Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/xUm00nBTWEI9tBuv_DYykonRLE0.roa
File: xUm00nBTWEI9tBuv_DYykonRLE0.roa (raw, json)
Hash identifier: o+TsipK9uAnMX46VZtp+P/468+BsMocoA8wrYL5y2aw=
Subject key identifier: C5:49:B4:D2:70:53:58:42:3D:B4:1B:AF:FC:36:32:92:89:D1:2C:4D
Certificate issuer: /CN=2ff8cf7561fcd6d766b7aad31dbf785f029149f0
Certificate serial: 01856B37D1299B6B5BC13D13AFD30A1C90B1
Authority key identifier: 2F:F8:CF:75:61:FC:D6:D7:66:B7:AA:D3:1D:BF:78:5F:02:91:49:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L_jPdWH81tdmt6rTHb94XwKRSfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/xUm00nBTWEI9tBuv_DYykonRLE0.roa
Signing time: Sun 01 Jan 2023 02:44:58 +0000
ROA not before: Sun 01 Jan 2023 02:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59455
IP address blocks: 194.147.255.0/24 maxlen: 24
194.149.89.0/24 maxlen: 24
185.80.12.0/22 maxlen: 22
194.147.241.0/24 maxlen: 24
194.147.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:37:d1:29:9b:6b:5b:c1:3d:13:af:d3:0a:1c:90:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ff8cf7561fcd6d766b7aad31dbf785f029149f0
Validity
Not Before: Jan 1 02:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c549b4d2705358423db41baffc36329289d12c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:50:9f:cc:ba:52:b6:be:a8:26:5b:b6:f8:a6:
4f:35:e0:e6:ca:22:85:fa:ba:02:6a:7d:88:c3:0b:
6f:ac:aa:3b:88:19:c8:40:e8:66:37:fc:27:28:41:
c2:45:02:db:34:8f:0c:71:83:46:71:23:41:75:e3:
ac:c2:09:f8:16:ec:aa:40:b2:c6:94:3b:d9:99:18:
72:c3:f6:f7:24:61:39:f8:f4:07:80:16:ca:4f:c3:
e2:8b:6f:ea:e2:5b:ab:d7:fb:9e:e2:a2:73:50:11:
6e:cb:86:24:89:83:f7:93:0a:37:4f:12:4d:94:b8:
64:b2:da:ae:ca:d8:67:d2:5c:ef:5f:c0:46:1c:42:
f1:83:f4:a2:d7:7c:b3:27:58:95:fc:ae:ee:2c:4c:
52:9b:96:30:d1:a0:78:ad:b8:92:ee:c5:52:e4:4f:
7d:8b:8f:8c:a9:e0:c1:d2:51:1d:92:77:21:35:40:
7f:bf:25:0f:22:48:e9:81:a1:58:e5:c0:c1:bb:f8:
0c:f4:76:9b:4c:fe:1e:51:99:0b:1e:a6:86:5a:1f:
78:61:69:50:64:b4:3b:5a:e2:ee:48:9a:15:cc:83:
d8:8e:e7:42:3c:e0:95:ac:18:08:3d:a7:f3:8a:7d:
75:8b:7a:24:f6:d4:41:f8:6e:72:30:60:b1:bf:b9:
87:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:49:B4:D2:70:53:58:42:3D:B4:1B:AF:FC:36:32:92:89:D1:2C:4D
X509v3 Authority Key Identifier:
keyid:2F:F8:CF:75:61:FC:D6:D7:66:B7:AA:D3:1D:BF:78:5F:02:91:49:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L_jPdWH81tdmt6rTHb94XwKRSfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/xUm00nBTWEI9tBuv_DYykonRLE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/L_jPdWH81tdmt6rTHb94XwKRSfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.12.0/22
194.147.241.0/24
