Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/ODENF5tMV09PHpi0_Kae-RvVnuQ.roa
File: ODENF5tMV09PHpi0_Kae-RvVnuQ.roa (raw, json)
Hash identifier: ctYYQ2NDRtnXd+u3VkWOEF5faaEqEDaPm786CjCigzk=
Subject key identifier: 38:31:0D:17:9B:4C:57:4F:4F:1E:98:B4:FC:A6:9E:F9:1B:D5:9E:E4
Certificate issuer: /CN=56aa1eed990ed031ee17b0b13da8f83e0efba2b0
Certificate serial: 19933A71
Authority key identifier: 56:AA:1E:ED:99:0E:D0:31:EE:17:B0:B1:3D:A8:F8:3E:0E:FB:A2:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/ODENF5tMV09PHpi0_Kae-RvVnuQ.roa
Signing time: Sat 01 Jan 2022 08:04:40 +0000
ROA not before: Sat 01 Jan 2022 08:04:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201198
IP address blocks: 185.53.252.0/22 maxlen: 24
176.223.189.0/24 maxlen: 24
31.14.233.0/24 maxlen: 24
94.177.114.0/23 maxlen: 24
2a01:7c60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429079153 (0x19933a71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56aa1eed990ed031ee17b0b13da8f83e0efba2b0
Validity
Not Before: Jan 1 08:04:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38310d179b4c574f4f1e98b4fca69ef91bd59ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:27:84:dc:b8:04:46:96:cf:41:b5:5c:64:d1:
5e:6d:e5:2f:99:70:ae:76:f2:e2:da:63:6d:4f:4a:
e9:19:d8:b1:ae:63:ce:76:17:42:50:21:4d:d4:43:
b9:fb:6f:af:b1:92:ed:83:e5:c0:ef:c9:c9:9c:8e:
1b:e2:17:1c:af:d4:11:d2:bd:81:dc:40:ed:20:1a:
a5:98:b8:77:b4:26:14:9d:8e:1a:00:8f:0c:a1:a6:
a9:3f:f4:7c:03:7a:28:4d:ba:33:62:b3:25:9c:73:
93:b9:21:af:b0:f3:05:ec:94:54:64:a0:92:35:b4:
c5:b5:1e:7d:4f:ae:41:74:ca:18:76:93:5d:4c:ac:
34:de:a4:6c:18:c5:06:d7:ff:f3:3c:70:18:34:5d:
72:52:4d:ea:ea:21:4c:e4:50:79:c2:e3:a2:67:26:
5f:2b:c5:24:ef:79:82:b7:b2:a8:76:ed:01:d6:25:
5d:f8:24:3b:19:3c:e7:cc:60:34:60:1a:78:d3:0e:
59:4c:9b:f7:f2:24:c1:35:cf:21:00:90:eb:26:f4:
95:c5:2f:5f:b7:a1:7b:f5:b6:c8:d4:f9:d3:e7:c8:
37:4f:da:73:ca:bb:ce:a3:99:bc:97:ae:7e:75:d1:
05:49:08:88:b5:59:ce:e7:f0:b5:f4:a9:2d:01:c4:
20:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:31:0D:17:9B:4C:57:4F:4F:1E:98:B4:FC:A6:9E:F9:1B:D5:9E:E4
X509v3 Authority Key Identifier:
keyid:56:AA:1E:ED:99:0E:D0:31:EE:17:B0:B1:3D:A8:F8:3E:0E:FB:A2:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/ODENF5tMV09PHpi0_Kae-RvVnuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.233.0/24
94.177.114.0/23
176.223.189.0/24
185.53.252.0/22
IPv6:
2a01:7c60::/32
Signature Algorithm: sha256WithRSAEncryption
4d:49:1e:9d:f0:da:5e:12:1b:c7:a2:75:30:2c:f5:49:c8:8c:
40:a6:e9:1e:5b:8c:57:8d:7a:60:a7:8a:c3:be:40:0c:de:b2:
47:27:8e:25:9b:1b:2e:2d:dd:82:5d:02:68:ca:f0:b2:6a:d8:
96:42:ce:28:9f:23:65:04:d3:15:10:ff:d5:20:d5:b0:46:ab:
8e:8c:e4:87:33:74:c5:f2:36:6a:fe:c0:bf:fa:e6:b4:cb:95:
be:32:c8:77:68:36:b3:40:a0:67:ba:be:c5:44:0c:15:21:1d:
a0:87:41:4b:e2:d4:ce:19:27:b5:cb:20:4b:7f:e2:05:64:5d:
3e:0c:b8:41:10:25:b1:c5:89:cd:c8:4c:b2:b6:f0:4d:9d:83:
34:8a:70:ab:5b:f9:92:5e:3d:62:a8:f7:7e:a3:f8:8b:44:0d:
e9:26:70:84:24:83:9a:21:74:aa:a3:52:03:41:d0:bb:c1:09:
0f:15:85:88:c1:aa:c2:75:03:49:c5:21:03:d0:7c:92:4a:7d:
f0:7b:60:cd:ae:c6:d2:0e:1d:e8:5c:0d:2d:5b:5d:a3:9d:96:
e1:ca:2a:df:e4:3e:1e:71:6c:85:1a:6d:e6:0d:3a:5b:6a:fc:
c0:4c:d7:98:a3:05:cf:f8:df:1c:f0:cc:f6:15:36:4d:4b:98:
74:92:76:5d
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEGZM6cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmFhMWVlZDk5MGVkMDMxZWUxN2IwYjEzZGE4ZjgzZTBlZmJhMmIwMB4XDTIyMDEw
MTA4MDQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgzMTBkMTc5YjRj
NTc0ZjRmMWU5OGI0ZmNhNjllZjkxYmQ1OWVlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMonhNy4BEaWz0G1XGTRXm3lL5lwrnby4tpjbU9K6RnYsa5j
znYXQlAhTdRDuftvr7GS7YPlwO/JyZyOG+IXHK/UEdK9gdxA7SAapZi4d7QmFJ2O
GgCPDKGmqT/0fAN6KE26M2KzJZxzk7khr7DzBeyUVGSgkjW0xbUefU+uQXTKGHaT
XUysNN6kbBjFBtf/8zxwGDRdclJN6uohTORQecLjomcmXyvFJO95greyqHbtAdYl
XfgkOxk858xgNGAaeNMOWUyb9/IkwTXPIQCQ6yb0lcUvX7ehe/W2yNT50+fIN0/a
c8q7zqOZvJeufnXRBUkIiLVZzufwtfSpLQHEIJMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQ4MQ0Xm0xXT08emLT8pp75G9We5DAfBgNVHSMEGDAWgBRWqh7tmQ7QMe4X
sLE9qPg+DvuisDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Zxb2U3WmtPMERIdUY3Q3hQYWo0UGc3N29yQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvNWQyMGY0LTI5NzctNGUwNi05ZTcyLWFjNDU0OTk3NzkwMS8x
L09ERU5GNXRNVjA5UEhwaTBfS2FlLVJ2Vm51US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
NWQyMGY0LTI5NzctNGUwNi05ZTcyLWFjNDU0OTk3NzkwMS8xL1Zxb2U3WmtPMERI
dUY3Q3hQYWo0UGc3N29yQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAB8O6QMEAV6xcgMEALDfvQMEArk1
/DANBAIAAjAHAwUAKgF8YDANBgkqhkiG9w0BAQsFAAOCAQEATUkenfDaXhIbx6J1
MCz1SciMQKbpHluMV416YKeKw75ADN6yRyeOJZsbLi3dgl0CaMrwsmrYlkLOKJ8j
ZQTTFRD/1SDVsEarjozkhzN0xfI2av7Av/rmtMuVvjLId2g2s0CgZ7q+xUQMFSEd
oIdBS+LUzhkntcsgS3/iBWRdPgy4QRAlscWJzchMsrbwTZ2DNIpwq1v5kl49Yqj3
fqP4i0QN6SZwhCSDmiF0qqNSA0HQu8EJDxWFiMGqwnUDScUhA9B8kkp98Htgza7G
0g4d6FwNLVtdo52W4coq3+Q+HnFshRpt5g06W2r8wEzXmKMFz/jfHPDM9hU2TUuY
dJJ2XQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:42 2025 by rpki-client