Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/g_pqSGxdha-dNZfm7YkeOI3PrkU.roa
File: g_pqSGxdha-dNZfm7YkeOI3PrkU.roa (raw, json)
Hash identifier: Me87QOWH231uuK4W0d4IJh8vunoyhMqFS4o1869dl5o=
Subject key identifier: 83:FA:6A:48:6C:5D:85:AF:9D:35:97:E6:ED:89:1E:38:8D:CF:AE:45
Certificate issuer: /CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Certificate serial: 018B4C28FB37A863F912174EA0AD6C7F0B53
Authority key identifier: F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/g_pqSGxdha-dNZfm7YkeOI3PrkU.roa
Signing time: Fri 20 Oct 2023 08:17:15 +0000
ROA not before: Fri 20 Oct 2023 08:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39683
IP address blocks: 185.252.22.0/23 maxlen: 23
5.61.96.0/21 maxlen: 24
195.189.224.0/24 maxlen: 24
195.189.224.0/23 maxlen: 23
195.189.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:28:fb:37:a8:63:f9:12:17:4e:a0:ad:6c:7f:0b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Validity
Not Before: Oct 20 08:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83fa6a486c5d85af9d3597e6ed891e388dcfae45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:78:7b:52:93:a0:16:19:92:1a:9f:e6:2e:9f:
68:bc:bc:3f:85:6b:b6:ed:fc:dd:49:94:90:6d:74:
a9:89:98:f0:da:b6:96:cc:ba:86:d3:08:1e:74:d9:
a1:19:7a:6c:43:4a:92:1d:ce:5c:ab:b7:ca:ce:79:
2c:4e:f0:5b:c3:e7:39:ff:78:61:c9:2e:29:04:b6:
e0:2f:44:74:7b:a3:44:9e:38:2a:07:d7:d7:eb:3a:
f2:63:5f:1b:e3:a5:5d:38:3f:df:22:4b:86:ba:f0:
ff:c5:08:81:f6:9d:04:0a:f5:e8:24:7b:2c:70:c8:
03:9b:d2:58:80:1d:bc:64:fc:ed:d4:65:0d:d6:63:
c1:29:d9:65:b3:6a:3a:e8:4f:06:2f:72:35:ae:e2:
37:99:cc:ea:52:0d:d4:ed:ef:d0:d6:5f:50:1f:59:
71:78:e5:f5:88:2e:9d:87:ca:a7:ba:34:5f:d4:22:
ad:dd:4e:da:03:f1:f7:54:77:6e:69:32:c9:74:fb:
23:a3:4a:4f:0f:25:60:00:eb:f7:3e:2c:c4:a0:8e:
3b:55:04:c1:b7:12:e1:05:7e:f7:ec:d5:ae:9d:f2:
8f:c2:d5:42:3b:13:38:d6:72:39:29:35:01:10:3e:
75:26:01:f9:e1:e8:75:35:34:1b:49:3c:c1:01:be:
bd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FA:6A:48:6C:5D:85:AF:9D:35:97:E6:ED:89:1E:38:8D:CF:AE:45
X509v3 Authority Key Identifier:
keyid:F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/g_pqSGxdha-dNZfm7YkeOI3PrkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.96.0/21
185.252.22.0/23
195.189.224.0/23
Signature Algorithm: sha256WithRSAEncryption
51:be:b6:76:68:ec:c3:f3:67:c2:02:16:4f:76:16:cf:d2:a2:
84:bb:23:7a:5f:13:db:e7:0c:98:97:a2:3e:52:be:cc:ef:a4:
d2:f6:c3:04:f3:80:79:cd:46:a4:72:ff:82:60:ec:23:c9:1c:
ca:88:43:7d:9b:8e:2b:72:2e:1b:76:cc:76:de:ab:56:a7:07:
4d:c8:aa:69:2f:59:3a:44:41:e1:04:ec:59:a7:44:55:d7:5e:
94:7e:1f:24:64:c5:c3:0e:ad:a8:ce:08:25:2a:5a:e7:08:61:
4e:87:f2:9c:ba:c6:35:01:7d:80:8d:98:09:17:ec:8c:48:2f:
df:f2:89:73:d2:fc:03:b3:5a:95:00:a7:45:dc:81:47:ff:f2:
48:14:37:1e:5a:81:04:e8:f5:03:aa:db:aa:ef:a9:ab:a0:72:
94:53:f0:05:ce:b8:84:3a:52:e2:86:34:6a:db:9a:b8:b7:e6:
1a:d2:ab:c5:ba:b2:10:a2:d3:af:a9:6f:ad:92:7d:f9:d5:e1:
68:05:f0:20:e2:3e:3e:56:3a:48:5a:04:14:d9:91:b8:b6:35:
57:43:53:d8:e7:34:63:0a:19:78:9f:ba:d1:71:0d:dc:4b:a1:
b0:12:08:2c:81:8c:f2:8f:57:68:38:5d:00:96:b4:c7:4c:16:
17:85:5e:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtMKPs3qGP5EhdOoK1sfwtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjE4NmU5NzA5N2M4NDE3ZDk0MzdkNzBjZmRmYzUyNzMz
MWI1YTgwHhcNMjMxMDIwMDgxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZhNmE0ODZjNWQ4NWFmOWQzNTk3ZTZlZDg5MWUzODhkY2ZhZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3h7UpOgFhmSGp/mLp9ovLw/hWu2
7fzdSZSQbXSpiZjw2raWzLqG0wgedNmhGXpsQ0qSHc5cq7fKznksTvBbw+c5/3hh
yS4pBLbgL0R0e6NEnjgqB9fX6zryY18b46VdOD/fIkuGuvD/xQiB9p0ECvXoJHss
cMgDm9JYgB28ZPzt1GUN1mPBKdlls2o66E8GL3I1ruI3mczqUg3U7e/Q1l9QH1lx
eOX1iC6dh8qnujRf1CKt3U7aA/H3VHduaTLJdPsjo0pPDyVgAOv3PizEoI47VQTB
txLhBX737NWunfKPwtVCOxM41nI5KTUBED51JgH54eh1NTQbSTzBAb69gQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIP6akhsXYWvnTWX5u2JHjiNz65FMB8GA1UdIwQY
MBaAFPHxhulwl8hBfZQ31wz9/FJzMbWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2Mt
YjY1Y2QxMzYyNjJlLzEvZ19wcVNHeGRoYS1kTlpmbTdZa2VPSTNQcmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2MtYjY1Y2QxMzYyNjJl
LzEvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBT1gAwQB
ufwWAwQBw73gMA0GCSqGSIb3DQEBCwUAA4IBAQBRvrZ2aOzD82fCAhZPdhbP0qKE
uyN6XxPb5wyYl6I+Ur7M76TS9sME84B5zUakcv+CYOwjyRzKiEN9m44rci4bdsx2
3qtWpwdNyKppL1k6REHhBOxZp0RV116Ufh8kZMXDDq2ozgglKlrnCGFOh/KcusY1
AX2AjZgJF+yMSC/f8olz0vwDs1qVAKdF3IFH//JIFDceWoEE6PUDqtuq76mroHKU
U/AFzriEOlLihjRq25q4t+Ya0qvFurIQotOvqW+tkn351eFoBfAg4j4+VjpIWgQU
2ZG4tjVXQ1PY5zRjChl4n7rRcQ3cS6GwEggsgYzyj1doOF0AlrTHTBYXhV4Q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:44 2025 by rpki-client