Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/eb0ea4-2458-4977-827d-fce2795fd80b/1/CiY_wFK0jGX9XtkNUXd6sKZ1Z54.roa
File: CiY_wFK0jGX9XtkNUXd6sKZ1Z54.roa (raw, json)
Hash identifier: 2jU3Kjeuoz6ELwL5RoEeUvFQt5cTPH7yPsl42AWvTIc=
Subject key identifier: 0A:26:3F:C0:52:B4:8C:65:FD:5E:D9:0D:51:77:7A:B0:A6:75:67:9E
Certificate issuer: /CN=16b43fb87e804922d1c6d07e2597b61e04ee17f0
Certificate serial: 01856F8256AF2947AC2BFAF3E2B7220B434D
Authority key identifier: 16:B4:3F:B8:7E:80:49:22:D1:C6:D0:7E:25:97:B6:1E:04:EE:17:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FrQ_uH6ASSLRxtB-JZe2HgTuF_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/eb0ea4-2458-4977-827d-fce2795fd80b/1/CiY_wFK0jGX9XtkNUXd6sKZ1Z54.roa
Signing time: Sun 01 Jan 2023 22:44:50 +0000
ROA not before: Sun 01 Jan 2023 22:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209622
IP address blocks: 185.201.151.0/24 maxlen: 24
88.218.118.0/24 maxlen: 24
5.154.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:56:af:29:47:ac:2b:fa:f3:e2:b7:22:0b:43:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16b43fb87e804922d1c6d07e2597b61e04ee17f0
Validity
Not Before: Jan 1 22:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a263fc052b48c65fd5ed90d51777ab0a675679e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fd:90:0a:66:fc:5e:fe:43:0d:e8:d3:41:ab:
2d:a6:3a:4d:fb:a1:f4:bd:79:9e:80:84:82:f8:c6:
9e:6a:5c:46:36:61:f7:e9:63:2a:bf:43:8d:06:b8:
5c:1d:12:3b:47:3b:6b:04:5a:6c:4e:a2:27:32:ad:
02:bb:0e:ef:5d:91:90:59:c1:60:45:91:6c:9d:a3:
ad:ec:58:19:ad:69:71:3c:85:84:25:87:b4:19:e1:
8c:60:1d:1f:ee:73:21:fc:73:4a:d6:f8:99:28:b5:
f8:06:0b:62:a2:f9:45:86:19:a1:16:fc:38:7e:d1:
e3:23:38:a8:7d:ac:de:d6:91:a6:e8:e5:11:76:ff:
91:17:9d:cb:1f:1f:3a:9d:fe:57:91:d4:b0:06:48:
1c:35:42:9e:76:cc:99:b3:13:05:15:be:67:75:d8:
c7:4c:ea:a6:3a:c4:67:23:41:8d:ea:64:38:e0:b7:
b8:aa:66:f2:3f:56:19:33:35:6a:2f:cb:fe:79:f1:
3b:2b:f7:4f:e8:f1:70:b5:7b:6a:a5:44:51:8a:2f:
8a:c5:75:ff:a4:1b:a5:ac:62:c6:29:b6:cd:aa:03:
20:fa:3e:60:b3:c3:52:51:34:dc:04:d0:69:f2:f1:
2a:4b:b5:3e:5a:62:15:d5:26:fe:96:68:34:31:51:
1a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:26:3F:C0:52:B4:8C:65:FD:5E:D9:0D:51:77:7A:B0:A6:75:67:9E
X509v3 Authority Key Identifier:
keyid:16:B4:3F:B8:7E:80:49:22:D1:C6:D0:7E:25:97:B6:1E:04:EE:17:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FrQ_uH6ASSLRxtB-JZe2HgTuF_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/eb0ea4-2458-4977-827d-fce2795fd80b/1/CiY_wFK0jGX9XtkNUXd6sKZ1Z54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/eb0ea4-2458-4977-827d-fce2795fd80b/1/FrQ_uH6ASSLRxtB-JZe2HgTuF_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.240.0/24
