Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/TK5mlqRQ0rbez_vgPCO1dNFMpJQ.roa
File: TK5mlqRQ0rbez_vgPCO1dNFMpJQ.roa (raw, json)
Hash identifier: qXDkDqPuJp3lT6V/EERZUjAzRdLzUfXGCN5ElcoMU0I=
Subject key identifier: 4C:AE:66:96:A4:50:D2:B6:DE:CF:FB:E0:3C:23:B5:74:D1:4C:A4:94
Certificate issuer: /CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Certificate serial: 01843EB6D0D23849D8E03F3F7DA3C9F9F2E1
Authority key identifier: 83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/TK5mlqRQ0rbez_vgPCO1dNFMpJQ.roa
Signing time: Thu 03 Nov 2022 18:17:59 +0000
ROA not before: Thu 03 Nov 2022 18:17:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25591
IP address blocks: 80.242.96.0/22 maxlen: 22
217.175.4.0/22 maxlen: 22
80.242.104.0/22 maxlen: 22
80.242.100.0/22 maxlen: 22
80.242.108.0/22 maxlen: 22
93.190.176.0/22 maxlen: 22
93.190.180.0/22 maxlen: 22
37.75.216.0/22 maxlen: 22
37.75.220.0/22 maxlen: 22
31.3.24.0/22 maxlen: 22
31.3.28.0/22 maxlen: 22
185.14.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:b6:d0:d2:38:49:d8:e0:3f:3f:7d:a3:c9:f9:f2:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Validity
Not Before: Nov 3 18:17:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cae6696a450d2b6decffbe03c23b574d14ca494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cc:e0:4f:71:94:32:9e:c6:0f:82:a3:fa:2f:
ec:42:e9:f4:47:85:f2:f8:96:8e:aa:fb:93:67:f6:
73:62:4a:8b:f8:81:74:62:23:8d:ba:d7:86:d0:97:
58:99:00:4b:d6:c5:ea:14:08:f4:e7:0d:3c:a7:f8:
98:95:bc:7b:e5:5d:c7:02:6e:51:50:52:92:a8:25:
68:23:57:ff:a7:89:df:09:47:3d:19:02:8c:c6:a2:
1a:3d:33:12:83:b4:e0:df:29:f9:c2:76:54:0a:49:
b5:2a:04:ed:eb:d0:50:ce:db:ad:4c:a2:a8:7b:5a:
0d:b7:8f:6f:98:c9:c0:23:52:75:f4:01:2c:46:a9:
07:57:99:10:c3:3b:b5:2f:46:81:5b:ce:79:7b:39:
68:a7:fc:3e:44:d5:f4:cb:36:de:b9:cb:ce:2f:fb:
91:95:b8:84:0e:b0:9a:bc:00:1a:87:b1:c9:30:47:
d8:18:fb:3b:d8:a5:a6:e3:0d:3b:72:42:c1:76:ad:
d3:fc:41:59:f1:17:88:11:c6:03:32:49:ed:d3:79:
e8:66:03:f0:b1:17:3c:80:e6:45:18:aa:26:68:ed:
88:dc:c4:a7:2f:7f:85:37:ad:ef:c6:74:6b:85:94:
07:7c:b9:4b:36:96:bb:67:31:73:bd:fe:99:88:49:
65:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AE:66:96:A4:50:D2:B6:DE:CF:FB:E0:3C:23:B5:74:D1:4C:A4:94
X509v3 Authority Key Identifier:
keyid:83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/TK5mlqRQ0rbez_vgPCO1dNFMpJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.24.0/21
37.75.216.0/21
80.242.96.0/20
93.190.176.0/21
185.14.16.0/22
217.175.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:e4:02:70:a7:cc:4b:fd:06:53:aa:5d:bf:24:81:07:04:f3:
