Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/Hh0P8fdEGX8qveonlPzgJTBc2zE.roa
File: Hh0P8fdEGX8qveonlPzgJTBc2zE.roa (raw, json)
Hash identifier: Msvx2RqcPByGkqGnJ5SdW9p782ReGPeoAE2cpc/o+w8=
Subject key identifier: 1E:1D:0F:F1:F7:44:19:7F:2A:BD:EA:27:94:FC:E0:25:30:5C:DB:31
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 0107E661
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/Hh0P8fdEGX8qveonlPzgJTBc2zE.roa
Signing time: Wed 06 Apr 2022 09:24:03 +0000
ROA not before: Wed 06 Apr 2022 09:24:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 185.15.102.0/23 maxlen: 23
185.15.101.0/24 maxlen: 24
5.152.168.0/21 maxlen: 21
5.8.184.0/24 maxlen: 24
5.8.185.0/24 maxlen: 24
5.8.186.0/24 maxlen: 24
5.8.191.0/24 maxlen: 24
5.8.190.0/24 maxlen: 24
5.8.187.0/24 maxlen: 24
5.8.189.0/24 maxlen: 24
5.8.188.0/24 maxlen: 24
37.1.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17294945 (0x107e661)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Apr 6 09:24:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e1d0ff1f744197f2abdea2794fce025305cdb31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c3:03:3c:2d:7c:5c:9e:8a:72:06:a1:d0:65:
04:a1:a0:e0:49:e0:19:09:e3:da:3a:66:36:d9:64:
14:4b:6e:89:f5:51:5b:f2:0b:1f:33:5b:c4:14:9f:
52:68:48:2e:49:17:b1:56:13:01:03:5d:b3:25:09:
cc:7f:85:a1:36:b2:c8:9a:1d:da:0c:75:7f:63:85:
2c:16:0b:0c:04:32:62:42:87:de:5d:b6:88:57:a3:
cb:f6:cf:66:68:50:e0:85:67:ad:be:21:d0:09:2d:
66:d3:a0:5a:c1:8d:94:cf:d2:bc:fd:45:fb:ad:2d:
fd:9b:79:4b:77:6f:ad:a2:af:ad:a0:a0:84:cf:e8:
bf:0e:83:1f:79:82:41:78:82:fa:9a:2b:b7:d8:00:
34:48:03:37:cb:a9:bf:2c:95:d2:11:49:e9:3a:76:
10:31:52:51:4f:c4:72:e0:fb:d6:50:02:8a:ec:f0:
3f:fb:31:04:ee:e1:e3:95:b0:09:b6:df:7a:b8:a2:
ca:86:d3:d9:d5:01:d0:cd:07:2e:5b:19:8d:f0:6b:
82:57:4f:ea:d9:6d:d9:37:fd:c6:74:7d:1f:f4:58:
51:36:b2:4f:10:49:92:ce:f6:c9:36:70:65:ab:b0:
23:17:e9:eb:4f:a2:2a:da:28:80:a8:5b:07:fa:60:
17:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:1D:0F:F1:F7:44:19:7F:2A:BD:EA:27:94:FC:E0:25:30:5C:DB:31
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/Hh0P8fdEGX8qveonlPzgJTBc2zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/21
5.152.168.0/21
37.1.183.0/24
185.15.101.0-185.15.103.255
Signature Algorithm: sha256WithRSAEncryption
bc:e5:b4:85:09:7a:7a:39:5a:bd:9b:0b:0f:2d:66:f9:4e:35:
c6:28:43:a0:55:41:43:b6:c7:41:1f:8e:a4:02:e6:37:72:ee:
