Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/E1qvnsUO7J6R5sQwsROMIkKRo9U.roa
File: E1qvnsUO7J6R5sQwsROMIkKRo9U.roa (raw, json)
Hash identifier: SHSGKLsK9MxlOKDZpFV9jYrKc9s7OVQvTaU7iVPALXw=
Subject key identifier: 13:5A:AF:9E:C5:0E:EC:9E:91:E6:C4:30:B1:13:8C:22:42:91:A3:D5
Certificate issuer: /CN=fae491ff2896127ce88ecba44cec74c63fbe1ab5
Certificate serial: 0189F429A5E32072756B6A1BFF32E2CF1B1F
Authority key identifier: FA:E4:91:FF:28:96:12:7C:E8:8E:CB:A4:4C:EC:74:C6:3F:BE:1A:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uSR_yiWEnzojsukTOx0xj--GrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/E1qvnsUO7J6R5sQwsROMIkKRo9U.roa
Signing time: Mon 14 Aug 2023 13:08:37 +0000
ROA not before: Mon 14 Aug 2023 13:08:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12703
IP address blocks: 185.43.76.0/22 maxlen: 22
2a01:6ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:29:a5:e3:20:72:75:6b:6a:1b:ff:32:e2:cf:1b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae491ff2896127ce88ecba44cec74c63fbe1ab5
Validity
Not Before: Aug 14 13:08:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=135aaf9ec50eec9e91e6c430b1138c224291a3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2a:3c:53:72:00:2d:04:19:dc:20:c5:31:fb:
94:0d:9c:7f:4a:ac:46:b7:84:b5:bb:f8:93:91:e1:
bc:e6:bc:8a:87:ec:db:8c:b1:d5:c8:ce:9a:85:63:
b2:bf:81:84:17:30:b0:8e:1a:f6:40:9d:3f:82:e0:
a4:7a:0d:73:f6:4d:1d:a0:6d:e5:77:b5:f9:64:c0:
7d:0b:9a:b5:49:c4:3f:ae:a3:2e:ae:c2:4f:6c:dd:
2f:57:68:df:99:87:88:8e:7b:66:23:17:0a:c8:73:
d6:e7:5f:94:61:d0:47:8d:2b:a9:b2:f7:65:3e:c0:
09:89:83:51:fd:d2:c8:64:cc:53:63:06:d7:07:82:
a3:ea:35:ef:de:24:d3:48:a1:6c:67:bb:96:9b:00:
33:ca:42:c3:33:ab:03:97:90:7a:b4:a8:d1:13:76:
6a:56:b4:ee:59:cc:3c:7d:e6:0c:65:23:33:f3:62:
16:64:54:0c:a9:16:41:af:bd:38:86:0a:78:77:0f:
b1:97:b2:d2:1c:63:b2:13:47:15:d9:cc:b2:21:a9:
24:c9:73:76:b4:98:99:9e:1e:03:10:ed:3e:96:6d:
12:9b:2b:9c:33:08:20:06:b7:0e:ca:b3:e4:61:7d:
9c:01:fa:57:02:99:8a:6f:1b:07:b9:fd:6c:ef:98:
0a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:5A:AF:9E:C5:0E:EC:9E:91:E6:C4:30:B1:13:8C:22:42:91:A3:D5
X509v3 Authority Key Identifier:
keyid:FA:E4:91:FF:28:96:12:7C:E8:8E:CB:A4:4C:EC:74:C6:3F:BE:1A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uSR_yiWEnzojsukTOx0xj--GrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/E1qvnsUO7J6R5sQwsROMIkKRo9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/1-uSR_yiWEnzojsukTOx0xj--GrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.76.0/22
IPv6:
2a01:6ca0::/32
