Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/aYZ97uaLCaeq7x8KDecIZOsJCFc.roa
File: aYZ97uaLCaeq7x8KDecIZOsJCFc.roa (raw, json)
Hash identifier: 8/PKHtwu7AEfv8nAeInnDGHJW9cSk861zXecKgxEZvE=
Subject key identifier: 69:86:7D:EE:E6:8B:09:A7:AA:EF:1F:0A:0D:E7:08:64:EB:09:08:57
Certificate issuer: /CN=b30e3011a0fb3111fbe8493c1230974aef532704
Certificate serial: 0188291492396FE5433FF1B45EF9A4F4C203
Authority key identifier: B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/aYZ97uaLCaeq7x8KDecIZOsJCFc.roa
Signing time: Wed 17 May 2023 09:39:54 +0000
ROA not before: Wed 17 May 2023 09:39:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208951
IP address blocks: 94.141.97.0/24 maxlen: 24
94.141.96.0/24 maxlen: 24
109.207.169.0/24 maxlen: 24
109.207.172.0/24 maxlen: 24
109.207.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:14:92:39:6f:e5:43:3f:f1:b4:5e:f9:a4:f4:c2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30e3011a0fb3111fbe8493c1230974aef532704
Validity
Not Before: May 17 09:39:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69867deee68b09a7aaef1f0a0de70864eb090857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:87:80:b3:a6:74:a2:c4:1c:25:c9:7c:f5:1a:
b0:88:5b:02:93:f7:b4:02:03:e2:c7:c1:77:a0:c4:
b3:6d:07:ba:3c:be:84:51:49:e2:c1:69:58:3c:cf:
91:26:1f:a7:72:9a:50:8e:7c:ab:4b:df:a8:1e:fa:
ad:f9:c1:e8:b5:1d:cc:fe:b7:af:ed:8e:30:52:c8:
a9:c8:e1:1b:23:65:cd:e0:3a:ba:f5:33:b3:f2:be:
53:87:26:1e:d4:c1:02:01:81:7a:cf:b8:3d:a6:0f:
c9:34:f3:fe:8f:50:81:77:2f:5c:85:6d:12:a9:f2:
55:8e:7d:3f:7e:ff:73:30:18:47:57:1e:d3:95:d4:
35:04:ee:a1:de:29:1a:30:77:04:2d:c5:e6:d5:88:
7f:11:9c:0e:d8:77:76:4e:38:cf:f4:d0:f2:93:17:
dd:72:6f:1d:81:ce:68:23:9f:57:2f:24:95:c2:b0:
e5:c9:05:c6:8f:f4:5e:57:40:86:80:a2:f7:23:9e:
80:b7:b5:c3:b7:d2:37:8b:66:c2:1a:75:77:29:ef:
e6:58:65:72:11:71:9f:5a:86:22:fa:b0:d9:99:fd:
ed:6f:d1:8b:a4:28:75:59:ab:06:52:5b:90:37:1c:
b5:3b:a4:3e:57:15:41:a8:90:52:1b:e0:44:b8:b4:
d2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:86:7D:EE:E6:8B:09:A7:AA:EF:1F:0A:0D:E7:08:64:EB:09:08:57
X509v3 Authority Key Identifier:
keyid:B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/aYZ97uaLCaeq7x8KDecIZOsJCFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.141.96.0/23
109.207.168.0/23
109.207.172.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:85:71:7f:72:86:f8:a9:74:9d:02:ff:c1:0f:8f:d3:35:30:
fc:5f:6f:f3:51:dc:b0:6e:8f:8c:4c:06:13:34:c8:1d:67:4f:
f4:60:ab:ab:bf:14:80:b2:8e:eb:dd:f9:c9:93:ce:63:82:90:
8c:c4:b1:87:ec:d9:b2:aa:bc:67:36:5e:5b:18:aa:73:09:c9:
58:2c:0c:a6:41:4e:95:8c:68:21:f1:09:97:e3:60:ab:93:91:
8e:8e:48:62:59:33:0b:2d:55:4f:15:8b:1e:30:01:a0:e5:0a:
19:22:75:aa:05:26:2d:cf:0d:0c:1c:00:f4:e9:30:72:bf:40:
12:05:d8:92:6b:80:99:9d:4e:b7:7c:42:51:00:b3:40:73:58:
30:85:e1:37:e9:39:12:cd:51:43:6e:b5:e4:db:a8:68:8a:f5:
88:49:04:9f:6a:66:6f:8e:6f:ca:bc:6c:8a:3a:40:29:6f:1c:
e0:7e:b5:01:03:07:b1:b9:05:98:ee:0b:83:25:76:45:fc:e6:
4e:37:61:65:ac:f6:12:ff:64:78:ef:a8:cf:ee:b4:49:03:d4:
78:08:6b:aa:a2:d8:bf:0b:9d:b5:94:eb:33:d9:be:f9:cb:0c:
3b:be:cb:61:20:d4:c3:da:ec:79:d6:4a:40:93:fb:60:8c:57:
0a:4c:33:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgpFJI5b+VDP/G0Xvmk9MIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGUzMDExYTBmYjMxMTFmYmU4NDkzYzEyMzA5NzRhZWY1
MzI3MDQwHhcNMjMwNTE3MDkzOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTg2N2RlZWU2OGIwOWE3YWFlZjFmMGEwZGU3MDg2NGViMDkwODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYeAs6Z0osQcJcl89RqwiFsCk/e0
AgPix8F3oMSzbQe6PL6EUUniwWlYPM+RJh+ncppQjnyrS9+oHvqt+cHotR3M/rev
7Y4wUsipyOEbI2XN4Dq69TOz8r5ThyYe1MECAYF6z7g9pg/JNPP+j1CBdy9chW0S
qfJVjn0/fv9zMBhHVx7TldQ1BO6h3ikaMHcELcXm1Yh/EZwO2Hd2TjjP9NDykxfd
cm8dgc5oI59XLySVwrDlyQXGj/ReV0CGgKL3I56At7XDt9I3i2bCGnV3Ke/mWGVy
EXGfWoYi+rDZmf3tb9GLpCh1WasGUluQNxy1O6Q+VxVBqJBSG+BEuLTSjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGmGfe7miwmnqu8fCg3nCGTrCQhXMB8GA1UdIwQY
MBaAFLMOMBGg+zER++hJPBIwl0rvUycEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDIt
ZjlmYjM4Yzc3YzU1LzEvYVlaOTd1YUxDYWVxN3g4S0RlY0laT3NKQ0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDItZjlmYjM4Yzc3YzU1
LzEvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXo1gAwQB
bc+oAwQAbc+sMA0GCSqGSIb3DQEBCwUAA4IBAQB8hXF/cob4qXSdAv/BD4/TNTD8
X2/zUdywbo+MTAYTNMgdZ0/0YKurvxSAso7r3fnJk85jgpCMxLGH7NmyqrxnNl5b
GKpzCclYLAymQU6VjGgh8QmX42Crk5GOjkhiWTMLLVVPFYseMAGg5QoZInWqBSYt
zw0MHAD06TByv0ASBdiSa4CZnU63fEJRALNAc1gwheE36TkSzVFDbrXk26hoivWI
SQSfamZvjm/KvGyKOkApbxzgfrUBAwexuQWY7guDJXZF/OZON2FlrPYS/2R476jP
7rRJA9R4CGuqoti/C521lOsz2b75yww7vsthINTD2ux51kpAk/tgjFcKTDP9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:38 2025 by rpki-client