Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/c011o4arFziiYe9vl0VQ7qIxfm8.roa
File: c011o4arFziiYe9vl0VQ7qIxfm8.roa (raw, json)
Hash identifier: mJkcQDn2h8ToSB9639fVJhKeTVIQheRw4gokvFjysEU=
Subject key identifier: 73:4D:75:A3:86:AB:17:38:A2:61:EF:6F:97:45:50:EE:A2:31:7E:6F
Certificate issuer: /CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a
Certificate serial: 01856BB7FE2764331BE7B194BC34C65440F5
Authority key identifier: F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/c011o4arFziiYe9vl0VQ7qIxfm8.roa
Signing time: Sun 01 Jan 2023 05:04:58 +0000
ROA not before: Sun 01 Jan 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202454
IP address blocks: 193.28.36.0/22 maxlen: 22
193.28.37.0/24 maxlen: 24
193.28.36.0/24 maxlen: 24
193.28.38.0/24 maxlen: 24
193.28.39.0/24 maxlen: 24
185.152.0.0/23 maxlen: 23
185.152.0.0/24 maxlen: 24
185.152.3.0/24 maxlen: 24
185.152.1.0/24 maxlen: 24
2a0a:2700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:fe:27:64:33:1b:e7:b1:94:bc:34:c6:54:40:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a
Validity
Not Before: Jan 1 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=734d75a386ab1738a261ef6f974550eea2317e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:81:3d:7c:0e:a4:f1:2e:41:6b:45:a7:5e:5f:
9e:d8:53:dc:f7:ad:5a:8e:0e:3c:bd:e0:3d:1c:47:
45:07:22:35:2f:09:2f:26:fc:7b:d8:52:e7:ce:b8:
55:59:a3:ec:0f:3e:d4:8d:c8:e9:31:91:7c:c3:fc:
65:29:2b:42:f8:4f:bb:4e:2a:f1:46:44:90:57:3e:
12:6c:c2:5e:26:19:24:a3:7c:88:74:b3:6b:c6:77:
f1:40:fa:a7:1d:91:34:e3:c4:31:0a:b0:1b:57:c3:
c5:56:1c:1e:a1:4d:44:0b:e5:1a:4f:53:eb:b0:7e:
fe:b9:4e:79:cf:e4:7e:c3:b0:9a:c4:50:80:9b:2f:
59:7c:0d:a9:98:28:48:be:61:1f:19:5e:c4:4b:87:
6b:45:9f:8b:5d:86:17:61:c9:74:f1:ce:4e:17:cd:
e7:da:00:66:3e:d9:b1:d0:7c:e8:4b:3a:bf:08:b0:
59:50:d3:f6:5c:cd:de:ec:04:cb:51:79:c3:ae:08:
e6:1f:a7:2c:c3:e2:62:11:91:22:26:1d:82:ab:2a:
dd:1a:a8:4d:e1:64:96:8e:df:57:67:f1:81:6d:5e:
7e:4b:2b:69:b1:f8:b7:61:35:21:ac:eb:c4:56:55:
4a:37:de:67:9d:8c:7f:8b:68:c5:3e:3f:c2:26:4a:
ef:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:4D:75:A3:86:AB:17:38:A2:61:EF:6F:97:45:50:EE:A2:31:7E:6F
X509v3 Authority Key Identifier:
keyid:F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/c011o4arFziiYe9vl0VQ7qIxfm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/8M9JYzV925hV-brEx9mVrciaNyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.0.0/23
185.152.3.0/24
193.28.36.0/22
IPv6:
2a0a:2700::/29
Signature Algorithm: sha256WithRSAEncryption
