Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/jOoX6I1DevTJvdXIe2UeUvll6_Q.roa
File: jOoX6I1DevTJvdXIe2UeUvll6_Q.roa (raw, json)
Hash identifier: 910JlHjwEEkycr6jO9PDKnPo/muol73s1O6jlqqdmAM=
Subject key identifier: 8C:EA:17:E8:8D:43:7A:F4:C9:BD:D5:C8:7B:65:1E:52:F9:65:EB:F4
Certificate issuer: /CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Certificate serial: 018570CBF3F9DA640016D49C61A51764B50F
Authority key identifier: D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/jOoX6I1DevTJvdXIe2UeUvll6_Q.roa
Signing time: Mon 02 Jan 2023 04:44:52 +0000
ROA not before: Mon 02 Jan 2023 04:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33876
IP address blocks: 185.76.4.0/22 maxlen: 24
176.111.104.0/22 maxlen: 22
176.111.104.0/24 maxlen: 24
185.12.116.0/22 maxlen: 24
185.11.164.0/22 maxlen: 24
91.198.47.0/24 maxlen: 24
94.126.168.0/21 maxlen: 24
176.61.144.0/21 maxlen: 21
194.8.30.0/24 maxlen: 24
2a03:8bc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:f3:f9:da:64:00:16:d4:9c:61:a5:17:64:b5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Validity
Not Before: Jan 2 04:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cea17e88d437af4c9bdd5c87b651e52f965ebf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:02:be:2b:7d:45:5a:71:20:40:12:e4:74:4b:
85:f2:05:99:b8:3d:1f:ef:56:56:f3:05:bc:51:e7:
38:44:68:aa:d6:f7:05:b5:e2:1a:4f:25:3f:fd:b1:
d1:d3:e6:f9:08:de:43:b4:c0:3a:42:b2:fb:7e:f9:
22:06:4d:0f:64:51:20:14:3d:3b:77:69:05:87:7a:
ea:1b:fb:ae:7b:f9:6a:c4:4b:9f:47:1c:76:fc:5c:
fc:4e:c0:82:f1:af:37:75:d5:e1:0c:52:f3:19:71:
fa:1b:18:ca:61:12:5d:ed:c3:10:3e:bf:d7:b9:c8:
23:f3:c4:7f:d1:a4:9f:5e:c4:8d:c7:1b:85:90:2d:
39:31:25:b4:6d:b0:b3:d0:c1:23:69:50:35:2a:75:
cb:4b:a0:ab:09:ac:48:56:c6:13:ac:c8:d3:d0:a1:
a9:1c:ea:b0:56:fc:d4:de:e5:69:83:26:df:7c:fa:
75:00:ff:37:6c:89:23:bb:83:ae:f9:40:d5:07:23:
78:fe:43:73:97:75:8c:5e:a8:45:f3:b3:fb:e2:bd:
9d:46:81:6e:2b:69:95:b3:0d:9e:0e:80:36:7f:38:
be:fe:30:49:63:e2:66:5a:10:91:8a:9d:5e:d9:45:
8f:ab:3d:b3:5d:ce:6f:0b:00:92:06:c6:6a:2f:04:
8e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:EA:17:E8:8D:43:7A:F4:C9:BD:D5:C8:7B:65:1E:52:F9:65:EB:F4
X509v3 Authority Key Identifier:
keyid:D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/jOoX6I1DevTJvdXIe2UeUvll6_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.47.0/24
94.126.168.0/21
176.61.144.0/21
176.111.104.0/22
185.11.164.0/22
185.12.116.0/22
185.76.4.0/22
194.8.30.0/24
