Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/EXuOKUxuiPZeDpqjxLG0Y-gu5r0.roa
File: EXuOKUxuiPZeDpqjxLG0Y-gu5r0.roa (raw, json)
Hash identifier: utJ1s1njJuMHPduqChbRs+JmKYdZSY9ufiIcbmjVlec=
Subject key identifier: 11:7B:8E:29:4C:6E:88:F6:5E:0E:9A:A3:C4:B1:B4:63:E8:2E:E6:BD
Certificate issuer: /CN=437e030d44661a4c201eba03de452b04b8e7d9e5
Certificate serial: 0182F11C08CBD05EE683A2194FF3951E845A
Authority key identifier: 43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/EXuOKUxuiPZeDpqjxLG0Y-gu5r0.roa
Signing time: Tue 30 Aug 2022 23:35:22 +0000
ROA not before: Tue 30 Aug 2022 23:35:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202813
IP address blocks: 185.178.17.0/24 maxlen: 24
185.178.16.0/24 maxlen: 24
185.178.19.0/24 maxlen: 24
185.178.18.0/24 maxlen: 24
185.153.227.0/24 maxlen: 24
185.14.61.0/24 maxlen: 24
185.14.60.0/24 maxlen: 24
185.14.63.0/24 maxlen: 24
185.14.62.0/24 maxlen: 24
185.153.226.0/24 maxlen: 24
185.153.225.0/24 maxlen: 24
185.153.224.0/24 maxlen: 24
2a09:74c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f1:1c:08:cb:d0:5e:e6:83:a2:19:4f:f3:95:1e:84:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=437e030d44661a4c201eba03de452b04b8e7d9e5
Validity
Not Before: Aug 30 23:35:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=117b8e294c6e88f65e0e9aa3c4b1b463e82ee6bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:00:25:de:73:06:1b:32:d0:64:3d:1b:97:33:
ba:53:77:96:61:40:62:3b:85:e8:86:24:af:2c:72:
5f:6e:8b:b1:5d:d7:58:a1:7a:83:f3:b4:3e:f5:ae:
69:86:96:db:6c:20:20:3c:ce:36:19:33:1e:df:f1:
20:0c:00:a0:b1:5c:bf:5c:4c:d7:a1:64:47:bd:00:
bf:48:2c:25:42:db:9c:25:32:7f:3b:42:72:87:cc:
57:f6:4a:28:21:a4:a5:9c:13:71:f6:c9:58:8e:f7:
f1:9d:a1:04:51:e5:8f:c3:cc:28:f1:45:7b:3c:c4:
be:ff:48:8b:19:26:e2:65:aa:a4:70:41:0d:24:c4:
b7:12:c4:ed:32:13:e3:c7:0b:1c:b2:a9:2a:d4:cf:
5d:e3:98:12:94:3d:20:f7:51:8d:98:dc:85:d1:6d:
ff:ba:bc:75:d5:f9:73:67:9c:af:ab:4a:1e:b7:08:
2d:06:53:4d:d9:98:bf:04:31:79:10:f4:f5:e2:37:
74:af:f8:bb:e4:00:b4:9e:3d:d8:db:35:ae:f6:21:
75:e2:ea:4a:46:3a:f7:4a:9c:98:8d:d7:93:74:c5:
a9:54:bd:bb:b6:f6:a3:ec:f2:b9:bc:87:fd:8f:90:
11:a8:e9:e2:f7:f4:ee:f7:6f:40:78:0d:66:b3:47:
48:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7B:8E:29:4C:6E:88:F6:5E:0E:9A:A3:C4:B1:B4:63:E8:2E:E6:BD
X509v3 Authority Key Identifier:
keyid:43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/EXuOKUxuiPZeDpqjxLG0Y-gu5r0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.60.0/22
185.153.224.0/22
185.178.16.0/22
