Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/AeFGp_yovSBICbJS6DCVtn2mQ0w.roa
File: AeFGp_yovSBICbJS6DCVtn2mQ0w.roa (raw, json)
Hash identifier: vZKUKeKvmA3bs3GeB9voQoGC+sYFghyjhLwCb1RuNlE=
Subject key identifier: 01:E1:46:A7:FC:A8:BD:20:48:09:B2:52:E8:30:95:B6:7D:A6:43:4C
Certificate issuer: /CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Certificate serial: 018A961E69F63F1DEB87CE1CB33039C7B11A
Authority key identifier: 02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/AeFGp_yovSBICbJS6DCVtn2mQ0w.roa
Signing time: Thu 14 Sep 2023 23:54:50 +0000
ROA not before: Thu 14 Sep 2023 23:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49305
IP address blocks: 185.228.251.0/24 maxlen: 24
94.247.136.0/24 maxlen: 24
2a0e:3ec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:96:1e:69:f6:3f:1d:eb:87:ce:1c:b3:30:39:c7:b1:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Validity
Not Before: Sep 14 23:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01e146a7fca8bd204809b252e83095b67da6434c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:77:ee:70:53:07:ac:d8:5f:0f:a7:91:85:2c:
cb:b3:f7:b5:87:14:dd:7d:aa:0c:6f:a3:17:e8:fa:
06:06:64:13:b2:8d:8a:16:21:29:6b:cb:97:ca:77:
03:ef:bf:3c:ee:f2:e6:16:df:7b:fc:c8:4a:73:3d:
d6:c2:15:a7:f6:f4:e5:67:43:24:a0:99:ae:7d:9d:
f0:da:97:0a:72:89:1b:a9:2b:42:f0:31:6c:72:82:
31:4c:ac:0b:1e:88:ee:84:11:b8:b0:22:db:96:c0:
91:5a:cd:27:84:3f:c7:6e:d0:d3:ed:63:71:f1:29:
94:dd:6e:2f:90:a9:6b:dc:c7:4e:5f:6f:4b:47:fd:
f0:eb:a7:58:76:8a:aa:b6:3f:9a:5c:55:5e:c9:9f:
79:d4:0e:6a:c9:3f:d9:5d:aa:81:bf:9d:79:09:93:
61:fe:48:1a:18:c5:d5:9a:89:5e:c7:c8:19:ab:37:
15:86:c1:c6:d1:f4:92:80:a6:99:b9:7b:03:7c:e7:
ae:e4:b7:91:78:c8:24:c3:7b:93:ba:13:f8:f9:80:
b6:a6:39:4e:74:5a:26:8d:78:f3:f8:a0:43:27:47:
c5:b7:94:1b:e8:53:0b:18:16:8f:61:33:94:2e:a1:
55:44:cc:dc:c8:d4:ac:1e:f7:f1:b1:0c:ad:c8:c4:
74:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E1:46:A7:FC:A8:BD:20:48:09:B2:52:E8:30:95:B6:7D:A6:43:4C
X509v3 Authority Key Identifier:
keyid:02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/AeFGp_yovSBICbJS6DCVtn2mQ0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.136.0/24
185.228.251.0/24
IPv6:
2a0e:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
73:12:70:83:fe:69:51:3c:5f:9f:c5:ef:13:6a:37:cd:93:7f:
23:84:cb:3d:74:23:23:57:06:39:fb:24:18:50:7b:7f:6c:0d:
fd:07:d1:18:a8:f5:f2:49:58:05:58:3a:89:e1:fa:22:08:d8:
89:4e:42:d3:05:bd:eb:cd:71:21:d7:bf:1e:24:a8:4c:73:da:
fa:79:ea:a2:2e:34:e6:52:c5:b2:e8:23:a9:29:88:23:d7:0d:
3d:85:82:63:34:13:8a:b5:e8:9a:79:43:d5:d5:02:cb:97:cd:
23:61:09:86:81:b7:90:39:06:16:52:5f:aa:79:cc:9a:2d:dd:
0e:9c:1f:28:f6:00:cb:65:fa:36:e1:6e:30:4b:b2:94:52:5c:
67:16:09:c5:a1:56:f0:af:eb:71:b6:6e:87:d1:ef:73:65:89:
40:44:62:59:7c:0d:1e:6f:a2:2d:3d:72:e7:81:89:8e:ed:85:
a0:76:87:b7:40:85:7b:04:e3:26:fe:af:84:3f:27:3c:b8:47:
33:2d:90:45:96:99:53:8d:b8:3c:2f:97:51:58:34:2e:4f:45:
12:a1:bc:c5:88:29:9c:f2:41:a3:ec:17:1c:6a:c5:c0:22:6e:
0b:85:62:02:f8:2f:34:49:38:9d:8d:1a:ed:e1:9b:68:07:bf:
88:20:a9:2f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYqWHmn2Px3rh84cszA5x7EaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNWYyYTkzZGIxMGYyZGQ1ZjZhNTViYjJhNDQwZjY3NDg2
Y2QxYTMwHhcNMjMwOTE0MjM1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWUxNDZhN2ZjYThiZDIwNDgwOWIyNTJlODMwOTViNjdkYTY0MzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXfucFMHrNhfD6eRhSzLs/e1hxTd
faoMb6MX6PoGBmQTso2KFiEpa8uXyncD77887vLmFt97/MhKcz3WwhWn9vTlZ0Mk
oJmufZ3w2pcKcokbqStC8DFscoIxTKwLHojuhBG4sCLblsCRWs0nhD/HbtDT7WNx
8SmU3W4vkKlr3MdOX29LR/3w66dYdoqqtj+aXFVeyZ951A5qyT/ZXaqBv515CZNh
/kgaGMXVmolex8gZqzcVhsHG0fSSgKaZuXsDfOeu5LeReMgkw3uTuhP4+YC2pjlO
dFomjXjz+KBDJ0fFt5Qb6FMLGBaPYTOULqFVRMzcyNSsHvfxsQytyMR0ZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAHhRqf8qL0gSAmyUugwlbZ9pkNMMB8GA1UdIwQY
MBaAFAJfKpPbEPLdX2pVuypED2dIbNGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYt
MmVjZGExMWRlMTUzLzEvQWVGR3BfeW92U0JJQ2JKUzZEQ1Z0bjJtUTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYtMmVjZGExMWRlMTUz
LzEvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXveIAwQA
ueT7MA0EAgACMAcDBQMqDj7AMA0GCSqGSIb3DQEBCwUAA4IBAQBzEnCD/mlRPF+f
xe8TajfNk38jhMs9dCMjVwY5+yQYUHt/bA39B9EYqPXySVgFWDqJ4foiCNiJTkLT
Bb3rzXEh178eJKhMc9r6eeqiLjTmUsWy6COpKYgj1w09hYJjNBOKteiaeUPV1QLL
l80jYQmGgbeQOQYWUl+qecyaLd0OnB8o9gDLZfo24W4wS7KUUlxnFgnFoVbwr+tx
tm6H0e9zZYlARGJZfA0eb6ItPXLngYmO7YWgdoe3QIV7BOMm/q+EPyc8uEczLZBF
lplTjbg8L5dRWDQuT0USobzFiCmc8kGj7BccasXAIm4LhWIC+C80STidjRrt4Zto
B7+IIKkv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:55 2025 by rpki-client