16:39:ff:15:5c:ac:f7:21:6c:50:ee:b1:e0:2d:9e:46:eb:b7:
4d:8c:e5:05:8a:aa:a2:ea:1a:b7:50:10:03:1d:7d:ff:42:ba:
92:d3:66:46:19:b9:d7:cf:43:4a:9a:2e:31:6f:68:88:fa:c9:
b1:9c:fb:81:86:21:08:f8:de:2c:aa:d1:3c:03:23:e7:57:d1:
5a:25:94:0f:ff:31:1c:73:70:ff:68:20:08:9c:a4:e2:e2:dc:
89:22:70:25:f2:fc:b1:a2:fc:a7:3c:be:0a:0f:a6:7d:7d:19:
88:6d:a2:1f:0a:66:b0:cb:f1:81:2c:04:0a:4b:75:aa:76:98:
15:38:9b:18:42:de:11:c3:48:2f:5d:dd:96:6d:b2:06:ac:1f:
ea:cf:2b:d4:0a:49:60:b5:20:2a:77:f2:41:f9:da:3b:16:6d:
28:5c:61:a8:27:da:99:4e:e7:6f:69:af:e9:58:47:b3:93:e4:
05:8f:48:5c:e5:4c:0c:89:24:04:c1:6e:d2:bb:50:19:54:2b:
61:18:6d:2f:f3:f3:a6:7f:d8:e5:b1:5e:08:b3:e9:63:17:db:
85:54:9a:b8:3a:0d:fb:0b:52:16:2f:e3:b3:7b:54:b8:25:3f:
df:b8:36:3d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQ+ttDSOEnY4D8/faPJ+fLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmYzNmViMThlZjlhNTdjNWZiNjAzYWRhNDAwZmU2YjY2
ODhlNmUwHhcNMjIxMTAzMTgxNzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FlNjY5NmE0NTBkMmI2ZGVjZmZiZTAzYzIzYjU3NGQxNGNhNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiszgT3GUMp7GD4Kj+i/sQun0R4Xy
+JaOqvuTZ/ZzYkqL+IF0YiONuteG0JdYmQBL1sXqFAj05w08p/iYlbx75V3HAm5R
UFKSqCVoI1f/p4nfCUc9GQKMxqIaPTMSg7Tg3yn5wnZUCkm1KgTt69BQztutTKKo
e1oNt49vmMnAI1J19AEsRqkHV5kQwzu1L0aBW855ezlop/w+RNX0yzbeucvOL/uR
lbiEDrCavAAah7HJMEfYGPs72KWm4w07ckLBdq3T/EFZ8ReIEcYDMknt03noZgPw
sRc8gOZFGKomaO2I3MSnL3+FN63vxnRrhZQHfLlLNpa7ZzFzvf6ZiEllOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEyuZpakUNK23s/74DwjtXTRTKSUMB8GA1UdIwQY
MBaAFIO/NusY75pXxftgOtpAD+a2aI5uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzc4MjZ4anZtbGZGLTJBNjJrQVA1clpvam00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mNzdkNTEtZWUxYy00N2E5LTkwYmMt
ZTBkMmExYjZlOGFjLzEvVEs1bWxxUlEwcmJlel92Z1BDTzFkTkZNcEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mNzdkNTEtZWUxYy00N2E5LTkwYmMtZTBkMmExYjZlOGFj
LzEvZzc4MjZ4anZtbGZGLTJBNjJrQVA1clpvam00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDHwMYAwQD
JUvYAwQEUPJgAwQDXb6wAwQCuQ4QAwQC2a8EMA0GCSqGSIb3DQEBCwUAA4IBAQA/
5AJwp8xL/QZTql2/JIEHBPMWOf8VXKz3IWxQ7rHgLZ5G67dNjOUFiqqi6hq3UBAD
HX3/QrqS02ZGGbnXz0NKmi4xb2iI+smxnPuBhiEI+N4sqtE8AyPnV9FaJZQP/zEc
c3D/aCAInKTi4tyJInAl8vyxovynPL4KD6Z9fRmIbaIfCmawy/GBLAQKS3WqdpgV
OJsYQt4Rw0gvXd2WbbIGrB/qzyvUCklgtSAqd/JB+do7Fm0oXGGoJ9qZTudvaa/p
WEezk+QFj0hc5UwMiSQEwW7Su1AZVCthGG0v8/Omf9jlsV4Is+ljF9uFVJq4Og37
C1IWL+Oze1S4JT/fuDY9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:49 2025 by rpki-client