IPv6:
2a09:74c0::/29
Signature Algorithm: sha256WithRSAEncryption
12:cb:64:f7:0a:c7:c4:78:65:15:fc:69:14:f2:49:71:d7:7a:
83:54:d6:ee:83:ae:36:e9:1f:b1:03:fb:4c:48:73:f1:a0:77:
47:ac:5d:d7:f4:54:c8:db:ba:c9:bb:ad:ca:c4:57:cc:8c:45:
67:da:61:89:4b:7d:23:96:9f:db:47:3f:c0:f7:0f:0d:06:ea:
80:3a:04:ea:b2:8e:eb:9c:88:9a:46:e6:78:22:ac:98:88:38:
a5:bb:71:14:8d:da:59:df:89:ab:13:df:a8:53:2d:ba:34:55:
68:22:7f:06:ec:6c:45:3c:4a:5d:46:b8:d2:01:0e:a0:43:3a:
55:32:b2:fe:7e:f2:7e:f6:73:dc:d2:ad:cc:7e:7a:26:a2:35:
75:ef:e3:dd:c7:a5:bf:d7:34:cb:97:06:2f:db:ad:6b:3d:57:
b1:1c:64:d7:15:f4:c2:ff:8f:f3:06:e8:91:7c:b7:94:d1:ad:
b6:d9:98:c4:83:a0:1c:35:6b:f4:07:1a:c9:8f:1e:cf:f1:d3:
c4:fa:d4:2d:7b:9f:eb:64:6b:7b:7b:78:2f:7f:cc:fb:30:55:
1c:74:f7:20:98:70:ef:36:be:32:a7:11:ba:40:2a:37:84:32:
61:59:07:a8:89:27:a4:34:11:9f:a9:ad:f5:50:fc:24:33:0b:
8d:f7:dd:b5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYLxHAjL0F7mg6IZT/OVHoRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzN2UwMzBkNDQ2NjFhNGMyMDFlYmEwM2RlNDUyYjA0Yjhl
N2Q5ZTUwHhcNMjIwODMwMjMzNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTdiOGUyOTRjNmU4OGY2NWUwZTlhYTNjNGIxYjQ2M2U4MmVlNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgAl3nMGGzLQZD0blzO6U3eWYUBi
O4XohiSvLHJfbouxXddYoXqD87Q+9a5phpbbbCAgPM42GTMe3/EgDACgsVy/XEzX
oWRHvQC/SCwlQtucJTJ/O0Jyh8xX9kooIaSlnBNx9slYjvfxnaEEUeWPw8wo8UV7
PMS+/0iLGSbiZaqkcEENJMS3EsTtMhPjxwscsqkq1M9d45gSlD0g91GNmNyF0W3/
urx11flzZ5yvq0oetwgtBlNN2Zi/BDF5EPT14jd0r/i75AC0nj3Y2zWu9iF14upK
Rjr3SpyYjdeTdMWpVL27tvaj7PK5vIf9j5ARqOni9/Tu929AeA1ms0dIIQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBF7jilMboj2Xg6ao8SxtGPoLua9MB8GA1UdIwQY
MBaAFEN+Aw1EZhpMIB66A95FKwS459nlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS80YmUyNTktYmU5Ni00MGZhLTg4MGUt
YmJkMjEwNmYzMzcwLzEvRVh1T0tVeHVpUFplRHBxanhMRzBZLWd1NXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS80YmUyNTktYmU5Ni00MGZhLTg4MGUtYmJkMjEwNmYzMzcw
LzEvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQ48AwQC
uZngAwQCubIQMA0EAgACMAcDBQMqCXTAMA0GCSqGSIb3DQEBCwUAA4IBAQASy2T3
CsfEeGUV/GkU8klx13qDVNbug6426R+xA/tMSHPxoHdHrF3X9FTI27rJu63KxFfM
jEVn2mGJS30jlp/bRz/A9w8NBuqAOgTqso7rnIiaRuZ4IqyYiDilu3EUjdpZ34mr
E9+oUy26NFVoIn8G7GxFPEpdRrjSAQ6gQzpVMrL+fvJ+9nPc0q3MfnomojV17+Pd
x6W/1zTLlwYv261rPVexHGTXFfTC/4/zBuiRfLeU0a222ZjEg6AcNWv0BxrJjx7P
8dPE+tQte5/rZGt7e3gvf8z7MFUcdPcgmHDvNr4ypxG6QCo3hDJhWQeoiSekNBGf
qa31UPwkMwuN9921
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:53 2024 by rpki-client on console-ams.rpki-client.org