84:2c:44:7e:15:cc:88:3c:e9:2a:30:6c:27:28:f7:52:84:25:
cb:f4:75:3b:52:99:96:25:da:6d:5f:59:7c:a8:fa:92:ae:b5:
8c:61:01:7f:a5:6c:f5:9c:c7:c4:ea:cc:97:01:6a:f7:0a:1b:
05:9f:ae:3d:19:0e:a1:82:ee:80:9f:94:21:47:dc:04:93:50:
e6:d5:17:07:25:ed:c5:4a:d6:25:51:54:57:a5:38:e0:e3:c1:
e4:a2:0b:fe:69:46:fe:51:cc:2e:71:d8:6c:dc:c5:d7:19:e0:
d7:d8:dd:44:f2:8c:d1:5a:81:5b:ed:68:31:96:82:ba:96:22:
e1:e5:63:e4:50:54:5e:da:72:f5:18:a0:bd:a3:9d:df:b9:ad:
c2:fb:65:5f:5f:7f:24:1f:9d:8e:a2:fa:2b:54:b7:be:20:39:
1e:d8:27:53:c3:bf:23:0c:ec:ec:fc:60:c7:b4:00:82:a2:ce:
e6:1b:61:e2:4f:8b:38:53:bc:0a:44:1e:1f:23:57:58:b9:72:
0b:21:fc:b2:2d:9f:90:59:0c:31:7d:e6:ae:30:5a:f7:19:30:
a9:93:0d:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEAQfmYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE4OWI2N2M2NmRlYmY1ZGVkM2YyODgwYmI0OTQxZDMwNDExMjU3MB4XDTIyMDQw
NjA5MjQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWUxZDBmZjFmNzQ0
MTk3ZjJhYmRlYTI3OTRmY2UwMjUzMDVjZGIzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDDAzwtfFyeinIGodBlBKGg4EngGQnj2jpmNtlkFEtuifVR
W/ILHzNbxBSfUmhILkkXsVYTAQNdsyUJzH+FoTayyJod2gx1f2OFLBYLDAQyYkKH
3l22iFejy/bPZmhQ4IVnrb4h0AktZtOgWsGNlM/SvP1F+60t/Zt5S3dvraKvraCg
hM/ovw6DH3mCQXiC+port9gANEgDN8upvyyV0hFJ6Tp2EDFSUU/EcuD71lACiuzw
P/sxBO7h45WwCbbferiiyobT2dUB0M0HLlsZjfBrgldP6tlt2Tf9xnR9H/RYUTay
TxBJks72yTZwZauwIxfp60+iKtoogKhbB/pgFzECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQeHQ/x90QZfyq96ieU/OAlMFzbMTAfBgNVHSMEGDAWgBSxqJtnxm3r9d7T
8ogLtJQdMEESVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhaWJaOFp0Nl9YZTBfS0lDN1NVSFRCQkVsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYmM0ZDdiLTNjYjctNGYzMy04OWU3LTIxMDBiZjBmMTQwYS8x
L0hoMFA4ZmRFR1g4cXZlb25sUHpnSlRCYzJ6RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YmM0ZDdiLTNjYjctNGYzMy04OWU3LTIxMDBiZjBmMTQwYS8xL3NhaWJaOFp0Nl9Y
ZTBfS0lDN1NVSFRCQkVsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAwUIuAMEAwWYqAMEACUBtzAMAwQA
uQ9lAwQDuQ9gMA0GCSqGSIb3DQEBCwUAA4IBAQC85bSFCXp6OVq9mwsPLWb5TjXG
KEOgVUFDtsdBH46kAuY3cu6ELER+FcyIPOkqMGwnKPdShCXL9HU7UpmWJdptX1l8
qPqSrrWMYQF/pWz1nMfE6syXAWr3ChsFn649GQ6hgu6An5QhR9wEk1Dm1RcHJe3F
StYlUVRXpTjg48Hkogv+aUb+Ucwucdhs3MXXGeDX2N1E8ozRWoFb7WgxloK6liLh
5WPkUFRe2nL1GKC9o53fua3C+2VfX38kH52OovorVLe+IDke2CdTw78jDOzs/GDH
tACCos7mG2HiT4s4U7wKRB4fI1dYuXILIfyyLZ+QWQwxfeauMFr3GTCpkw2/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:54 2025 by rpki-client