IPv6:
2a03:8bc0::/32
Signature Algorithm: sha256WithRSAEncryption
15:a7:7c:fc:94:af:3c:ef:a4:86:40:6e:7a:ab:9f:6e:74:4a:
73:d6:e5:39:59:6c:3c:30:fa:e1:ee:6b:67:60:73:7f:2d:c3:
e6:59:bb:04:7e:ca:94:49:37:21:67:03:9e:25:7b:1c:db:c0:
8e:7c:8b:e1:6b:21:f5:97:a4:23:7d:ad:35:65:2c:f5:50:f0:
ed:12:e4:a0:0f:fa:ea:5f:df:c2:4c:55:53:a8:4a:09:62:aa:
08:0a:99:f4:f5:b5:47:03:22:01:a9:65:02:f8:a6:ff:d3:d8:
bc:5a:6a:be:21:23:a6:35:ec:c6:4b:b4:a9:f5:b8:ec:bd:1c:
72:61:6d:25:66:ae:da:b5:b1:dc:c6:22:dd:38:e4:ae:42:b0:
9d:fd:49:1c:e4:e2:eb:94:3e:15:18:46:52:57:13:04:e6:1c:
9c:e7:45:c1:bc:de:96:66:9e:2e:e0:04:c8:4c:cb:8a:10:46:
4e:6a:af:51:2f:33:ce:65:55:85:c6:e6:07:e0:71:ba:20:67:
04:9b:d2:31:47:c7:92:36:09:7d:6d:26:d3:ba:c5:27:b6:87:
ed:7a:c6:df:dd:16:05:37:55:b0:23:35:14:34:f3:be:02:20:
0c:3b:82:7b:fe:a9:04:ed:46:89:ed:c4:4a:cf:d0:77:2d:99:
14:98:d5:c3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVwy/P52mQAFtScYaUXZLUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTkyYWFjNDg5NTIyZDVkYjE4ZmQ2MzkxZTAzNWE5Nzc4
ZWEzYjEwHhcNMjMwMTAyMDQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2VhMTdlODhkNDM3YWY0YzliZGQ1Yzg3YjY1MWU1MmY5NjVlYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AK+K31FWnEgQBLkdEuF8gWZuD0f
71ZW8wW8Uec4RGiq1vcFteIaTyU//bHR0+b5CN5DtMA6QrL7fvkiBk0PZFEgFD07
d2kFh3rqG/uue/lqxEufRxx2/Fz8TsCC8a83ddXhDFLzGXH6GxjKYRJd7cMQPr/X
ucgj88R/0aSfXsSNxxuFkC05MSW0bbCz0MEjaVA1KnXLS6CrCaxIVsYTrMjT0KGp
HOqwVvzU3uVpgybffPp1AP83bIkju4Ou+UDVByN4/kNzl3WMXqhF87P74r2dRoFu
K2mVsw2eDoA2fzi+/jBJY+JmWhCRip1e2UWPqz2zXc5vCwCSBsZqLwSOAQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFIzqF+iNQ3r0yb3VyHtlHlL5Zev0MB8GA1UdIwQY
MBaAFNNZKqxIlSLV2xj9Y5HgNal3jqOxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUt
ZTMzYWUxMDZiNTRkLzEvak9vWDZJMURldlRKdmRYSWUyVWVVdmxsNl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUtZTMzYWUxMDZiNTRk
LzEvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAW8YvAwQD
Xn6oAwQDsD2QAwQCsG9oAwQCuQukAwQCuQx0AwQCuUwEAwQAwggeMA0EAgACMAcD
BQAqA4vAMA0GCSqGSIb3DQEBCwUAA4IBAQAVp3z8lK8876SGQG56q59udEpz1uU5
WWw8MPrh7mtnYHN/LcPmWbsEfsqUSTchZwOeJXsc28COfIvhayH1l6Qjfa01ZSz1
UPDtEuSgD/rqX9/CTFVTqEoJYqoICpn09bVHAyIBqWUC+Kb/09i8Wmq+ISOmNezG
S7Sp9bjsvRxyYW0lZq7atbHcxiLdOOSuQrCd/Ukc5OLrlD4VGEZSVxME5hyc50XB
vN6WZp4u4ATITMuKEEZOaq9RLzPOZVWFxuYH4HG6IGcEm9IxR8eSNgl9bSbTusUn
toftesbf3RYFN1WwIzUUNPO+AiAMO4J7/qkE7UaJ7cRKz9B3LZkUmNXD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:55 2025 by rpki-client