Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/RFzESLkQSMVLL_KSKHQbZlovVFM.roa
File: RFzESLkQSMVLL_KSKHQbZlovVFM.roa (raw, json)
Hash identifier: L7xybuwg6f+rXIY6vY9OPJXNNk68NH/9R/c/mNiJTlU=
Subject key identifier: 44:5C:C4:48:B9:10:48:C5:4B:2F:F2:92:28:74:1B:66:5A:2F:54:53
Certificate issuer: /CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Certificate serial: 018B5638E1DBA24DC44B6682B7B5F2663058
Authority key identifier: 1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/RFzESLkQSMVLL_KSKHQbZlovVFM.roa
Signing time: Sun 22 Oct 2023 07:10:50 +0000
ROA not before: Sun 22 Oct 2023 07:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41176
IP address blocks: 188.117.64.0/18 maxlen: 18
188.117.76.0/24 maxlen: 24
188.117.76.0/22 maxlen: 22
188.117.77.0/24 maxlen: 24
188.117.78.0/24 maxlen: 24
188.117.72.0/22 maxlen: 22
188.117.84.0/22 maxlen: 22
188.117.84.0/24 maxlen: 24
188.117.85.0/24 maxlen: 24
188.117.81.0/24 maxlen: 24
188.117.80.0/24 maxlen: 24
188.117.80.0/23 maxlen: 23
188.117.86.0/24 maxlen: 24
188.117.87.0/24 maxlen: 24
188.117.93.0/24 maxlen: 24
188.117.96.0/21 maxlen: 21
188.117.104.0/24 maxlen: 24
188.117.100.0/23 maxlen: 23
188.117.107.0/24 maxlen: 24
188.117.109.0/24 maxlen: 24
188.117.124.0/24 maxlen: 24
212.76.64.0/24 maxlen: 24
212.76.64.0/19 maxlen: 19
212.76.70.0/24 maxlen: 24
212.76.69.0/24 maxlen: 24
212.76.68.0/24 maxlen: 24
212.76.73.0/24 maxlen: 24
212.76.85.0/24 maxlen: 24
212.76.83.0/24 maxlen: 24
212.76.88.0/24 maxlen: 24
212.76.95.0/24 maxlen: 24
89.108.0.0/18 maxlen: 18
89.108.29.0/24 maxlen: 24
89.108.28.0/24 maxlen: 24
89.108.30.0/24 maxlen: 24
89.108.26.0/24 maxlen: 24
89.108.26.0/23 maxlen: 23
89.108.27.0/24 maxlen: 24
213.236.32.0/19 maxlen: 19
213.236.35.0/24 maxlen: 24
213.236.38.0/24 maxlen: 24
213.236.37.0/24 maxlen: 24
185.20.152.0/24 maxlen: 24
185.20.152.0/22 maxlen: 22
213.236.39.0/24 maxlen: 24
213.236.41.0/24 maxlen: 24
213.236.48.0/24 maxlen: 24
213.236.56.0/22 maxlen: 22
213.236.56.0/21 maxlen: 21
213.236.53.0/24 maxlen: 24
213.236.59.0/24 maxlen: 24
213.236.60.0/24 maxlen: 24
89.108.60.0/22 maxlen: 22
2a02:d70::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:56:38:e1:db:a2:4d:c4:4b:66:82:b7:b5:f2:66:30:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Validity
Not Before: Oct 22 07:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=445cc448b91048c54b2ff29228741b665a2f5453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:6d:b4:4b:5c:11:47:de:b7:39:dc:0f:a3:
d6:7a:99:fa:19:de:cf:26:76:01:d1:07:e1:7a:b8:
da:45:9e:14:b2:74:3b:5d:89:2f:d3:52:26:76:b5:
d9:39:9a:51:c7:69:85:46:e8:38:16:43:e8:27:23:
17:1c:81:9c:88:e7:f4:50:95:35:96:f0:1c:1f:ab:
99:52:09:94:33:67:9b:d8:17:8d:a0:21:d3:33:65:
f1:11:53:86:fe:f8:27:8d:5f:bd:59:e6:4f:79:86:
8e:ee:24:e7:a2:df:56:67:fd:1f:e7:dd:46:cb:5f:
0a:cb:4d:f6:5a:0a:02:f9:33:33:0e:d4:b4:07:d2:
78:7d:e2:12:a3:d3:fe:03:6e:fb:db:31:50:1c:fa:
84:75:c5:82:bc:8c:92:2c:28:b9:7d:7c:df:e8:1d:
e3:72:eb:6d:d5:39:86:ed:a5:9d:9e:41:eb:4b:5f:
