Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/4VTq4OZlEzG7PAwYaipB6EJBQn0.roa
File: 4VTq4OZlEzG7PAwYaipB6EJBQn0.roa (raw, json)
Hash identifier: cyZtzqb5VPv1H/DE0Q8tBKvnD/6KKhGMKZS+AVpv5Xo=
Subject key identifier: E1:54:EA:E0:E6:65:13:31:BB:3C:0C:18:6A:2A:41:E8:42:41:42:7D
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 0188A942441F0823694CD08BA4FD91405B89
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/4VTq4OZlEzG7PAwYaipB6EJBQn0.roa
Signing time: Sun 11 Jun 2023 07:01:12 +0000
ROA not before: Sun 11 Jun 2023 07:01:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211090
IP address blocks: 185.253.76.0/24 maxlen: 24
185.253.78.0/24 maxlen: 24
91.239.119.0/24 maxlen: 24
2a10:f1c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a9:42:44:1f:08:23:69:4c:d0:8b:a4:fd:91:40:5b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Jun 11 07:01:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e154eae0e6651331bb3c0c186a2a41e84241427d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d5:f4:90:1b:f2:4d:45:90:d1:6b:44:f9:35:
31:06:72:af:ca:04:8a:d3:e0:a0:be:f8:cb:6f:fd:
1d:6f:f2:66:a5:2c:be:14:97:5c:4e:42:8b:3f:0d:
e0:e4:20:38:ac:c0:70:31:70:6d:ad:d1:ed:f4:fb:
91:b0:97:13:e4:eb:6f:df:be:d3:92:bd:5a:8a:7d:
be:84:57:71:de:40:b8:35:50:00:aa:ba:7e:74:ed:
8d:d4:03:44:f0:72:46:da:2c:29:70:b8:3f:a5:31:
e7:e9:6b:6a:a2:53:6a:15:3f:a5:5e:30:8c:70:13:
0c:f1:62:62:9a:8b:0e:d1:a0:45:d8:c8:ed:fd:4b:
ff:46:9c:c1:2a:7a:b9:9d:cd:a0:fa:1c:e8:20:93:
9c:f5:39:01:bb:fa:7b:91:9b:b7:de:30:9e:00:b4:
eb:5f:2e:bf:13:86:eb:0b:64:86:95:23:52:5c:82:
65:97:26:9b:57:af:5c:4b:11:7c:5b:c1:dc:9c:72:
9b:29:76:c9:cd:aa:70:f4:3c:dd:39:43:d9:93:8d:
4e:a2:a2:89:8b:e5:c1:62:4b:11:b3:8c:2c:6d:85:
7c:9e:d6:0d:e5:0e:5c:30:f0:f4:5c:73:c2:17:c3:
30:f3:a7:a0:b3:9f:da:b8:e3:bf:97:c2:7e:b1:1f:
da:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:54:EA:E0:E6:65:13:31:BB:3C:0C:18:6A:2A:41:E8:42:41:42:7D
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/4VTq4OZlEzG7PAwYaipB6EJBQn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.119.0/24
185.253.76.0/24
185.253.78.0/24
IPv6:
2a10:f1c0::/48
Signature Algorithm: sha256WithRSAEncryption
08:5b:d5:53:e5:15:51:13:06:d8:12:cb:cd:a0:ae:c2:8e:29:
60:ec:25:79:5e:aa:3b:2c:a1:c8:2c:00:fc:b6:42:ad:bd:6c:
8c:b4:e0:58:2a:df:9d:26:f2:44:ad:67:84:bc:7c:8f:3b:34:
2a:ce:30:36:c1:2f:df:cf:00:2b:1b:81:54:fd:48:ae:67:2f:
57:cf:e7:22:cb:ff:4c:79:60:74:ba:2c:fd:51:b1:10:4b:ba:
cc:47:38:df:cd:86:7d:fc:65:bd:c7:23:33:3f:e6:ab:a5:fc:
9a:5e:ac:91:d2:16:b7:51:7f:d9:54:f0:ec:4c:2a:d7:e5:d3:
0d:55:14:e8:d4:9a:1c:52:83:c7:98:14:c4:d8:26:b9:d4:bc:
10:44:9f:02:bd:13:92:6a:ad:27:0e:af:86:f6:44:d9:8a:85:
2e:cc:52:fa:37:16:b1:9d:90:21:aa:66:c0:ab:3d:18:88:85:
49:9e:c9:01:95:61:4f:63:18:68:e0:f7:b8:4e:0c:00:76:f6:
a7:2e:1c:36:7b:6a:5c:6b:eb:e0:a7:3d:99:de:1c:d9:1f:e7:
ff:e3:eb:d7:d9:3a:18:9d:70:c1:ff:a7:91:d0:9d:a6:d9:f3:
e7:1b:33:4c:b7:45:45:09:51:65:c1:35:c2:9b:72:02:ab:a4:
54:9b:0f:94
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYipQkQfCCNpTNCLpP2RQFuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjMwNjExMDcwMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU0ZWFlMGU2NjUxMzMxYmIzYzBjMTg2YTJhNDFlODQyNDE0MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdX0kBvyTUWQ0WtE+TUxBnKvygSK
0+CgvvjLb/0db/JmpSy+FJdcTkKLPw3g5CA4rMBwMXBtrdHt9PuRsJcT5Otv377T
kr1ain2+hFdx3kC4NVAAqrp+dO2N1ANE8HJG2iwpcLg/pTHn6WtqolNqFT+lXjCM
cBMM8WJimosO0aBF2Mjt/Uv/RpzBKnq5nc2g+hzoIJOc9TkBu/p7kZu33jCeALTr
Xy6/E4brC2SGlSNSXIJllyabV69cSxF8W8HcnHKbKXbJzapw9DzdOUPZk41OoqKJ
i+XBYksRs4wsbYV8ntYN5Q5cMPD0XHPCF8Mw86egs5/auOO/l8J+sR/azQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOFU6uDmZRMxuzwMGGoqQehCQUJ9MB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvNFZUcTRPWmxFekc3UEF3WWFpcEI2RUpCUW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW+93AwQA
uf1MAwQAuf1OMA8EAgACMAkDBwAqEPHAAAAwDQYJKoZIhvcNAQELBQADggEBAAhb
1VPlFVETBtgSy82grsKOKWDsJXleqjssocgsAPy2Qq29bIy04Fgq350m8kStZ4S8
fI87NCrOMDbBL9/PACsbgVT9SK5nL1fP5yLL/0x5YHS6LP1RsRBLusxHON/Nhn38
Zb3HIzM/5qul/JperJHSFrdRf9lU8OxMKtfl0w1VFOjUmhxSg8eYFMTYJrnUvBBE
nwK9E5JqrScOr4b2RNmKhS7MUvo3FrGdkCGqZsCrPRiIhUmeyQGVYU9jGGjg97hO
DAB29qcuHDZ7alxr6+CnPZneHNkf5//j69fZOhidcMH/p5HQnabZ8+cbM0y3RUUJ
UWXBNcKbcgKrpFSbD5Q=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:25 2025 by rpki-client