194.147.244.0/24
194.147.255.0/24
194.149.89.0/24
Signature Algorithm: sha256WithRSAEncryption
53:db:bd:f0:23:2e:1f:d0:d0:2f:7c:5c:49:be:70:ab:ce:01:
62:86:68:09:f6:bc:81:f9:da:5c:78:fb:99:7f:ca:84:4b:85:
61:12:bc:a3:36:3d:cf:6b:64:b3:bb:77:0d:03:c4:25:c4:99:
d0:fd:8f:84:ce:aa:32:de:0e:d3:ad:21:d4:36:bf:27:fc:04:
69:b7:93:eb:53:97:60:9b:50:31:2a:ae:7a:12:d6:fb:33:b2:
2d:31:64:3f:a6:ce:d7:78:58:09:4c:9b:dc:ab:c8:16:ab:aa:
3a:6c:47:7b:03:79:e1:34:f7:d7:84:31:b0:45:97:5c:f3:78:
34:e8:c9:a3:4b:17:7f:fa:2d:72:e6:be:67:c6:15:2f:d2:cd:
a7:0b:15:5e:69:5b:59:95:38:1e:e5:62:68:1d:5e:73:65:00:
13:f0:a8:5a:3b:ca:76:ab:c7:c5:47:10:1c:2d:8c:23:1e:84:
95:89:2c:a6:61:d2:fc:8c:70:56:13:6b:50:19:c6:39:f6:f8:
8e:50:6a:01:60:57:2d:c4:35:88:c5:71:06:8d:1c:99:a1:71:
84:88:22:99:4f:54:ab:ed:0c:d3:bb:01:85:d3:99:00:de:20:
c1:c9:50:a4:45:0b:65:e0:bd:da:e2:e2:17:d3:12:cb:7e:8c:
43:f3:1d:cf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVrN9Epm2tbwT0Tr9MKHJCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZjhjZjc1NjFmY2Q2ZDc2NmI3YWFkMzFkYmY3ODVmMDI5
MTQ5ZjAwHhcNMjMwMTAxMDI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQ5YjRkMjcwNTM1ODQyM2RiNDFiYWZmYzM2MzI5Mjg5ZDEyYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFCfzLpStr6oJlu2+KZPNeDmyiKF
+roCan2IwwtvrKo7iBnIQOhmN/wnKEHCRQLbNI8McYNGcSNBdeOswgn4FuyqQLLG
lDvZmRhyw/b3JGE5+PQHgBbKT8Pii2/q4lur1/ue4qJzUBFuy4YkiYP3kwo3TxJN
lLhkstquythn0lzvX8BGHELxg/Si13yzJ1iV/K7uLExSm5Yw0aB4rbiS7sVS5E99
i4+MqeDB0lEdknchNUB/vyUPIkjpgaFY5cDBu/gM9HabTP4eUZkLHqaGWh94YWlQ
ZLQ7WuLuSJoVzIPYjudCPOCVrBgIPafzin11i3ok9tRB+G5yMGCxv7mHHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMVJtNJwU1hCPbQbr/w2MpKJ0SxNMB8GA1UdIwQY
MBaAFC/4z3Vh/NbXZreq0x2/eF8CkUnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTF9qUGRXSDgxdGRtdDZyVEhiOTRYd0tSU2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mNzdhY2EtYWQ5MS00MDNmLWI5OGQt
ZGU3M2E4MWUzNTdkLzEveFVtMDBuQlRXRUk5dEJ1dl9EWXlrb25STEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mNzdhY2EtYWQ5MS00MDNmLWI5OGQtZGU3M2E4MWUzNTdk
LzEvTF9qUGRXSDgxdGRtdDZyVEhiOTRYd0tSU2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuVAMAwQA
wpPxAwQAwpP0AwQAwpP/AwQAwpVZMA0GCSqGSIb3DQEBCwUAA4IBAQBT273wIy4f
0NAvfFxJvnCrzgFihmgJ9ryB+dpcePuZf8qES4VhEryjNj3Pa2Szu3cNA8QlxJnQ
/Y+Ezqoy3g7TrSHUNr8n/ARpt5PrU5dgm1AxKq56Etb7M7ItMWQ/ps7XeFgJTJvc
q8gWq6o6bEd7A3nhNPfXhDGwRZdc83g06MmjSxd/+i1y5r5nxhUv0s2nCxVeaVtZ
lTge5WJoHV5zZQAT8KhaO8p2q8fFRxAcLYwjHoSViSymYdL8jHBWE2tQGcY59viO
UGoBYFctxDWIxXEGjRyZoXGEiCKZT1Sr7QzTuwGF05kA3iDByVCkRQtl4L3a4uIX
0xLLfoxD8x3P
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:46 2025 by rpki-client