d7:9e:a8:5c:3e:e2:16:85:0a:bf:f2:14:58:e2:3f:
40:25:be:8c:2d:6d:e1:c4:ed:42:1c:33:49:25:12:
2c:b4:c8:ef:b1:7f:26:6b:4a:38:b4:93:05:03:63:
69:a0:ca:63:c3:d9:9c:25:eb:e4:19:c3:0f:68:36:
e1:c7:02:6d:3d:9b:92:ad:ef:66:76:e5:64:38:ef:
0b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:5C:C4:48:B9:10:48:C5:4B:2F:F2:92:28:74:1B:66:5A:2F:54:53
X509v3 Authority Key Identifier:
keyid:1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/RFzESLkQSMVLL_KSKHQbZlovVFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.0.0/18
185.20.152.0/22
188.117.64.0/18
212.76.64.0/19
213.236.32.0/19
IPv6:
2a02:d70::/32
Signature Algorithm: sha256WithRSAEncryption
8b:56:ea:56:68:25:bc:44:5b:cb:f4:2c:46:26:a2:78:75:be:
fc:63:35:ae:ef:a2:55:fc:73:30:ab:bb:4b:3b:a7:a4:33:00:
31:43:8b:22:43:3b:a9:f0:98:03:14:f3:62:dd:49:ce:9e:08:
b5:f9:1c:43:f6:ea:13:82:e5:9f:8f:02:2c:ab:b3:0c:1a:dd:
f7:99:68:19:15:fd:33:81:3d:37:ba:b9:b7:02:89:7f:c4:e1:
08:a7:73:53:8b:7c:de:83:fa:58:9e:e0:ed:ff:68:24:46:9b:
4e:bc:5d:cd:3b:3a:53:bd:35:50:d2:22:d1:d1:fb:1e:8e:8e:
c4:bb:c2:53:26:b5:dc:02:1b:8f:9c:75:e0:e1:24:22:2f:38:
e9:7f:1f:32:75:7f:e7:38:80:ea:fc:be:91:39:78:a4:8b:8a:
bb:61:8d:93:3a:2e:62:df:21:c7:51:83:3c:16:8a:66:8f:a2:
b5:2f:eb:af:6b:31:de:06:94:b9:ec:a4:60:8f:bf:3f:a8:a8:
c2:18:02:7a:ae:36:ed:6c:89:0d:e8:2a:87:ac:fa:8c:aa:05:
38:4f:a2:14:bc:da:92:1f:a2:e8:4d:39:34:44:c9:a8:14:8e:
a8:eb:16:a0:80:be:1e:72:fb:f3:40:3b:41:cd:8c:7f:12:61:
a5:6a:70:a0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYtWOOHbok3ES2aCt7XyZjBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMmE0YmZkMmMwYzY5NzY1YTgyOTllZjc0OTY1Zjg2MmE3
MTQ4YjcwHhcNMjMxMDIyMDcxMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDVjYzQ0OGI5MTA0OGM1NGIyZmYyOTIyODc0MWI2NjVhMmY1NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqotttEtcEUfetzncD6PWepn6Gd7P
JnYB0QfherjaRZ4UsnQ7XYkv01ImdrXZOZpRx2mFRug4FkPoJyMXHIGciOf0UJU1
lvAcH6uZUgmUM2eb2BeNoCHTM2XxEVOG/vgnjV+9WeZPeYaO7iTnot9WZ/0f591G
y18Ky032WgoC+TMzDtS0B9J4feISo9P+A2772zFQHPqEdcWCvIySLCi5fXzf6B3j
cutt1TmG7aWdnkHrS1/XnqhcPuIWhQq/8hRY4j9AJb6MLW3hxO1CHDNJJRIstMjv
sX8ma0o4tJMFA2NpoMpjw9mcJevkGcMPaDbhxwJtPZuSre9mduVkOO8LxwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFERcxEi5EEjFSy/ykih0G2ZaL1RTMB8GA1UdIwQY
MBaAFBoqS/0sDGl2WoKZ73SWX4YqcUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUt
YmI3MDgwMGMyYTY1LzEvUkZ6RVNMa1FTTVZMTF9LU0tIUWJabG92VkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUtYmI3MDgwMGMyYTY1
LzEvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGWWwAAwQC
uRSYAwQGvHVAAwQF1ExAAwQF1ewgMA0EAgACMAcDBQAqAg1wMA0GCSqGSIb3DQEB
CwUAA4IBAQCLVupWaCW8RFvL9CxGJqJ4db78YzWu76JV/HMwq7tLO6ekMwAxQ4si
Qzup8JgDFPNi3UnOngi1+RxD9uoTguWfjwIsq7MMGt33mWgZFf0zgT03urm3Aol/
xOEIp3NTi3zeg/pYnuDt/2gkRptOvF3NOzpTvTVQ0iLR0fsejo7Eu8JTJrXcAhuP
nHXg4SQiLzjpfx8ydX/nOIDq/L6ROXiki4q7YY2TOi5i3yHHUYM8Fopmj6K1L+uv
azHeBpS57KRgj78/qKjCGAJ6rjbtbIkN6CqHrPqMqgU4T6IUvNqSH6LoTTk0RMmo
FI6o6xaggL4ecvvzQDtBzYx/EmGlanCg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:54 2025 by rpki-client