Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/GnOahS4ksmQEPUJzahoYdBNPLy8.roa
File: GnOahS4ksmQEPUJzahoYdBNPLy8.roa (raw, json)
Hash identifier: swQ7ScQlSLVDE6BXkAW31HSiiuLKvD2TZX+jSTon1qQ=
Subject key identifier: 1A:73:9A:85:2E:24:B2:64:04:3D:42:73:6A:1A:18:74:13:4F:2F:2F
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 01856D942151585C17977FC61E86F8574754
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/GnOahS4ksmQEPUJzahoYdBNPLy8.roa
Signing time: Sun 01 Jan 2023 13:45:02 +0000
ROA not before: Sun 01 Jan 2023 13:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209459
IP address blocks: 185.143.232.0/22 maxlen: 24
193.176.240.0/22 maxlen: 24
185.97.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:21:51:58:5c:17:97:7f:c6:1e:86:f8:57:47:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Jan 1 13:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a739a852e24b264043d42736a1a1874134f2f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:66:d3:1d:b7:a4:65:92:bb:76:cd:e1:3e:
33:68:0a:e6:95:40:2b:06:16:8c:65:83:22:d3:44:
19:eb:94:a0:b6:3e:ef:8a:85:cc:78:9d:6d:76:60:
c4:3e:64:3f:f3:89:5d:8e:bb:2e:58:a5:53:d4:59:
b9:16:0c:a6:f3:9f:af:57:28:43:44:8c:36:2a:ef:
87:75:ca:b2:2b:52:0f:bf:99:95:88:49:6f:5a:84:
c8:00:67:ed:e9:ca:d8:7d:84:25:78:a2:58:e6:d5:
ef:07:bd:17:76:d4:99:94:43:96:ea:05:8d:e4:81:
b4:3a:a5:8f:73:7f:93:c2:50:a0:62:cc:e2:86:26:
90:da:ad:dc:65:3c:81:dc:7d:7f:ef:83:db:3d:14:
da:77:b0:22:ac:e1:e0:81:83:16:87:50:db:c7:ff:
c5:9c:cf:f5:07:26:ff:6b:42:86:41:63:80:df:24:
e6:62:ef:80:9c:1c:f5:00:10:56:04:fd:5d:26:37:
66:ce:1a:ae:dc:b2:bc:e0:bc:6e:d5:cf:f0:60:d7:
09:42:a6:83:f7:44:93:73:76:46:e9:2c:6d:d1:d6:
d8:e1:d2:6b:d3:1c:af:18:51:b1:0f:5d:5c:e8:10:
dc:84:fc:bc:cf:3c:ac:e8:47:42:08:3b:08:b9:4f:
ca:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:73:9A:85:2E:24:B2:64:04:3D:42:73:6A:1A:18:74:13:4F:2F:2F
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/GnOahS4ksmQEPUJzahoYdBNPLy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.116.0/22
185.143.232.0/22
193.176.240.0/22
Signature Algorithm: sha256WithRSAEncryption
46:13:f4:46:29:4c:4d:42:fe:7d:16:80:15:11:56:18:99:bf:
67:27:ed:f0:be:30:b9:d6:67:b4:df:62:2b:e3:72:8d:d2:d4:
37:38:6f:88:8b:2a:37:01:86:44:a2:1e:b8:d0:49:46:c0:8a:
d1:de:18:8b:ad:1f:65:af:b2:e3:6b:01:3a:30:f9:d2:30:9f:
8c:36:cd:ac:fb:bd:aa:1c:7f:70:f5:42:ba:84:a2:15:b9:ac:
80:17:08:28:22:20:86:6a:cf:22:b2:b2:78:33:bf:6e:e8:c1:
ef:c0:ff:6e:54:01:07:d6:51:ed:47:61:5e:41:d3:9d:31:dd:
7f:b9:0c:85:6f:b2:51:32:86:6e:c0:c6:a9:39:ba:e6:0f:ad:
e8:be:c6:34:4c:c3:bd:e8:72:61:4b:7a:9d:23:de:b4:f5:c3:
4c:31:a9:f1:85:ad:77:26:67:70:92:39:b0:32:38:e1:4a:67:
d7:8b:a9:f2:03:14:f4:1d:9a:dd:91:c3:60:ae:03:c8:65:bf:
ff:de:3c:f5:69:bf:d1:ec:94:62:e1:c7:d0:22:6b:4d:f9:21:
fe:aa:e5:62:b7:90:f5:fa:97:c2:72:fc:42:d7:d1:19:10:1a:
de:67:21:80:06:8d:0c:14:f7:8e:bf:60:25:35:5b:b6:7c:3c:
da:e0:ed:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtlCFRWFwXl3/GHob4V0dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjMwMTAxMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTczOWE4NTJlMjRiMjY0MDQzZDQyNzM2YTFhMTg3NDEzNGYyZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwpm0x23pGWSu3bN4T4zaArmlUAr
BhaMZYMi00QZ65Sgtj7vioXMeJ1tdmDEPmQ/84ldjrsuWKVT1Fm5Fgym85+vVyhD
RIw2Ku+HdcqyK1IPv5mViElvWoTIAGft6crYfYQleKJY5tXvB70XdtSZlEOW6gWN
5IG0OqWPc3+TwlCgYszihiaQ2q3cZTyB3H1/74PbPRTad7AirOHggYMWh1Dbx//F
nM/1Byb/a0KGQWOA3yTmYu+AnBz1ABBWBP1dJjdmzhqu3LK84Lxu1c/wYNcJQqaD
90STc3ZG6Sxt0dbY4dJr0xyvGFGxD11c6BDchPy8zzys6EdCCDsIuU/K9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBpzmoUuJLJkBD1Cc2oaGHQTTy8vMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvR25PYWhTNGtzbVFFUFVKemFob1lkQk5QTHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuWF0AwQC
uY/oAwQCwbDwMA0GCSqGSIb3DQEBCwUAA4IBAQBGE/RGKUxNQv59FoAVEVYYmb9n
J+3wvjC51me032Ir43KN0tQ3OG+Iiyo3AYZEoh640ElGwIrR3hiLrR9lr7LjawE6
MPnSMJ+MNs2s+72qHH9w9UK6hKIVuayAFwgoIiCGas8isrJ4M79u6MHvwP9uVAEH
1lHtR2FeQdOdMd1/uQyFb7JRMoZuwMapObrmD63ovsY0TMO96HJhS3qdI9609cNM
Manxha13JmdwkjmwMjjhSmfXi6nyAxT0HZrdkcNgrgPIZb//3jz1ab/R7JRi4cfQ
ImtN+SH+quVit5D1+pfCcvxC19EZEBreZyGABo0MFPeOv2AlNVu2fDza4O3Z
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:03:06 2025 by rpki-client