37:f0:7c:de:61:04:df:3b:f4:e0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Validity
Not Before: Dec 12 13:51:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0a31c94a3cea5009881c65f310577cd787c4021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dd:a5:12:0d:7a:6b:d7:9d:a8:50:84:fd:67:
d5:98:bc:08:b2:be:fd:65:95:53:c0:23:c8:81:b7:
cc:b9:30:3f:cf:07:70:84:a1:78:ce:45:86:50:85:
d2:80:5f:d9:60:f5:49:a5:41:87:15:a4:a6:eb:bf:
9b:91:a9:ac:e4:68:3e:b6:93:c0:a5:b2:cd:76:63:
6d:5b:17:f6:9c:f0:46:94:1e:b7:e2:39:8e:b7:94:
6d:b0:ab:b7:76:2e:a7:aa:58:3c:26:7b:50:50:99:
a6:68:2c:f1:9c:4e:3a:79:88:1c:67:f7:fc:9f:88:
79:3b:6c:7f:bb:b1:35:9c:a6:4d:2a:0b:2c:9e:57:
16:87:68:91:e5:d7:ba:0c:3f:16:45:34:22:d6:74:
02:71:4f:db:83:52:7c:1c:85:06:d9:7b:c5:4f:4b:
73:2d:6f:da:a3:1d:84:ae:e4:8e:8c:b4:d8:c4:50:
1f:11:a7:b9:42:a9:a8:ad:ef:80:f0:a9:ae:14:31:
7a:7d:75:1e:83:88:c0:88:ee:d3:a2:98:47:ef:67:
73:38:55:4b:d8:78:9e:7c:d9:97:48:43:d3:2c:9a:
c3:da:4d:a7:e3:a1:d0:73:cb:c8:76:2c:91:7d:88:
86:22:ab:fa:d1:bf:74:e4:a8:9a:19:4a:cc:b6:8d:
79:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A3:1C:94:A3:CE:A5:00:98:81:C6:5F:31:05:77:CD:78:7C:40:21
X509v3 Authority Key Identifier:
keyid:1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/8KMclKPOpQCYgcZfMQV3zXh8QCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.152.0/22
188.117.93.0/24
188.117.124.0/24
212.76.69.0/24
Signature Algorithm: sha256WithRSAEncryption
37:35:77:33:83:ca:87:9c:4c:ad:ed:18:f6:e6:f0:71:81:b7:
0d:ea:04:58:71:ad:7f:0a:83:1a:e3:91:b9:14:5b:c7:16:e7:
49:e0:53:77:43:90:b3:10:93:a4:de:06:90:10:8f:df:fa:69:
19:91:53:8f:e7:33:82:6d:1b:d8:e1:c6:32:83:78:d2:67:33:
fb:d5:09:28:03:e1:ea:79:5b:59:47:84:98:78:79:e5:33:d3:
ad:fc:bb:26:52:5f:f6:de:91:4e:b5:ed:bd:be:d0:25:19:46:
9c:bf:b6:4a:a9:1c:a0:d5:b8:58:18:b0:2a:e0:73:b4:9d:67:
df:f2:5b:f8:be:cd:8d:60:46:ac:fa:4e:78:c1:98:c0:d0:45:
99:f8:9b:72:de:c1:69:b1:0d:3f:66:6e:d3:30:67:4c:4e:bf:
95:31:65:22:39:32:67:95:3f:5a:30:bc:73:cf:9b:55:c9:18:
9b:11:bb:99:eb:85:b1:43:12:0c:43:bd:29:01:d9:39:c7:a0:
de:95:9a:54:e4:44:fa:9d:c1:f7:f9:5c:8b:68:e9:7c:15:f9:
07:84:ba:21:28:e7:04:19:df:10:ac:90:3c:89:21:ec:41:cf:
1b:8a:3b:98:43:a1:5c:5f:68:6c:36:40:9d:05:c9:0c:f1:8d:
31:16:bf:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUGmubRHzfwfN5hBN879OAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMmE0YmZkMmMwYzY5NzY1YTgyOTllZjc0OTY1Zjg2MmE3
MTQ4YjcwHhcNMjIxMjEyMTM1MTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGEzMWM5NGEzY2VhNTAwOTg4MWM2NWYzMTA1NzdjZDc4N2M0MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo92lEg16a9edqFCE/WfVmLwIsr79
ZZVTwCPIgbfMuTA/zwdwhKF4zkWGUIXSgF/ZYPVJpUGHFaSm67+bkams5Gg+tpPA
pbLNdmNtWxf2nPBGlB634jmOt5RtsKu3di6nqlg8JntQUJmmaCzxnE46eYgcZ/f8
n4h5O2x/u7E1nKZNKgssnlcWh2iR5de6DD8WRTQi1nQCcU/bg1J8HIUG2XvFT0tz
LW/aox2EruSOjLTYxFAfEae5Qqmore+A8KmuFDF6fXUeg4jAiO7TophH72dzOFVL
2HiefNmXSEPTLJrD2k2n46HQc8vIdiyRfYiGIqv60b905KiaGUrMto15pQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPCjHJSjzqUAmIHGXzEFd814fEAhMB8GA1UdIwQY
MBaAFBoqS/0sDGl2WoKZ73SWX4YqcUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUt
YmI3MDgwMGMyYTY1LzEvOEtNY2xLUE9wUUNZZ2NaZk1RVjN6WGg4UUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUtYmI3MDgwMGMyYTY1
LzEvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuRSYAwQA
vHVdAwQAvHV8AwQA1ExFMA0GCSqGSIb3DQEBCwUAA4IBAQA3NXczg8qHnEyt7Rj2
5vBxgbcN6gRYca1/CoMa45G5FFvHFudJ4FN3Q5CzEJOk3gaQEI/f+mkZkVOP5zOC
bRvY4cYyg3jSZzP71QkoA+HqeVtZR4SYeHnlM9Ot/LsmUl/23pFOte29vtAlGUac
v7ZKqRyg1bhYGLAq4HO0nWff8lv4vs2NYEas+k54wZjA0EWZ+Jty3sFpsQ0/Zm7T
MGdMTr+VMWUiOTJnlT9aMLxzz5tVyRibEbuZ64WxQxIMQ70pAdk5x6DelZpU5ET6
ncH3+VyLaOl8FfkHhLohKOcEGd8QrJA8iSHsQc8bijuYQ6FcX2hsNkCdBckM8Y0x
Fr/b
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:01 2025 by rpki-client