Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/SiEETOn2rVR2L1uAYUl3ecnKtRY.roa
File: SiEETOn2rVR2L1uAYUl3ecnKtRY.roa (raw, json)
Hash identifier: UTpOAGmOt4yCoL48ZEXvx0vIO5UGNdyaGA/aDMAUNu0=
Subject key identifier: 4A:21:04:4C:E9:F6:AD:54:76:2F:5B:80:61:49:77:79:C9:CA:B5:16
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 018BB3DEFEBC646AD3ED046D6AB35AB03E80
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/SiEETOn2rVR2L1uAYUl3ecnKtRY.roa
Signing time: Thu 09 Nov 2023 11:36:57 +0000
ROA not before: Thu 09 Nov 2023 11:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
2a0d:4a40::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
2a0e:3f00::/29 maxlen: 48
2a0e:d4c0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0d:42c0::/29 maxlen: 48
2a09:6e40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:de:fe:bc:64:6a:d3:ed:04:6d:6a:b3:5a:b0:3e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Nov 9 11:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a21044ce9f6ad54762f5b8061497779c9cab516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:43:73:98:f9:44:98:a2:c5:07:d7:86:c2:62:
2f:bb:da:36:b7:51:99:e8:37:af:a3:ee:2a:c6:90:
64:c1:f7:52:d2:bc:33:09:ec:77:e9:ec:fd:1f:bf:
3e:b8:1e:ed:08:e4:9b:c9:93:10:f9:3a:8c:ed:e9:
c9:9a:3e:58:3f:48:5a:d4:b7:8a:48:32:ac:9f:e5:
15:a3:22:e3:7f:21:a2:22:62:31:02:a1:49:60:20:
90:64:80:f2:2c:8b:d7:fb:85:59:4c:87:1c:10:75:
25:8e:26:70:df:68:e8:90:6e:f5:00:03:3e:17:8b:
f8:17:ce:05:27:3b:a9:95:ca:6a:0f:2b:d6:a6:ae:
7b:88:ef:cc:0e:18:91:8d:ae:b0:38:ee:1e:27:28:
42:73:8d:c3:5d:47:43:4e:4d:c8:13:25:4a:9d:ff:
99:f3:e0:6a:6c:c8:c6:76:e7:e2:37:03:2c:91:da:
13:7a:27:56:03:e2:35:29:cc:77:dd:d9:e3:0b:86:
94:94:05:71:31:16:f6:62:e3:e9:95:4e:cb:fb:a1:
36:61:92:b9:d3:f1:8f:3d:8b:78:fa:b3:91:15:9b:
72:34:39:8f:1f:a6:bf:57:e4:32:83:82:b8:09:33:
7b:52:d1:44:25:0a:1a:fa:91:85:4e:e8:40:3f:73:
4a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:21:04:4C:E9:F6:AD:54:76:2F:5B:80:61:49:77:79:C9:CA:B5:16
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/SiEETOn2rVR2L1uAYUl3ecnKtRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
109.104.134.0-109.104.143.255
109.104.156.0/24
109.104.159.0/24
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
63:56:2b:66:bc:c1:5b:51:3d:78:f1:e9:77:16:57:6a:87:3f:
17:6d:3d:26:71:63:71:1a:31:2e:76:e4:a9:88:a2:01:e4:d3:
c3:e8:ba:83:be:d5:af:9d:fc:96:68:ca:e0:53:ce:69:43:e8:
2c:21:e6:e1:79:00:41:70:c0:4a:33:54:d6:f7:ac:4f:c3:85:
be:7b:3b:61:b2:97:0a:c1:88:c4:5b:08:ba:f3:e2:f8:0c:ed:
a9:89:c7:0b:57:65:db:1f:93:8c:67:bf:e7:b6:ae:b0:20:fc:
af:c7:35:68:3c:0b:a4:54:fe:20:e1:ff:f9:34:34:9b:e0:27:
74:60:75:47:25:ae:6d:28:5d:f9:1b:84:49:a4:05:3d:3b:64:
b5:c7:26:c9:3e:65:d1:0d:d4:d4:f4:0c:bd:1a:e8:cf:0a:ae:
3f:5f:a1:d0:12:68:01:ab:01:d6:8d:ef:e7:46:53:53:3a:81:
84:15:a0:74:7a:34:5a:d0:51:17:a8:c7:d0:27:3f:cb:84:d5:
89:d9:09:a0:95:2a:b2:de:a3:f6:00:74:e5:f9:14:e8:ee:db:
0e:32:d5:6d:a1:70:af:cf:23:18:06:10:26:f5:c7:21:41:bf:
76:c5:31:38:fd:1a:de:04:44:6e:29:a7:87:35:86:b0:20:58:
70:f0:35:47
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYuz3v68ZGrT7QRtarNasD6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjMxMTA5MTEzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTIxMDQ0Y2U5ZjZhZDU0NzYyZjViODA2MTQ5Nzc3OWM5Y2FiNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0NzmPlEmKLFB9eGwmIvu9o2t1GZ
6Devo+4qxpBkwfdS0rwzCex36ez9H78+uB7tCOSbyZMQ+TqM7enJmj5YP0ha1LeK
SDKsn+UVoyLjfyGiImIxAqFJYCCQZIDyLIvX+4VZTIccEHUljiZw32jokG71AAM+
F4v4F84FJzuplcpqDyvWpq57iO/MDhiRja6wOO4eJyhCc43DXUdDTk3IEyVKnf+Z
8+BqbMjGdufiNwMskdoTeidWA+I1Kcx33dnjC4aUlAVxMRb2YuPplU7L+6E2YZK5
0/GPPYt4+rORFZtyNDmPH6a/V+Qyg4K4CTN7UtFEJQoa+pGFTuhAP3NK9QIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFEohBEzp9q1Udi9bgGFJd3nJyrUWMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvU2lFRVRPbjJyVlIyTDF1QVlVbDNlY25LdFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzBEBAIAATA+AwQDH6uY
AwQCLY4YMAwDBAFtaIYDBARtaIADBABtaJwDBABtaJ8DBAK5NWQDBAK56XwDBAHC
cVADBAHCcV4wUwQCAAIwTQMFAyoEJ8ADBQMqCW5AAwUDKgluwAMFAyoNJ8ADBQMq
DULAAwUDKg1KQAMFAyoOPwADBQMqDk8AAwUDKg7UwAMFAyoPQsADBQMqD6iAMA0G
CSqGSIb3DQEBCwUAA4IBAQBjVitmvMFbUT148el3Fldqhz8XbT0mcWNxGjEuduSp
iKIB5NPD6LqDvtWvnfyWaMrgU85pQ+gsIebheQBBcMBKM1TW96xPw4W+ezthspcK
wYjEWwi68+L4DO2piccLV2XbH5OMZ7/ntq6wIPyvxzVoPAukVP4g4f/5NDSb4Cd0
YHVHJa5tKF35G4RJpAU9O2S1xybJPmXRDdTU9Ay9GujPCq4/X6HQEmgBqwHWje/n
RlNTOoGEFaB0ejRa0FEXqMfQJz/LhNWJ2QmglSqy3qP2AHTl+RTo7tsOMtVtoXCv
zyMYBhAm9cchQb92xTE4/RreBERuKaeHNYawIFhw8DVH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:35 2025 by rpki-client