Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/P-gb5QJ0Ce4-MKQS3cGYIzourPk.roa
File: P-gb5QJ0Ce4-MKQS3cGYIzourPk.roa (raw, json)
Hash identifier: VR6bOCmtDtLFM2WT7Zkxy2yYaernIAkAYo4V566J/is=
Subject key identifier: 3F:E8:1B:E5:02:74:09:EE:3E:30:A4:12:DD:C1:98:23:3A:2E:AC:F9
Certificate issuer: /CN=52413f2e55907004c5ab6989de7eed1543535811
Certificate serial: 018B768F786FF1522C1A5E5C23BB6F42B469
Authority key identifier: 52:41:3F:2E:55:90:70:04:C5:AB:69:89:DE:7E:ED:15:43:53:58:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkE_LlWQcATFq2mJ3n7tFUNTWBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/P-gb5QJ0Ce4-MKQS3cGYIzourPk.roa
Signing time: Sat 28 Oct 2023 13:53:15 +0000
ROA not before: Sat 28 Oct 2023 13:53:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47546
IP address blocks: 195.88.64.0/24 maxlen: 24
195.88.65.0/24 maxlen: 24
185.142.58.0/23 maxlen: 23
185.142.56.0/22 maxlen: 22
185.142.56.0/23 maxlen: 23
188.215.35.0/24 maxlen: 24
188.215.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:76:8f:78:6f:f1:52:2c:1a:5e:5c:23:bb:6f:42:b4:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52413f2e55907004c5ab6989de7eed1543535811
Validity
Not Before: Oct 28 13:53:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fe81be5027409ee3e30a412ddc198233a2eacf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ca:cc:47:71:1b:aa:c9:83:0b:8b:6d:c1:ea:
08:1c:75:90:5b:c4:c3:1a:91:ee:3f:92:62:3a:c8:
e3:24:68:7d:91:fc:7b:02:85:69:f6:dd:e5:7f:74:
06:1f:8b:18:74:4c:a9:1f:55:12:0f:97:4f:c5:17:
71:77:e0:0c:ce:b0:41:35:3a:92:29:b4:10:29:64:
06:2c:8e:72:cb:17:bd:e2:87:78:38:35:4c:41:70:
88:d1:0c:3d:09:f6:70:41:e9:f0:0b:69:50:6c:41:
1e:d2:c7:c4:3b:2c:ad:e9:68:3c:fa:ad:56:77:a2:
82:11:f4:2d:86:0c:0f:ec:25:db:3c:13:6f:51:01:
72:7a:d4:5a:4f:a7:4e:81:39:8a:c9:bf:4a:2c:d7:
3c:44:00:03:1d:3a:fe:0a:cc:0d:06:6a:a1:92:91:
9e:a7:c4:af:d6:15:36:e4:c9:7d:59:0b:09:96:ff:
e8:ba:10:7b:f3:7a:15:3c:41:96:85:ad:b1:36:c4:
1e:6f:ca:c7:fe:f8:71:23:0d:c1:98:fb:9c:f1:82:
d6:42:e1:fa:30:a3:0a:a8:ad:f9:bd:be:31:dd:4f:
ff:46:da:5d:93:72:30:4c:fe:70:c8:8c:18:f0:26:
63:ab:14:81:bb:79:d8:2a:92:ad:28:05:22:54:95:
4c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E8:1B:E5:02:74:09:EE:3E:30:A4:12:DD:C1:98:23:3A:2E:AC:F9
X509v3 Authority Key Identifier:
keyid:52:41:3F:2E:55:90:70:04:C5:AB:69:89:DE:7E:ED:15:43:53:58:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkE_LlWQcATFq2mJ3n7tFUNTWBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/P-gb5QJ0Ce4-MKQS3cGYIzourPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/UkE_LlWQcATFq2mJ3n7tFUNTWBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.56.0/22
