Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/gN_oL_M--mlIiBqwMbaNs26hnZE.roa
File: gN_oL_M--mlIiBqwMbaNs26hnZE.roa (raw, json)
Hash identifier: BlMuWNuDf5GajAOGLQCPAiZkiEiO0C1Wkc2KRPsqtI4=
Subject key identifier: 80:DF:E8:2F:F3:3E:FA:69:48:88:1A:B0:31:B6:8D:B3:6E:A1:9D:91
Certificate issuer: /CN=2895647d9fd16a1694f8026ebe87760cb531eb0e
Certificate serial: 01856F4B8684E0FEBE0C5D0AF2F0B5A5E86C
Authority key identifier: 28:95:64:7D:9F:D1:6A:16:94:F8:02:6E:BE:87:76:0C:B5:31:EB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJVkfZ_RahaU-AJuvod2DLUx6w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/gN_oL_M--mlIiBqwMbaNs26hnZE.roa
Signing time: Sun 01 Jan 2023 21:44:58 +0000
ROA not before: Sun 01 Jan 2023 21:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206991
IP address blocks: 185.169.64.0/24 maxlen: 24
185.169.65.0/24 maxlen: 24
185.169.67.0/24 maxlen: 24
185.169.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:86:84:e0:fe:be:0c:5d:0a:f2:f0:b5:a5:e8:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2895647d9fd16a1694f8026ebe87760cb531eb0e
Validity
Not Before: Jan 1 21:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80dfe82ff33efa6948881ab031b68db36ea19d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bf:b2:ee:3f:04:8f:8e:15:56:8c:17:b5:7c:
a7:5c:4e:8e:ea:af:92:9c:dd:08:a8:b4:96:b4:0b:
f8:04:0b:82:51:38:41:10:59:ca:6e:94:0c:c2:fb:
21:7f:d2:70:eb:28:f0:24:81:38:1f:c4:df:e9:e3:
b1:68:cc:87:96:da:3d:9f:8f:23:a6:a9:1a:17:f0:
8a:57:52:fe:d3:64:3e:11:9d:d1:d8:de:92:d3:66:
f3:25:7f:9c:90:da:51:47:fd:ca:0f:b5:5f:58:25:
a5:ce:7f:64:de:3e:d3:8c:eb:b3:e5:a7:38:1b:09:
d2:e4:89:e8:b3:c8:52:4a:96:bc:7f:5b:2a:ec:74:
e7:21:7f:45:42:04:a7:b1:0c:43:f6:74:a4:63:7c:
d7:34:1b:30:f1:74:50:58:a2:f0:dc:55:7a:08:a8:
8d:e3:6b:8f:cd:16:8a:72:ad:33:dd:10:03:7f:c2:
ca:ea:a1:81:54:55:f9:35:5c:da:17:82:64:89:bf:
b5:93:ba:26:ab:2f:58:12:a4:dc:0e:bd:a3:a4:12:
59:85:62:bf:9b:28:0a:ce:d2:53:2a:e5:21:fc:56:
29:fd:d3:c8:27:4d:28:b9:ce:5c:bd:dd:73:6f:9f:
f6:51:ec:5f:a3:23:ba:b3:fa:78:1e:98:d7:92:df:
4a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DF:E8:2F:F3:3E:FA:69:48:88:1A:B0:31:B6:8D:B3:6E:A1:9D:91
X509v3 Authority Key Identifier:
keyid:28:95:64:7D:9F:D1:6A:16:94:F8:02:6E:BE:87:76:0C:B5:31:EB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJVkfZ_RahaU-AJuvod2DLUx6w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/gN_oL_M--mlIiBqwMbaNs26hnZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/KJVkfZ_RahaU-AJuvod2DLUx6w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.64.0/22
