Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/AcdFmT9Py2VmdEhptt776PDsE60.roa
File: AcdFmT9Py2VmdEhptt776PDsE60.roa (raw, json)
Hash identifier: YhDz4esT4SY+ra3xlK7HTIBpc+NYjvk6TIw2fhjJ6kc=
Subject key identifier: 01:C7:45:99:3F:4F:CB:65:66:74:48:69:B6:DE:FB:E8:F0:EC:13:AD
Certificate issuer: /CN=e60064dcf719ed8999da792f6fbfc3fe9bc70898
Certificate serial: 084F438D
Authority key identifier: E6:00:64:DC:F7:19:ED:89:99:DA:79:2F:6F:BF:C3:FE:9B:C7:08:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/AcdFmT9Py2VmdEhptt776PDsE60.roa
Signing time: Sat 01 Jan 2022 13:02:50 +0000
ROA not before: Sat 01 Jan 2022 13:02:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57736
IP address blocks: 185.59.104.0/23 maxlen: 24
185.59.106.0/23 maxlen: 24
2a04:e3c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139412365 (0x84f438d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e60064dcf719ed8999da792f6fbfc3fe9bc70898
Validity
Not Before: Jan 1 13:02:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01c745993f4fcb6566744869b6defbe8f0ec13ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7d:b0:3a:9a:4c:4c:50:b3:19:2c:de:ab:8f:
31:53:3d:84:d2:c3:78:e0:5b:ca:c2:cb:b7:ef:51:
b1:14:4c:15:29:f6:31:04:bc:9d:64:81:f5:9d:1b:
c7:f6:e9:c0:1f:f1:3b:f3:28:e1:07:33:8f:91:b9:
e7:db:a9:26:d8:2a:e1:d3:9d:bc:76:6f:e6:d0:37:
7e:96:5c:f7:db:af:9d:9b:83:67:78:a2:92:aa:ed:
36:2b:b7:78:42:9d:3c:4e:d8:21:f3:3b:2f:ef:bd:
6b:c7:b7:79:fd:f5:f3:48:b5:0d:cb:c9:34:6b:62:
f4:64:b7:5f:d3:e3:c8:da:a1:cd:e7:73:6b:bc:21:
4a:73:82:07:08:8e:39:0b:2e:ae:b0:df:e8:a7:93:
e3:90:f6:44:67:e8:5a:a0:71:46:90:9b:53:9a:4f:
64:d0:de:f7:35:23:69:f6:86:11:8e:76:5e:36:92:
f2:0d:7a:57:dd:f6:f3:06:a1:84:64:0b:0e:48:d9:
9d:8c:49:f8:7b:a0:c0:96:67:7c:d0:09:81:d9:74:
0c:6a:04:1d:e6:36:78:7c:ac:4f:8e:3e:ac:96:d8:
53:43:41:4e:18:0d:73:78:9e:99:54:c0:d2:90:29:
95:f7:ed:30:9b:72:79:dc:07:00:de:6c:30:27:60:
7b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C7:45:99:3F:4F:CB:65:66:74:48:69:B6:DE:FB:E8:F0:EC:13:AD
X509v3 Authority Key Identifier:
keyid:E6:00:64:DC:F7:19:ED:89:99:DA:79:2F:6F:BF:C3:FE:9B:C7:08:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/AcdFmT9Py2VmdEhptt776PDsE60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.104.0/22
IPv6:
2a04:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:31:f3:0e:66:40:fa:7e:b0:cc:b6:61:e0:d3:8b:aa:4b:76:
fd:31:a7:ef:8d:82:30:8a:8c:c5:bf:b3:f4:58:06:d8:68:e4:
ca:8b:de:74:88:3f:df:91:73:76:fd:43:d9:a4:7d:2f:dc:36:
b2:c7:65:e8:08:2c:1b:8e:ab:39:00:4b:6d:ad:c4:5b:68:00:
53:c7:18:83:e3:da:09:ee:ed:cd:af:14:6f:6a:6d:06:c6:f0:
cb:7d:12:8a:0d:f4:83:fb:be:a5:bf:4e:65:a3:63:6b:e1:bc:
78:7b:f0:ce:26:a8:25:dd:e9:0a:69:4f:2a:1d:0d:1e:1a:9d:
50:9d:66:82:c7:12:71:f7:ea:09:81:99:63:b6:f5:ef:02:ce:
5f:52:a2:a0:ea:01:9b:09:86:ce:a7:4b:7f:95:58:7c:a7:f7:
27:12:39:2f:68:0c:95:e5:19:19:be:7e:c3:0f:fd:3d:2d:3e:
8e:df:99:96:39:00:46:09:44:9d:c5:37:9e:cd:ed:c0:bc:4d:
83:9f:9f:f9:64:0f:fe:98:a0:76:36:17:0b:73:21:bf:20:ff:
2d:95:14:36:3b:a7:60:68:4f:eb:75:cf:27:7a:3a:ac:cc:94:
22:ea:27:35:0a:b4:97:6d:fb:a2:ff:8c:ef:86:88:28:c3:44:
b3:20:81:ff
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECE9DjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjAwNjRkY2Y3MTllZDg5OTlkYTc5MmY2ZmJmYzNmZTliYzcwODk4MB4XDTIyMDEw
MTEzMDI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDFjNzQ1OTkzZjRm
Y2I2NTY2NzQ0ODY5YjZkZWZiZThmMGVjMTNhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZ9sDqaTExQsxks3quPMVM9hNLDeOBbysLLt+9RsRRMFSn2
MQS8nWSB9Z0bx/bpwB/xO/Mo4Qczj5G559upJtgq4dOdvHZv5tA3fpZc99uvnZuD
Z3iikqrtNiu3eEKdPE7YIfM7L++9a8e3ef3180i1DcvJNGti9GS3X9PjyNqhzedz
a7whSnOCBwiOOQsurrDf6KeT45D2RGfoWqBxRpCbU5pPZNDe9zUjafaGEY52XjaS
8g16V9328wahhGQLDkjZnYxJ+HugwJZnfNAJgdl0DGoEHeY2eHysT44+rJbYU0NB
ThgNc3iemVTA0pAplfftMJtyedwHAN5sMCdge1ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQBx0WZP0/LZWZ0SGm23vvo8OwTrTAfBgNVHSMEGDAWgBTmAGTc9xntiZna
eS9vv8P+m8cImDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVnQmszUGNaN1ltWjJua3ZiN19EX3B2SENKZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNzM0ZTBjLTc4NmUtNDYzMS1hOTIzLWU4YjhmY2M0MWU4NS8x
L0FjZEZtVDlQeTJWbWRFaHB0dDc3NlBEc0U2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NzM0ZTBjLTc4NmUtNDYzMS1hOTIzLWU4YjhmY2M0MWU4NS8xLzVnQmszUGNaN1lt
WjJua3ZiN19EX3B2SENKZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk7aDANBAIAAjAHAwUDKgTjwDAN
BgkqhkiG9w0BAQsFAAOCAQEASjHzDmZA+n6wzLZh4NOLqkt2/TGn742CMIqMxb+z
9FgG2GjkyovedIg/35Fzdv1D2aR9L9w2ssdl6AgsG46rOQBLba3EW2gAU8cYg+Pa
Ce7tza8Ub2ptBsbwy30Sig30g/u+pb9OZaNja+G8eHvwziaoJd3pCmlPKh0NHhqd
UJ1mgscScffqCYGZY7b17wLOX1KioOoBmwmGzqdLf5VYfKf3JxI5L2gMleUZGb5+
ww/9PS0+jt+ZljkARglEncU3ns3twLxNg5+f+WQP/pigdjYXC3MhvyD/LZUUNjun
YGhP63XPJ3o6rMyUIuonNQq0l237ov+M74aIKMNEsyCB/w==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:34:05 2025 by rpki-client