Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/S5zoYRWb3IF8ORS8A-ugbp1Q5sI.roa
File: S5zoYRWb3IF8ORS8A-ugbp1Q5sI.roa (raw, json)
Hash identifier: noDPY7/tnfl3a5o2WA3HnyiErYj5os66RxVTvhU4Oi4=
Subject key identifier: 4B:9C:E8:61:15:9B:DC:81:7C:39:14:BC:03:EB:A0:6E:9D:50:E6:C2
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0189652F142F33B7D7A444B7644022EDF652
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/S5zoYRWb3IF8ORS8A-ugbp1Q5sI.roa
Signing time: Mon 17 Jul 2023 18:48:51 +0000
ROA not before: Mon 17 Jul 2023 18:48:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
91.147.117.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.119.0/24 maxlen: 24
91.147.122.0/24 maxlen: 24
91.147.121.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:2f:14:2f:33:b7:d7:a4:44:b7:64:40:22:ed:f6:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jul 17 18:48:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b9ce861159bdc817c3914bc03eba06e9d50e6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1a:c7:05:b8:88:77:a4:42:65:07:c1:a7:59:
6a:8f:37:2e:ad:7d:54:69:cf:de:2d:e8:1a:48:d3:
28:25:14:27:cc:10:3b:c6:50:c3:86:cf:c0:94:43:
fe:62:ad:1f:c3:af:f3:0b:f4:70:19:65:2f:94:5e:
9e:a5:c1:5f:bb:cb:88:36:9b:8f:66:65:fa:11:75:
7f:e7:a9:39:0c:e8:6b:4f:fd:15:ef:2c:4e:47:07:
81:99:c2:b2:6b:3c:14:6e:43:84:f0:12:af:52:9f:
e3:80:f4:c2:1c:bd:80:1c:94:c1:ec:a1:83:c2:ad:
96:c4:a5:73:7e:9d:98:40:d6:19:f3:60:a3:b8:c9:
0e:15:a4:b2:1b:52:73:d6:ea:ac:e8:50:b0:a8:04:
d0:26:cf:e9:a6:c7:5c:44:44:0b:70:2d:28:e9:4b:
ff:cb:4d:4f:02:8a:68:f2:2c:9c:be:e3:ac:3e:cb:
dd:97:d8:0e:0d:93:60:7b:b4:e1:19:75:88:72:e5:
dd:c9:c0:ae:d4:ed:af:8d:86:50:09:ce:9d:77:c8:
dc:65:01:cc:ac:e5:b7:0c:3e:18:2d:52:ca:a8:c3:
35:8f:a8:63:95:18:40:58:47:f3:f0:e7:f0:a1:62:
b9:01:b3:8f:ca:49:7b:a2:5a:7f:52:1f:e0:9e:23:
ee:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9C:E8:61:15:9B:DC:81:7C:39:14:BC:03:EB:A0:6E:9D:50:E6:C2
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/S5zoYRWb3IF8ORS8A-ugbp1Q5sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.117.0/24
91.147.119.0/24
91.147.121.0-91.147.123.255
91.147.126.0/23
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a0:35:ae:bf:18:22:6a:21:b0:88:70:ae:de:35:41:8b:7e:
49:e1:d6:53:cd:cc:d3:ac:19:2a:51:b7:58:a3:c2:45:ac:6f:
d5:cf:90:69:9c:67:ed:ad:a9:bc:9d:c7:88:4f:13:db:67:30:
28:98:be:26:e7:54:ed:7d:80:ee:67:77:70:6a:73:75:cb:d6:
22:1b:b9:70:07:ad:7d:ee:41:5c:9b:d9:6b:ec:70:3b:42:e4:
42:4d:5b:41:cc:3a:10:ec:9e:c6:85:57:37:14:1b:c6:11:23:
ca:79:68:17:ca:67:c9:ca:c5:57:e6:56:75:ec:1c:da:5d:c4:
ad:48:1e:36:3e:7a:d0:fd:ec:c6:93:4e:20:bb:03:46:1b:e9:
de:16:17:87:19:4c:b1:fe:26:fd:48:23:09:10:13:a4:11:a9:
7a:04:26:7a:01:ae:12:b0:7e:71:51:51:09:29:0f:dc:23:75:
a4:d4:9d:aa:99:b8:6b:42:e4:e9:67:31:71:9e:a3:73:15:1c:
08:00:cd:d5:e3:ba:2b:b2:81:b1:74:ed:81:48:7a:fe:4b:1a:
fb:79:e3:d1:0a:6b:90:23:7c:d4:7d:72:e3:18:90:1f:b8:7e:
8e:77:eb:b9:3c:89:23:d6:ce:fb:e3:d6:96:24:89:5b:5d:92:
40:0f:44:53
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYllLxQvM7fXpES3ZEAi7fZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwNzE3MTg0ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjljZTg2MTE1OWJkYzgxN2MzOTE0YmMwM2ViYTA2ZTlkNTBlNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhrHBbiId6RCZQfBp1lqjzcurX1U
ac/eLegaSNMoJRQnzBA7xlDDhs/AlEP+Yq0fw6/zC/RwGWUvlF6epcFfu8uINpuP
ZmX6EXV/56k5DOhrT/0V7yxORweBmcKyazwUbkOE8BKvUp/jgPTCHL2AHJTB7KGD
wq2WxKVzfp2YQNYZ82CjuMkOFaSyG1Jz1uqs6FCwqATQJs/ppsdcREQLcC0o6Uv/
y01PAopo8iycvuOsPsvdl9gODZNge7ThGXWIcuXdycCu1O2vjYZQCc6dd8jcZQHM
rOW3DD4YLVLKqMM1j6hjlRhAWEfz8OfwoWK5AbOPykl7olp/Uh/gniPuuwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEuc6GEVm9yBfDkUvAProG6dUObCMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvUzV6b1lSV2IzSUY4T1JTOEEtdWdicDFRNXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAW5N1AwQA
W5N3MAwDBABbk3kDBAJbk3gDBAFbk34DBADUdPQDBADUdPYwDQYJKoZIhvcNAQEL
BQADggEBAEygNa6/GCJqIbCIcK7eNUGLfknh1lPNzNOsGSpRt1ijwkWsb9XPkGmc
Z+2tqbydx4hPE9tnMCiYvibnVO19gO5nd3Bqc3XL1iIbuXAHrX3uQVyb2WvscDtC
5EJNW0HMOhDsnsaFVzcUG8YRI8p5aBfKZ8nKxVfmVnXsHNpdxK1IHjY+etD97MaT
TiC7A0Yb6d4WF4cZTLH+Jv1IIwkQE6QRqXoEJnoBrhKwfnFRUQkpD9wjdaTUnaqZ
uGtC5OlnMXGeo3MVHAgAzdXjuiuygbF07YFIev5LGvt549EKa5AjfNR9cuMYkB+4
fo5367k8iSPWzvvj1pYkiVtdkkAPRFM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:49 2025 by rpki-client