Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/iQqfVLELv_P7ENYmsUZ4xSRWQJ4.roa
File: iQqfVLELv_P7ENYmsUZ4xSRWQJ4.roa (raw, json)
Hash identifier: h9h137FCBOPkAiW8uVFyG2OBK0abrtpRI0cMNF10sD0=
Subject key identifier: 89:0A:9F:54:B1:0B:BF:F3:FB:10:D6:26:B1:46:78:C5:24:56:40:9E
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0DB1DBEF
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/iQqfVLELv_P7ENYmsUZ4xSRWQJ4.roa
Signing time: Wed 09 Mar 2022 15:16:25 +0000
ROA not before: Wed 09 Mar 2022 15:16:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57809
IP address blocks: 109.74.84.0/23 maxlen: 23
109.74.91.0/24 maxlen: 24
85.14.166.0/23 maxlen: 23
85.14.178.0/23 maxlen: 23
85.14.174.0/24 maxlen: 24
217.171.23.0/24 maxlen: 24
217.171.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 229759983 (0xdb1dbef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Mar 9 15:16:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=890a9f54b10bbff3fb10d626b14678c52456409e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:6b:0b:b8:80:04:36:a1:c7:0c:81:77:bf:
2e:ce:76:87:66:f7:7f:49:70:f3:e4:e8:3c:14:27:
05:30:71:d9:b5:a6:5b:80:3c:10:62:a9:99:30:25:
43:b6:8b:73:86:58:d7:37:56:32:b0:8e:ed:f3:29:
0b:10:31:1c:21:fc:4f:5e:38:a4:08:00:e4:ef:31:
77:4c:73:db:b8:5f:b8:62:c1:37:22:b4:42:cc:c7:
25:d4:bd:99:91:f4:08:35:61:24:e6:26:62:3b:bb:
e2:4f:d8:6a:60:34:ba:b2:fd:b9:cd:4a:82:b0:80:
c5:b6:ba:2d:0e:06:cb:01:c6:d0:d0:1f:57:19:81:
30:c5:7d:07:9e:a6:0d:05:a2:06:a0:68:00:a8:e3:
08:d9:f1:f0:fd:78:80:04:f0:f2:fd:cd:c4:8e:1a:
01:10:ce:3e:ce:8f:3c:ff:11:15:2e:7b:f1:3c:22:
8a:d1:eb:b7:74:b5:2b:8e:ba:85:a5:1b:45:8f:8d:
0f:c9:44:f7:80:c9:b1:58:d0:be:c2:a5:9c:4a:c6:
d8:cb:e2:d2:70:98:1a:15:8b:65:97:19:85:28:af:
8b:ba:7f:82:88:83:3e:3f:34:d0:8e:ec:e1:7d:4a:
36:4d:a9:29:21:ad:e6:b0:fd:f3:e6:5e:9b:9c:8e:
b0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0A:9F:54:B1:0B:BF:F3:FB:10:D6:26:B1:46:78:C5:24:56:40:9E
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/iQqfVLELv_P7ENYmsUZ4xSRWQJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.166.0/23
85.14.174.0/24
85.14.178.0/23
109.74.84.0/23
109.74.91.0/24
217.171.23.0/24
217.171.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:75:93:d9:37:63:01:f5:46:66:89:e5:2a:c7:6a:27:e4:43:
6e:81:ca:ce:1e:9b:19:6b:c0:19:28:96:3b:79:42:7d:3f:f7:
25:15:16:0d:a0:f7:81:26:28:d5:50:57:f2:44:e4:08:2e:78:
a6:4e:37:9e:81:4d:d3:18:36:02:d2:33:9e:4e:94:09:8d:90:
05:3d:0a:65:eb:47:74:7f:e8:21:98:d9:e1:da:ae:c0:a8:60:
fd:b1:5b:a3:46:35:93:c0:ee:a7:19:d2:28:e8:f6:c8:af:10:
1b:26:1b:25:7b:96:93:d8:7c:99:fb:b6:d1:0f:f0:ed:e3:20:
c9:f1:d0:0c:47:f7:8c:b1:ae:fb:dc:9f:d4:73:b9:8f:df:0d:
d8:42:a7:ec:94:30:7b:2e:1c:64:a2:59:77:e5:65:e7:68:fc:
1b:49:c5:09:48:60:b1:da:4f:a5:cf:57:57:b1:d6:1f:e9:ca:
6e:93:cb:a4:3b:b4:77:e5:81:42:cf:89:ed:68:ec:c2:ab:0f:
38:7f:45:0f:8d:f7:34:80:45:83:d5:2a:98:bd:50:e1:83:0f:
cf:b6:10:fb:ee:93:a9:9f:40:da:ae:2f:10:d9:65:6c:9c:f9:
23:2e:96:02:8e:14:96:bc:7b:8d:d4:25:64:ab:53:75:fb:79:
54:06:76:3e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDbHb7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDdkODg3YzAyZTA3YzllNDc0ZDFmOGUyMTA0OWNhYTZjZTNmYmQzMB4XDTIyMDMw
OTE1MTYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkwYTlmNTRiMTBi
YmZmM2ZiMTBkNjI2YjE0Njc4YzUyNDU2NDA5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0mawu4gAQ2occMgXe/Ls52h2b3f0lw8+ToPBQnBTBx2bWm
W4A8EGKpmTAlQ7aLc4ZY1zdWMrCO7fMpCxAxHCH8T144pAgA5O8xd0xz27hfuGLB
NyK0QszHJdS9mZH0CDVhJOYmYju74k/YamA0urL9uc1KgrCAxba6LQ4GywHG0NAf
VxmBMMV9B56mDQWiBqBoAKjjCNnx8P14gATw8v3NxI4aARDOPs6PPP8RFS578Twi
itHrt3S1K466haUbRY+ND8lE94DJsVjQvsKlnErG2Mvi0nCYGhWLZZcZhSivi7p/
goiDPj800I7s4X1KNk2pKSGt5rD98+Zem5yOsA8CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSJCp9UsQu/8/sQ1iaxRnjFJFZAnjAfBgNVHSMEGDAWgBQwfYh8AuB8nkdN
H44hBJyqbOP70zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01IMklmQUxnZko1SFRSLU9JUVNjcW16ai05TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvYjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJmYS8x
L2lRcWZWTEVMdl9QN0VOWW1zVVo0eFNSV1FKNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
YjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJmYS8xL01IMklmQUxnZko1
SFRSLU9JUVNjcW16ai05TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAVUOpgMEAFUOrgMEAVUOsgMEAW1K
VAMEAG1KWwMEANmrFwMEANmrHDANBgkqhkiG9w0BAQsFAAOCAQEAuXWT2TdjAfVG
ZonlKsdqJ+RDboHKzh6bGWvAGSiWO3lCfT/3JRUWDaD3gSYo1VBX8kTkCC54pk43
noFN0xg2AtIznk6UCY2QBT0KZetHdH/oIZjZ4dquwKhg/bFbo0Y1k8DupxnSKOj2
yK8QGyYbJXuWk9h8mfu20Q/w7eMgyfHQDEf3jLGu+9yf1HO5j98N2EKn7JQwey4c
ZKJZd+Vl52j8G0nFCUhgsdpPpc9XV7HWH+nKbpPLpDu0d+WBQs+J7WjswqsPOH9F
D433NIBFg9UqmL1Q4YMPz7YQ++6TqZ9A2q4vENllbJz5Iy6WAo4Ulrx7jdQlZKtT
dft5VAZ2Pg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:13 2025 by rpki-client