55:d7:06:9e:63:7f:d3:9e:8e:7b:0c:23:23:2e:19:39:0b:5e:
b4:eb:fe:ac:89:72:6d:e0:47:be:ed:00:ba:78:7d:56:42:e3:
f0:ff:9a:91:76:1a:d4:08:d6:bb:26:12:29:c7:9f:bf:e6:90:
90:cf:77:76:01:e8:18:93:e6:df:84:4e:a0:40:9c:c6:b3:07:
a1:88:61:84:80:c7:ca:bd:14:5f:31:71:06:c7:df:2f:3f:3f:
9c:54:27:39:75:1f:dd:7b:f2:87:5b:eb:0e:e8:8b:45:1c:fa:
1f:2e:61:5d:35:c3:f1:e5:84:a3:de:0f:5d:6f:60:06:bb:d3:
c5:22:78:7e:b6:ac:ac:a2:22:8a:23:be:94:05:81:29:83:17:
38:b3:1b:df:5f:a0:d2:a5:0d:cd:f0:21:73:b0:4a:42:23:61:
07:20:fd:b9:b3:c5:51:56:6f:21:56:47:ea:b4:40:e1:46:91:
19:a3:fc:57:0b:d7:c9:ce:c6:fe:38:07:4b:24:66:57:6f:cf:
99:90:4e:b1:d1:d8:3a:ce:ee:94:07:e3:91:c6:62:41:3f:7f:
b7:21:9b:c3:84:eb:41:0f:71:af:ab:7a:87:e9:8c:6a:d5:ef:
47:0b:ca:59:92:3c:d4:f9:33:5c:46:34:a5:4b:1f:2a:81:7e:
3a:f6:ae:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrt/4nZDMb57GUvDTGVED1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2Y0OTYzMzU3ZGRiOTg1NWY5YmFjNGM3ZDk5NWFkYzg5
YTM3MmEwHhcNMjMwMTAxMDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzRkNzVhMzg2YWIxNzM4YTI2MWVmNmY5NzQ1NTBlZWEyMzE3ZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioE9fA6k8S5Ba0WnXl+e2FPc961a
jg48veA9HEdFByI1LwkvJvx72FLnzrhVWaPsDz7UjcjpMZF8w/xlKStC+E+7Tirx
RkSQVz4SbMJeJhkko3yIdLNrxnfxQPqnHZE048QxCrAbV8PFVhweoU1EC+UaT1Pr
sH7+uU55z+R+w7CaxFCAmy9ZfA2pmChIvmEfGV7ES4drRZ+LXYYXYcl08c5OF83n
2gBmPtmx0HzoSzq/CLBZUNP2XM3e7ATLUXnDrgjmH6csw+JiEZEiJh2CqyrdGqhN
4WSWjt9XZ/GBbV5+Sytpsfi3YTUhrOvEVlVKN95nnYx/i2jFPj/CJkrvDwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHNNdaOGqxc4omHvb5dFUO6iMX5vMB8GA1UdIwQY
MBaAFPDPSWM1fduYVfm6xMfZla3ImjcqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE05Sll6VjkyNWhWLWJyRXg5bVZyY2lhTnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NzU5MTItZmQwYy00MzE4LWIwYjAt
NmUwNTZiNjE3ZDJhLzEvYzAxMW80YXJGemlpWWU5dmwwVlE3cUl4Zm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85NzU5MTItZmQwYy00MzE4LWIwYjAtNmUwNTZiNjE3ZDJh
LzEvOE05Sll6VjkyNWhWLWJyRXg5bVZyY2lhTnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuZgAAwQA
uZgDAwQCwRwkMA0EAgACMAcDBQMqCicAMA0GCSqGSIb3DQEBCwUAA4IBAQBV1wae
Y3/Tno57DCMjLhk5C1606/6siXJt4Ee+7QC6eH1WQuPw/5qRdhrUCNa7JhIpx5+/
5pCQz3d2AegYk+bfhE6gQJzGswehiGGEgMfKvRRfMXEGx98vPz+cVCc5dR/de/KH
W+sO6ItFHPofLmFdNcPx5YSj3g9db2AGu9PFInh+tqysoiKKI76UBYEpgxc4sxvf
X6DSpQ3N8CFzsEpCI2EHIP25s8VRVm8hVkfqtEDhRpEZo/xXC9fJzsb+OAdLJGZX
b8+ZkE6x0dg6zu6UB+ORxmJBP3+3IZvDhOtBD3Gvq3qH6Yxq1e9HC8pZkjzU+TNc
RjSlSx8qgX469q42
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:29:18 2025 by rpki-client