Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/_gNEzlREG5sqK_wNIAQupK3jnpo.roa
File: _gNEzlREG5sqK_wNIAQupK3jnpo.roa (raw, json)
Hash identifier: qUAU/2roY4Q07P7LpURMQCTLIqEx2DI7fHmN5ieSfdU=
Subject key identifier: FE:03:44:CE:54:44:1B:9B:2A:2B:FC:0D:20:04:2E:A4:AD:E3:9E:9A
Certificate issuer: /CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Certificate serial: 0185701EED3CB3C4FB88D36CA1DB8ACC66F7
Authority key identifier: A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/_gNEzlREG5sqK_wNIAQupK3jnpo.roa
Signing time: Mon 02 Jan 2023 01:35:52 +0000
ROA not before: Mon 02 Jan 2023 01:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14907
IP address blocks: 91.198.174.0/24 maxlen: 24
185.71.138.0/24 maxlen: 24
185.15.56.0/24 maxlen: 24
185.15.57.0/24 maxlen: 24
185.15.58.0/24 maxlen: 24
185.15.59.0/24 maxlen: 24
2a02:ec80:500::/48 maxlen: 48
2a02:ec80:600::/48 maxlen: 48
2001:67c:930::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:ed:3c:b3:c4:fb:88:d3:6c:a1:db:8a:cc:66:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Validity
Not Before: Jan 2 01:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe0344ce54441b9b2a2bfc0d20042ea4ade39e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:5e:7d:f9:dd:e9:d1:6b:55:82:d3:c0:70:
6d:a3:b5:f7:78:70:2d:f6:6c:77:b2:7e:35:7b:97:
e5:aa:b7:44:db:b2:4d:90:7d:05:70:00:fb:70:2b:
36:4a:ab:d2:9b:67:c9:74:be:1a:ee:28:b9:fa:fd:
48:cf:6a:62:7a:c4:0a:c9:f3:a8:a0:c7:b4:ae:43:
03:61:f2:ff:74:21:75:5a:b8:72:e4:72:92:3b:a6:
1b:02:cc:35:f2:0e:eb:d7:7d:73:e6:e5:6f:54:1e:
2b:bb:41:0c:e6:84:f2:a1:99:4d:98:29:4a:90:61:
5e:3b:d5:31:02:1d:76:83:72:94:be:60:7b:89:f3:
24:6b:54:3c:68:00:80:3d:bd:22:e5:3d:d4:28:b6:
82:d9:50:b1:aa:48:ea:56:47:7a:82:48:22:42:46:
6d:d5:31:99:95:19:ce:29:bd:cd:28:fa:b8:cd:d3:
2d:9a:9a:89:ea:cd:50:e8:dc:2a:ca:a1:23:65:ae:
95:b0:db:cc:1c:8e:19:e4:15:81:4c:3a:1f:09:bb:
d8:9f:04:f8:59:0b:82:7b:8f:50:5e:86:7e:fb:fc:
a7:ae:60:93:23:a8:50:67:bb:42:85:d9:aa:7a:d2:
46:cf:80:a3:f0:5d:92:2e:7b:28:f6:b7:9e:28:2d:
e0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:03:44:CE:54:44:1B:9B:2A:2B:FC:0D:20:04:2E:A4:AD:E3:9E:9A
X509v3 Authority Key Identifier:
keyid:A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/_gNEzlREG5sqK_wNIAQupK3jnpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.174.0/24
185.15.56.0/22
185.71.138.0/24
IPv6:
2001:67c:930::/48
2a02:ec80:500::/48
2a02:ec80:600::/48
