Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/U4pbRkQfr8_HosUSYIcpgINnqTE.roa
File: U4pbRkQfr8_HosUSYIcpgINnqTE.roa (raw, json)
Hash identifier: SYZ7vMeueULhgFch0sATwMDPm2gnzLGVTjlARBfqnyo=
Subject key identifier: 53:8A:5B:46:44:1F:AF:CF:C7:A2:C5:12:60:87:29:80:83:67:A9:31
Certificate issuer: /CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Certificate serial: 6F5718
Authority key identifier: 40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/U4pbRkQfr8_HosUSYIcpgINnqTE.roa
Signing time: Sat 01 Jan 2022 03:52:04 +0000
ROA not before: Sat 01 Jan 2022 03:52:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15739
IP address blocks: 185.91.96.0/23 maxlen: 24
185.91.97.0/24 maxlen: 24
185.91.98.0/23 maxlen: 24
185.91.98.0/24 maxlen: 24
2a05:e380::/29 maxlen: 29
2a05:e380:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7296792 (0x6f5718)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Validity
Not Before: Jan 1 03:52:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=538a5b46441fafcfc7a2c512608729808367a931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2c:50:e3:cb:bf:64:0a:cb:fe:19:e9:6f:43:
c7:29:a7:0f:7c:0f:4e:86:6f:42:3c:d9:90:91:51:
bb:44:39:d7:3d:8e:11:aa:16:c0:3a:63:39:48:8c:
06:6e:bd:4c:e1:c5:af:82:fd:31:59:4c:9c:29:55:
98:90:8d:8c:b3:bf:40:01:9c:b5:e6:85:c9:e5:33:
f4:32:a1:26:fa:93:85:d6:58:73:22:42:f1:bf:66:
b1:c5:48:2f:2c:bc:46:4b:7f:62:d0:27:a5:51:90:
eb:ad:87:27:f8:d4:be:a1:37:b8:fd:6a:98:86:ec:
7b:0b:40:5e:76:85:58:7e:27:f6:02:74:0d:12:5a:
4c:86:b9:ef:ec:59:50:02:af:9e:66:f8:2f:10:a4:
46:ff:cd:6e:23:3d:5a:16:50:08:86:01:ff:df:10:
dd:9e:88:af:8c:8a:51:3a:81:cb:57:85:b6:c1:45:
1d:ff:3d:99:72:6a:54:e5:50:73:f7:a5:4d:aa:c1:
54:42:46:b9:60:39:3a:a3:b2:91:a2:47:86:e8:fa:
8a:4c:ba:77:6d:88:e0:7b:65:51:44:3a:82:b1:73:
38:8f:ba:61:2a:62:e3:cb:80:30:81:e5:2b:a3:7f:
cb:85:b5:a6:33:88:4c:fb:c7:7f:fc:17:ea:4c:da:
95:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8A:5B:46:44:1F:AF:CF:C7:A2:C5:12:60:87:29:80:83:67:A9:31
X509v3 Authority Key Identifier:
keyid:40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/U4pbRkQfr8_HosUSYIcpgINnqTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.96.0/22
IPv6:
2a05:e380::/29
Signature Algorithm: sha256WithRSAEncryption
14:88:5a:f4:55:a1:a7:27:11:9a:cf:cf:ed:6c:e2:a6:02:3e:
e8:d3:f4:1a:07:ed:ad:6f:21:e4:8b:41:4c:0d:cf:81:91:e8:
d9:90:b6:f0:5f:fa:50:ab:18:e2:8e:27:41:ab:62:64:2c:7c:
3d:be:5b:12:02:57:4c:34:a5:fd:1d:94:2f:7d:57:cc:aa:70:
ae:bf:14:6f:4a:c1:8f:ca:27:39:04:cf:34:ac:e7:5e:30:5b:
9d:74:77:c1:60:3e:5a:bb:b8:ac:51:b1:d2:99:43:a3:00:fe:
3d:3e:0e:e7:07:c4:0e:e8:74:2d:ef:81:dd:6b:56:c5:e1:65:
44:f2:35:ba:46:b3:6b:77:38:f3:33:56:44:e0:14:d7:90:a0:
2f:bc:91:69:c7:ee:a4:9f:55:04:a2:e1:cd:58:0f:2f:b7:0d:
12:53:60:df:6e:4c:c4:83:4a:0f:da:fc:81:a9:e1:dd:73:de:
a6:13:3a:4d:7f:6a:16:f3:a7:d3:6e:f7:05:97:d9:e7:cd:e1:
9f:6a:5d:1f:35:25:e0:f8:f8:ac:dd:6f:d6:26:52:82:1b:32:
a1:9d:58:f1:92:01:b1:29:80:91:f3:3c:c3:7e:51:4c:3e:b8:
27:4b:46:9d:b8:13:bf:8e:84:6b:76:d4:36:5e:22:04:88:69:
b8:03:a7:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDb1cYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQw
Zjg3MmU0Y2RiMDdkNjgzOTE0N2U0M2E0YTQxOWJjODRiYTMyMTQwHhcNMjIwMTAx
MDM1MjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1MzhhNWI0NjQ0MWZh
ZmNmYzdhMmM1MTI2MDg3Mjk4MDgzNjdhOTMxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvSxQ48u/ZArL/hnpb0PHKacPfA9Ohm9CPNmQkVG7RDnXPY4R
qhbAOmM5SIwGbr1M4cWvgv0xWUycKVWYkI2Ms79AAZy15oXJ5TP0MqEm+pOF1lhz
IkLxv2axxUgvLLxGS39i0CelUZDrrYcn+NS+oTe4/WqYhux7C0BedoVYfif2AnQN
ElpMhrnv7FlQAq+eZvgvEKRG/81uIz1aFlAIhgH/3xDdnoivjIpROoHLV4W2wUUd
/z2ZcmpU5VBz96VNqsFUQka5YDk6o7KRokeG6PqKTLp3bYjge2VRRDqCsXM4j7ph
KmLjy4AwgeUro3/LhbWmM4hM+8d//BfqTNqV8wIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFFOKW0ZEH6/Px6LFEmCHKYCDZ6kxMB8GA1UdIwQYMBaAFED4cuTNsH1oORR+
Q6SkGbyEujIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTktZGExMzhhZGUyMjJiLzEv
VTRwYlJrUWZyOF9Ib3NVU1lJY3BnSU5ucVRFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81
YzkyZDUtYTdlYi00OTI5LWFlMTktZGExMzhhZGUyMjJiLzEvUVBoeTVNMndmV2c1
Rkg1RHBLUVp2SVM2TWhRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVtgMA0EAgACMAcDBQMqBeOAMA0G
CSqGSIb3DQEBCwUAA4IBAQAUiFr0VaGnJxGaz8/tbOKmAj7o0/QaB+2tbyHki0FM
Dc+BkejZkLbwX/pQqxjijidBq2JkLHw9vlsSAldMNKX9HZQvfVfMqnCuvxRvSsGP
yic5BM80rOdeMFuddHfBYD5au7isUbHSmUOjAP49Pg7nB8QO6HQt74Hda1bF4WVE
8jW6RrNrdzjzM1ZE4BTXkKAvvJFpx+6kn1UEouHNWA8vtw0SU2DfbkzEg0oP2vyB
qeHdc96mEzpNf2oW86fTbvcFl9nnzeGfal0fNSXg+Pis3W/WJlKCGzKhnVjxkgGx
KYCR8zzDflFMPrgnS0aduBO/joRrdtQ2XiIEiGm4A6fW
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:00 2025 by rpki-client