Signature Algorithm: sha256WithRSAEncryption
33:ea:1b:b7:ad:d3:ee:d5:3c:27:eb:83:34:d3:5c:e8:00:04:
06:b9:fc:69:e9:45:27:80:7b:18:f8:e4:32:8f:fc:34:92:8f:
8d:ad:3c:81:17:d0:ee:94:40:cb:ed:5f:54:e1:fa:22:70:e7:
31:07:cd:75:49:63:83:55:97:d1:08:ec:4f:06:26:e3:f4:02:
59:09:d1:cf:53:8c:75:87:5d:58:10:34:3a:12:3b:39:8b:17:
3e:28:4c:60:1c:b3:c7:cd:be:db:12:81:15:51:53:32:38:3c:
16:71:f4:1a:0f:a9:69:1a:29:90:2e:f6:1b:7d:39:8d:db:4f:
62:11:de:48:e6:ca:5c:4e:a8:cd:34:e8:e7:28:18:d6:ed:20:
87:64:e5:d8:00:89:73:a0:a8:e0:fe:9e:f0:fe:27:cf:89:cd:
ca:68:53:5f:4f:fa:c7:86:38:e8:52:e5:4a:83:79:db:b0:33:
0c:0c:88:d3:cf:02:1c:06:39:03:c0:0e:69:5b:73:8c:f6:a3:
6e:c5:93:3e:ab:ad:c7:4e:f8:72:23:68:a9:f2:f0:8a:09:82:
89:f1:60:72:e6:98:12:ff:fe:f9:7f:35:86:66:18:b3:39:f8:
bc:bb:95:c3:b4:13:9e:fc:c3:a9:a4:72:03:8f:6a:0b:6f:5f:
45:cb:06:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS4aE4P6+DF0K8vC1pehsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTU2NDdkOWZkMTZhMTY5NGY4MDI2ZWJlODc3NjBjYjUz
MWViMGUwHhcNMjMwMTAxMjE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGRmZTgyZmYzM2VmYTY5NDg4ODFhYjAzMWI2OGRiMzZlYTE5ZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb+y7j8Ej44VVowXtXynXE6O6q+S
nN0IqLSWtAv4BAuCUThBEFnKbpQMwvshf9Jw6yjwJIE4H8Tf6eOxaMyHlto9n48j
pqkaF/CKV1L+02Q+EZ3R2N6S02bzJX+ckNpRR/3KD7VfWCWlzn9k3j7TjOuz5ac4
GwnS5Inos8hSSpa8f1sq7HTnIX9FQgSnsQxD9nSkY3zXNBsw8XRQWKLw3FV6CKiN
42uPzRaKcq0z3RADf8LK6qGBVFX5NVzaF4Jkib+1k7omqy9YEqTcDr2jpBJZhWK/
mygKztJTKuUh/FYp/dPIJ00ouc5cvd1zb5/2UexfoyO6s/p4HpjXkt9K3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDf6C/zPvppSIgasDG2jbNuoZ2RMB8GA1UdIwQY
MBaAFCiVZH2f0WoWlPgCbr6Hdgy1MesOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pWa2ZaX1JhaGFVLUFKdXZvZDJETFV4Nnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80ODk1NzYtNGRmYi00YTAzLWIwYTMt
ZWNjZGMwY2U3ZDE0LzEvZ05fb0xfTS0tbWxJaUJxd01iYU5zMjZoblpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80ODk1NzYtNGRmYi00YTAzLWIwYTMtZWNjZGMwY2U3ZDE0
LzEvS0pWa2ZaX1JhaGFVLUFKdXZvZDJETFV4Nnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCualAMA0G
CSqGSIb3DQEBCwUAA4IBAQAz6hu3rdPu1Twn64M001zoAAQGufxp6UUngHsY+OQy
j/w0ko+NrTyBF9DulEDL7V9U4foicOcxB811SWODVZfRCOxPBibj9AJZCdHPU4x1
h11YEDQ6Ejs5ixc+KExgHLPHzb7bEoEVUVMyODwWcfQaD6lpGimQLvYbfTmN209i
Ed5I5spcTqjNNOjnKBjW7SCHZOXYAIlzoKjg/p7w/ifPic3KaFNfT/rHhjjoUuVK
g3nbsDMMDIjTzwIcBjkDwA5pW3OM9qNuxZM+q63HTvhyI2ip8vCKCYKJ8WBy5pgS
//75fzWGZhizOfi8u5XDtBOe/MOppHIDj2oLb19Fywb3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:44 2025 by rpki-client