Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e050b4-9ba0-4e85-9d76-4fa6242b8a3a/1/70ThMeZ6EU7pf1Q_zzAmrmWr1xo.roa
File: 70ThMeZ6EU7pf1Q_zzAmrmWr1xo.roa (raw, json)
Hash identifier: LmqQby0V3db3HgxKp46F18GQI8CZTSQCa0vfOgRXv78=
Subject key identifier: EF:44:E1:31:E6:7A:11:4E:E9:7F:54:3F:CF:30:26:AE:65:AB:D7:1A
Certificate issuer: /CN=5fa4d80464978f6ebfba95f745a3305726f72d93
Certificate serial: 01857115544E53DDC08004EDBE5A9621B987
Authority key identifier: 5F:A4:D8:04:64:97:8F:6E:BF:BA:95:F7:45:A3:30:57:26:F7:2D:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X6TYBGSXj26_upX3RaMwVyb3LZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e050b4-9ba0-4e85-9d76-4fa6242b8a3a/1/70ThMeZ6EU7pf1Q_zzAmrmWr1xo.roa
Signing time: Mon 02 Jan 2023 06:05:01 +0000
ROA not before: Mon 02 Jan 2023 06:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5542
IP address blocks: 185.123.211.0/24 maxlen: 24
185.123.208.0/24 maxlen: 24
185.123.210.0/24 maxlen: 24
185.123.209.0/24 maxlen: 24
185.123.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:54:4e:53:dd:c0:80:04:ed:be:5a:96:21:b9:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fa4d80464978f6ebfba95f745a3305726f72d93
Validity
Not Before: Jan 2 06:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef44e131e67a114ee97f543fcf3026ae65abd71a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:30:dd:a3:7c:b3:89:d1:70:c0:04:ed:68:7d:
ab:b1:19:09:5b:34:b3:78:14:ca:5a:52:96:86:14:
09:f3:8f:d7:50:e1:80:5c:64:88:4a:ae:81:d6:a4:
c3:09:a8:17:37:73:ad:b5:2b:2e:3d:f4:37:91:83:
5f:87:ae:47:1d:37:d9:f0:e8:34:b1:0a:59:01:d8:
a4:c1:34:42:65:47:b3:bf:63:0a:90:67:8e:73:db:
a3:62:2d:9c:0e:dd:9c:38:57:5c:af:44:9f:7b:f8:
ed:ba:3f:c7:7a:f9:79:71:c4:4b:39:fb:9f:a8:74:
ea:a7:27:65:d5:75:f4:81:63:b9:67:6c:f9:6b:fa:
7f:fd:98:e6:06:2c:13:46:5c:a8:f7:b1:79:80:3a:
31:af:75:2e:31:eb:4e:60:f8:76:68:76:bc:db:c4:
80:8b:d4:97:a3:61:fa:87:ad:a6:70:1b:c5:33:0d:
01:05:d2:15:79:30:5c:05:b7:14:8a:71:27:20:da:
a9:05:ad:d0:2e:07:04:f8:14:bb:b5:2c:f4:13:df:
97:0b:d1:c1:cf:c5:71:46:26:05:0e:8b:59:98:e8:
d5:7c:0c:c6:27:0f:fd:5e:5e:d2:05:4a:29:9f:d6:
6c:dc:9c:68:14:d3:a9:01:52:ce:e9:62:63:16:bf:
3f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:44:E1:31:E6:7A:11:4E:E9:7F:54:3F:CF:30:26:AE:65:AB:D7:1A
X509v3 Authority Key Identifier:
keyid:5F:A4:D8:04:64:97:8F:6E:BF:BA:95:F7:45:A3:30:57:26:F7:2D:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X6TYBGSXj26_upX3RaMwVyb3LZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e050b4-9ba0-4e85-9d76-4fa6242b8a3a/1/70ThMeZ6EU7pf1Q_zzAmrmWr1xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e050b4-9ba0-4e85-9d76-4fa6242b8a3a/1/X6TYBGSXj26_upX3RaMwVyb3LZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.208.0/22