88.218.118.0/24
185.201.151.0/24
Signature Algorithm: sha256WithRSAEncryption
05:20:0f:3d:07:49:39:fb:56:bf:e4:95:8f:06:5c:f2:99:0e:
39:46:bd:2d:ac:e7:d1:58:ee:2f:5f:01:c8:c4:0b:86:0e:6c:
fb:bf:bb:03:b5:9c:ff:8e:e7:29:5a:df:78:ea:42:2d:04:2b:
71:03:23:41:7b:1f:f2:45:62:0a:46:65:3e:6c:09:55:87:ed:
e9:9a:34:6b:69:f8:2e:40:bc:03:69:01:dc:01:ab:c7:ed:fd:
11:f1:61:37:fa:e6:f6:b0:f1:83:b1:1c:7a:aa:ba:25:0b:b1:
3d:16:54:c3:90:06:0e:f4:98:59:06:9b:54:49:90:77:23:17:
36:48:62:64:35:56:c1:a2:f4:38:ec:87:3d:89:1a:e8:95:48:
2e:7d:51:13:29:d8:f4:06:97:f1:13:7e:f4:04:9c:b9:d4:e1:
de:b1:cc:10:4e:1d:a4:f7:af:c2:e8:d3:45:4b:16:e0:d6:9e:
da:f5:8d:b6:9d:c6:76:4f:0b:81:bf:42:cc:c4:89:7c:33:64:
ac:80:3e:b6:4a:03:5a:dc:83:c4:21:63:58:7b:b9:3f:26:13:
a2:08:5c:8e:38:ee:60:f2:9a:b3:05:38:73:37:d4:07:32:eb:
9e:69:73:5d:00:18:dc:45:bb:89:e5:a3:d0:fc:cf:d3:d0:0c:
44:49:ee:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvglavKUesK/rz4rciC0NNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2YjQzZmI4N2U4MDQ5MjJkMWM2ZDA3ZTI1OTdiNjFlMDRl
ZTE3ZjAwHhcNMjMwMTAxMjI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTI2M2ZjMDUyYjQ4YzY1ZmQ1ZWQ5MGQ1MTc3N2FiMGE2NzU2NzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv2QCmb8Xv5DDejTQastpjpN+6H0
vXmegISC+MaealxGNmH36WMqv0ONBrhcHRI7RztrBFpsTqInMq0Cuw7vXZGQWcFg
RZFsnaOt7FgZrWlxPIWEJYe0GeGMYB0f7nMh/HNK1viZKLX4BgtiovlFhhmhFvw4
ftHjIziofaze1pGm6OURdv+RF53LHx86nf5XkdSwBkgcNUKedsyZsxMFFb5nddjH
TOqmOsRnI0GN6mQ44Le4qmbyP1YZMzVqL8v+efE7K/dP6PFwtXtqpURRii+KxXX/
pBulrGLGKbbNqgMg+j5gs8NSUTTcBNBp8vEqS7U+WmIV1Sb+lmg0MVEatQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAomP8BStIxl/V7ZDVF3erCmdWeeMB8GA1UdIwQY
MBaAFBa0P7h+gEki0cbQfiWXth4E7hfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnJRX3VINkFTU0xSeHRCLUpaZTJIZ1R1Rl9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lYjBlYTQtMjQ1OC00OTc3LTgyN2Qt
ZmNlMjc5NWZkODBiLzEvQ2lZX3dGSzBqR1g5WHRrTlVYZDZzS1oxWjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lYjBlYTQtMjQ1OC00OTc3LTgyN2QtZmNlMjc5NWZkODBi
LzEvRnJRX3VINkFTU0xSeHRCLUpaZTJIZ1R1Rl9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZrwAwQA
WNp2AwQAucmXMA0GCSqGSIb3DQEBCwUAA4IBAQAFIA89B0k5+1a/5JWPBlzymQ45
Rr0trOfRWO4vXwHIxAuGDmz7v7sDtZz/jucpWt946kItBCtxAyNBex/yRWIKRmU+
bAlVh+3pmjRrafguQLwDaQHcAavH7f0R8WE3+ub2sPGDsRx6qrolC7E9FlTDkAYO
9JhZBptUSZB3Ixc2SGJkNVbBovQ47Ic9iRrolUgufVETKdj0BpfxE370BJy51OHe
scwQTh2k96/C6NNFSxbg1p7a9Y22ncZ2TwuBv0LMxIl8M2SsgD62SgNa3IPEIWNY
e7k/JhOiCFyOOO5g8pqzBThzN9QHMuueaXNdABjcRbuJ5aPQ/M/T0AxESe6M
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:46:10 2025 by rpki-client