Signature Algorithm: sha256WithRSAEncryption
a8:be:e0:7e:a1:b4:97:88:84:de:49:26:6e:d4:ae:db:07:f0:
cb:49:be:6b:45:64:20:06:24:e8:ce:52:28:bd:26:c8:17:36:
4d:3b:cd:62:23:b6:0c:6d:7b:6a:7f:53:51:9a:5c:a6:48:93:
9f:26:80:16:8d:4c:94:bc:f7:cc:f2:db:68:17:ce:68:9a:ef:
d0:75:18:26:b6:35:8f:e9:6a:ad:c9:e7:c8:04:ff:61:a6:9f:
fd:92:26:59:39:b9:5e:6d:2f:50:db:ad:27:d2:0e:01:16:35:
43:44:fd:10:fe:29:2c:1c:24:fe:77:a4:f8:ae:ca:aa:63:a1:
c5:8d:27:83:10:d3:d0:55:e6:3c:bf:1a:99:f2:3c:a8:a7:63:
2d:a3:e8:68:53:e5:c1:87:3f:15:02:cf:61:aa:dd:98:d8:a9:
93:4d:3a:17:6f:35:16:5a:15:c5:df:f3:a3:c6:11:e8:b3:bc:
a7:b7:07:60:8e:d6:c2:70:3b:e5:63:26:3d:30:9c:c9:c6:28:
0d:48:89:0b:17:84:0d:f2:69:a5:82:d5:35:ee:0c:ea:e1:92:
28:9b:a2:0d:6d:b9:66:45:34:9e:70:cb:7e:75:d6:5e:06:1b:
14:fb:23:82:8b:68:61:49:69:5f:88:a2:ed:db:d7:94:8e:eb:
33:f0:e4:e5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVwHu08s8T7iNNsoduKzGb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YThlNDRlNTczYzUzYzcxOTIzMTJmY2M3MjE1MGQyZGUz
NzdkNmQwHhcNMjMwMTAyMDEzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTAzNDRjZTU0NDQxYjliMmEyYmZjMGQyMDA0MmVhNGFkZTM5ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk35effnd6dFrVYLTwHBto7X3eHAt
9mx3sn41e5flqrdE27JNkH0FcAD7cCs2SqvSm2fJdL4a7ii5+v1Iz2piesQKyfOo
oMe0rkMDYfL/dCF1Wrhy5HKSO6YbAsw18g7r131z5uVvVB4ru0EM5oTyoZlNmClK
kGFeO9UxAh12g3KUvmB7ifMka1Q8aACAPb0i5T3UKLaC2VCxqkjqVkd6gkgiQkZt
1TGZlRnOKb3NKPq4zdMtmpqJ6s1Q6NwqyqEjZa6VsNvMHI4Z5BWBTDofCbvYnwT4
WQuCe49QXoZ++/ynrmCTI6hQZ7tChdmqetJGz4Cj8F2SLnso9reeKC3gPQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFP4DRM5URBubKiv8DSAELqSt456aMB8GA1UdIwQY
MBaAFKmo5E5XPFPHGSMS/MchUNLeN31tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYt
MTk1MTM0NWNlYTMzLzEvX2dORXpsUkVHNXNxS193TklBUXVwSzNqbnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYtMTk1MTM0NWNlYTMz
LzEvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAW8auAwQC
uQ84AwQAuUeKMCEEAgACMBsDBwAgAQZ8CTADBwAqAuyABQADBwAqAuyABgAwDQYJ
KoZIhvcNAQELBQADggEBAKi+4H6htJeIhN5JJm7UrtsH8MtJvmtFZCAGJOjOUii9
JsgXNk07zWIjtgxte2p/U1GaXKZIk58mgBaNTJS898zy22gXzmia79B1GCa2NY/p
aq3J58gE/2Gmn/2SJlk5uV5tL1DbrSfSDgEWNUNE/RD+KSwcJP53pPiuyqpjocWN
J4MQ09BV5jy/GpnyPKinYy2j6GhT5cGHPxUCz2Gq3ZjYqZNNOhdvNRZaFcXf86PG
EeizvKe3B2CO1sJwO+VjJj0wnMnGKA1IiQsXhA3yaaWC1TXuDOrhkiibog1tuWZF
NJ5wy3511l4GGxT7I4KLaGFJaV+Iou3b15SO6zPw5OU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:39 2025 by rpki-client