Signature Algorithm: sha256WithRSAEncryption
c2:32:9c:78:36:5d:8b:0a:3b:a6:36:17:3e:a3:30:0b:41:86:
0f:cc:ac:e3:f7:61:a3:04:8c:a6:09:9a:66:83:23:12:c7:af:
cd:ec:2e:a5:20:43:41:69:d2:63:bd:97:c1:0d:7f:65:68:82:
9a:0d:20:b4:06:ad:c2:bc:b7:40:da:1c:1c:56:57:9a:7b:08:
4f:d1:16:6c:9c:db:65:b7:10:b1:14:11:74:80:db:60:d8:04:
56:0a:78:62:56:8f:3a:a0:4f:51:bb:90:e4:28:8b:11:af:f3:
46:bb:cf:ec:60:dd:f7:7b:a4:7b:5b:ec:06:5d:42:ac:35:c0:
9e:d9:b9:64:a0:1a:29:b2:fa:75:12:ef:e2:9b:be:93:01:7f:
62:6f:da:1a:de:4f:26:c7:c9:7c:0c:af:02:69:71:58:6d:01:
5c:0c:15:06:fa:c9:aa:7a:ac:f9:aa:36:87:a4:61:73:1b:8e:
32:5a:8f:68:8e:e9:60:7a:dc:de:53:27:3f:38:28:29:f0:dd:
62:52:09:80:7e:88:cc:a2:95:d2:88:8f:99:e9:30:09:9e:0f:
68:3f:ee:e4:05:0c:98:60:cc:5e:63:63:1a:d0:89:25:7e:1a:
bb:ce:9a:cc:f6:1b:f1:44:1e:84:58:f4:22:3e:42:6c:01:51:
3f:54:b2:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn0KaXjIHJ1a2ob/zLizxsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZTQ5MWZmMjg5NjEyN2NlODhlY2JhNDRjZWM3NGM2M2Zi
ZTFhYjUwHhcNMjMwODE0MTMwODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzVhYWY5ZWM1MGVlYzllOTFlNmM0MzBiMTEzOGMyMjQyOTFhM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Co8U3IALQQZ3CDFMfuUDZx/SqxG
t4S1u/iTkeG85ryKh+zbjLHVyM6ahWOyv4GEFzCwjhr2QJ0/guCkeg1z9k0doG3l
d7X5ZMB9C5q1ScQ/rqMursJPbN0vV2jfmYeIjntmIxcKyHPW51+UYdBHjSupsvdl
PsAJiYNR/dLIZMxTYwbXB4Kj6jXv3iTTSKFsZ7uWmwAzykLDM6sDl5B6tKjRE3Zq
VrTuWcw8feYMZSMz82IWZFQMqRZBr704hgp4dw+xl7LSHGOyE0cV2cyyIakkyXN2
tJiZnh4DEO0+lm0SmyucMwggBrcOyrPkYX2cAfpXApmKbxsHuf1s75gKywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBNar57FDuyekebEMLETjCJCkaPVMB8GA1UdIwQY
MBaAFPrkkf8olhJ86I7LpEzsdMY/vhq1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS11U1JfeWlXRW56b2pzdWtUT3gweGotLUdyVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvYzQ3Y2UwLWUyOTEtNDJmZS1iM2Y4
LWNlYzE2MzMzZDdmMi8xL0UxcXZuc1VPN0o2UjVzUXdzUk9NSWtLUm85VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvYzQ3Y2UwLWUyOTEtNDJmZS1iM2Y4LWNlYzE2MzMzZDdm
Mi8xLzEtdVNSX3lpV0Vuem9qc3VrVE94MHhqLS1HclUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5K0ww
DQQCAAIwBwMFACoBbKAwDQYJKoZIhvcNAQELBQADggEBAMIynHg2XYsKO6Y2Fz6j
MAtBhg/MrOP3YaMEjKYJmmaDIxLHr83sLqUgQ0Fp0mO9l8ENf2VogpoNILQGrcK8
t0DaHBxWV5p7CE/RFmyc22W3ELEUEXSA22DYBFYKeGJWjzqgT1G7kOQoixGv80a7
z+xg3fd7pHtb7AZdQqw1wJ7ZuWSgGimy+nUS7+KbvpMBf2Jv2hreTybHyXwMrwJp
cVhtAVwMFQb6yap6rPmqNoekYXMbjjJaj2iO6WB63N5TJz84KCnw3WJSCYB+iMyi
ldKIj5npMAmeD2g/7uQFDJhgzF5jYxrQiSV+GrvOmsz2G/FEHoRY9CI+QmwBUT9U
snA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:40 2025 by rpki-client