188.215.33.0/24
188.215.35.0/24
195.88.64.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:6c:ce:36:dd:25:41:10:52:c1:6d:c8:0f:6a:e2:f2:95:3f:
3d:23:76:ce:90:48:11:b5:f3:8c:b5:b0:36:a4:55:8a:8a:16:
57:d8:47:a1:e6:0a:08:1b:f5:33:38:2a:47:06:fd:49:c3:c9:
ba:98:19:07:7f:6e:bf:e1:08:27:47:1a:d7:01:62:61:dd:b1:
4b:33:65:77:44:30:35:0f:36:54:5e:87:5d:82:b6:c3:af:84:
87:cd:cf:3a:19:d1:16:b0:d2:00:69:be:2f:51:62:2b:70:2b:
c3:43:02:92:62:97:ff:f3:51:8c:2a:75:c6:85:1b:6a:97:6a:
19:7c:62:ca:ee:9c:ac:59:0f:93:ae:0f:fa:8a:db:c7:42:5c:
de:da:22:a0:d3:d7:f1:85:5f:85:79:d6:1b:2b:cc:e0:c6:75:
98:ee:62:b2:0c:d3:68:04:26:8f:1d:5c:5b:cb:34:16:2e:e2:
10:91:bc:3c:47:3d:e1:1c:e3:5b:ee:c0:43:89:2d:00:39:54:
b2:f4:c1:fd:c9:b5:b6:1c:62:95:dc:03:72:cd:e3:30:22:9e:
ef:cf:4c:35:a5:0b:79:65:34:7d:21:ea:4f:1c:66:5f:f5:0e:
ae:c7:1b:7c:0f:25:ca:2f:7c:b8:d8:3e:96:b3:5f:4d:92:63:
af:cc:03:62
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYt2j3hv8VIsGl5cI7tvQrRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNDEzZjJlNTU5MDcwMDRjNWFiNjk4OWRlN2VlZDE1NDM1
MzU4MTEwHhcNMjMxMDI4MTM1MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmU4MWJlNTAyNzQwOWVlM2UzMGE0MTJkZGMxOTgyMzNhMmVhY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsrMR3EbqsmDC4ttweoIHHWQW8TD
GpHuP5JiOsjjJGh9kfx7AoVp9t3lf3QGH4sYdEypH1USD5dPxRdxd+AMzrBBNTqS
KbQQKWQGLI5yyxe94od4ODVMQXCI0Qw9CfZwQenwC2lQbEEe0sfEOyyt6Wg8+q1W
d6KCEfQthgwP7CXbPBNvUQFyetRaT6dOgTmKyb9KLNc8RAADHTr+CswNBmqhkpGe
p8Sv1hU25Ml9WQsJlv/ouhB783oVPEGWha2xNsQeb8rH/vhxIw3BmPuc8YLWQuH6
MKMKqK35vb4x3U//Rtpdk3IwTP5wyIwY8CZjqxSBu3nYKpKtKAUiVJVM5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD/oG+UCdAnuPjCkEt3BmCM6Lqz5MB8GA1UdIwQY
MBaAFFJBPy5VkHAExatpid5+7RVDU1gRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWtFX0xsV1FjQVRGcTJtSjNuN3RGVU5UV0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mYmQ2YzUtNDYwZS00NGZjLWIwNzQt
OGJmZGI5Njk4NTljLzEvUC1nYjVRSjBDZTQtTUtRUzNjR1lJem91clBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mYmQ2YzUtNDYwZS00NGZjLWIwNzQtOGJmZGI5Njk4NTlj
LzEvVWtFX0xsV1FjQVRGcTJtSjNuN3RGVU5UV0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuY44AwQA
vNchAwQAvNcjAwQBw1hAMA0GCSqGSIb3DQEBCwUAA4IBAQCxbM423SVBEFLBbcgP
auLylT89I3bOkEgRtfOMtbA2pFWKihZX2Eeh5goIG/UzOCpHBv1Jw8m6mBkHf26/
4QgnRxrXAWJh3bFLM2V3RDA1DzZUXoddgrbDr4SHzc86GdEWsNIAab4vUWIrcCvD
QwKSYpf/81GMKnXGhRtql2oZfGLK7pysWQ+Trg/6itvHQlze2iKg09fxhV+FedYb
K8zgxnWY7mKyDNNoBCaPHVxbyzQWLuIQkbw8Rz3hHONb7sBDiS0AOVSy9MH9ybW2
HGKV3ANyzeMwIp7vz0w1pQt5ZTR9IepPHGZf9Q6uxxt8DyXKL3y42D6Ws19NkmOv
zANi
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:36 2025 by rpki-client