Signature Algorithm: sha256WithRSAEncryption
40:f7:05:52:89:d9:52:27:cc:ce:21:0d:f6:9b:b5:31:b6:15:
77:48:c3:af:38:4b:33:88:3b:24:ab:4b:63:34:85:83:f6:56:
1d:f3:89:69:7f:8d:ce:5e:9d:38:9b:13:ae:80:95:01:cc:aa:
e1:72:c7:62:b0:68:f5:70:77:58:71:63:03:60:89:21:5a:44:
58:4f:14:7a:f5:9f:f7:b9:1e:a6:87:a4:ff:4f:84:ec:e3:51:
35:de:ef:55:c8:4b:70:a5:a2:ca:60:30:e1:f4:b4:20:2b:c8:
21:c6:05:a8:23:d2:00:65:65:da:40:28:10:73:b0:04:82:18:
40:0c:64:20:0a:a2:b9:8f:59:7e:6b:b1:9e:d3:43:e1:19:50:
a4:cc:ce:22:54:0d:d5:fc:13:7b:5c:64:86:fb:9c:39:cb:01:
b7:23:96:11:79:e1:c2:4d:d1:e2:ff:3b:19:18:14:d3:ed:a9:
fe:ea:d9:a5:e9:3f:83:94:27:a5:9b:58:30:36:ab:90:39:23:
1c:e9:ad:37:65:cf:ff:87:ba:f7:fd:f2:1f:c9:40:16:ec:db:
db:fc:1d:e5:a3:22:81:fb:fc:79:b3:26:86:4f:4b:10:09:d9:
8b:59:e6:8f:92:30:7c:68:9e:fc:33:22:ad:3a:b9:4b:48:36:
37:38:62:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVROU93AgATtvlqWIbmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYTRkODA0NjQ5NzhmNmViZmJhOTVmNzQ1YTMzMDU3MjZm
NzJkOTMwHhcNMjMwMTAyMDYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjQ0ZTEzMWU2N2ExMTRlZTk3ZjU0M2ZjZjMwMjZhZTY1YWJkNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizDdo3yzidFwwATtaH2rsRkJWzSz
eBTKWlKWhhQJ84/XUOGAXGSISq6B1qTDCagXN3OttSsuPfQ3kYNfh65HHTfZ8Og0
sQpZAdikwTRCZUezv2MKkGeOc9ujYi2cDt2cOFdcr0Sfe/jtuj/Hevl5ccRLOfuf
qHTqpydl1XX0gWO5Z2z5a/p//ZjmBiwTRlyo97F5gDoxr3UuMetOYPh2aHa828SA
i9SXo2H6h62mcBvFMw0BBdIVeTBcBbcUinEnINqpBa3QLgcE+BS7tSz0E9+XC9HB
z8VxRiYFDotZmOjVfAzGJw/9Xl7SBUopn9Zs3JxoFNOpAVLO6WJjFr8/WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9E4THmehFO6X9UP88wJq5lq9caMB8GA1UdIwQY
MBaAFF+k2ARkl49uv7qV90WjMFcm9y2TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDZUWUJHU1hqMjZfdXBYM1JhTXdWeWIzTFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMDUwYjQtOWJhMC00ZTg1LTlkNzYt
NGZhNjI0MmI4YTNhLzEvNzBUaE1lWjZFVTdwZjFRX3p6QW1ybVdyMXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMDUwYjQtOWJhMC00ZTg1LTlkNzYtNGZhNjI0MmI4YTNh
LzEvWDZUWUJHU1hqMjZfdXBYM1JhTXdWeWIzTFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXvQMA0G
CSqGSIb3DQEBCwUAA4IBAQBA9wVSidlSJ8zOIQ32m7UxthV3SMOvOEsziDskq0tj
NIWD9lYd84lpf43OXp04mxOugJUBzKrhcsdisGj1cHdYcWMDYIkhWkRYTxR69Z/3
uR6mh6T/T4Ts41E13u9VyEtwpaLKYDDh9LQgK8ghxgWoI9IAZWXaQCgQc7AEghhA
DGQgCqK5j1l+a7Ge00PhGVCkzM4iVA3V/BN7XGSG+5w5ywG3I5YReeHCTdHi/zsZ
GBTT7an+6tml6T+DlCelm1gwNquQOSMc6a03Zc//h7r3/fIfyUAW7Nvb/B3loyKB
+/x5syaGT0sQCdmLWeaPkjB8aJ78MyKtOrlLSDY3OGKW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:29 2025 by rpki-client