Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/924c77-b283-4a52-9094-11f1b5a4b0dc/1/d3I5JWsk7Nmd2Cs7u5Us1PJzags.roa
File: d3I5JWsk7Nmd2Cs7u5Us1PJzags.roa (raw, json)
Hash identifier: EGRkuKhgxaAAsAjlvDCQvHDwtZGNzgg+UKMdtoD4vrk=
Subject key identifier: 77:72:39:25:6B:24:EC:D9:9D:D8:2B:3B:BB:95:2C:D4:F2:73:6A:0B
Certificate issuer: /CN=40cb59a418eadfa5dc869f56f1847fb25d987fc6
Certificate serial: 05A73FF8
Authority key identifier: 40:CB:59:A4:18:EA:DF:A5:DC:86:9F:56:F1:84:7F:B2:5D:98:7F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QMtZpBjq36Xchp9W8YR_sl2Yf8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/924c77-b283-4a52-9094-11f1b5a4b0dc/1/d3I5JWsk7Nmd2Cs7u5Us1PJzags.roa
Signing time: Fri 21 Jan 2022 01:54:35 +0000
ROA not before: Fri 21 Jan 2022 01:54:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29075
IP address blocks: 185.18.172.0/22 maxlen: 22
45.140.103.0/24 maxlen: 24
2a04:cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94846968 (0x5a73ff8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40cb59a418eadfa5dc869f56f1847fb25d987fc6
Validity
Not Before: Jan 21 01:54:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=777239256b24ecd99dd82b3bbb952cd4f2736a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1b:c2:68:fc:e3:c0:23:76:2e:b0:fe:ed:ac:
d2:8b:15:9e:96:09:b3:ca:2c:3d:5a:6b:f8:ee:0d:
31:2a:a1:0b:5a:90:13:c5:0c:5a:ce:ff:e3:16:e3:
b4:aa:cd:06:58:39:3f:a1:a6:04:ef:54:7a:5d:d0:
7e:47:c5:5d:0a:b5:f5:0f:b6:8a:c4:7a:57:c7:68:
cf:84:a6:de:15:72:bd:2a:99:de:c9:0f:f5:3e:87:
f6:e5:45:f1:09:14:bb:12:c3:81:21:1a:2d:10:e0:
2d:9c:73:19:e2:ed:d1:76:e8:67:d4:33:8a:6b:25:
13:a4:8e:82:f8:bc:06:f4:5d:f8:1c:1f:72:b5:02:
95:b0:3c:2a:12:ea:1e:2a:0d:98:0c:b0:3e:c4:27:
d0:1b:22:25:75:01:5f:00:f2:8e:e0:39:41:50:1e:
16:18:3f:cc:74:33:a6:fe:b5:05:ed:95:f0:29:b8:
b4:e4:ea:68:b3:a2:88:55:33:03:f8:8b:29:69:0b:
27:37:62:76:11:27:f0:7d:bd:07:cf:24:88:5e:ed:
eb:59:2f:31:55:26:e6:cd:7e:cd:3d:1c:00:b3:89:
fd:3a:b6:62:28:c7:3b:ae:db:29:d5:88:db:ac:bb:
ba:d9:22:d5:bb:e3:97:f9:60:8b:25:05:e5:9f:a8:
e5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:72:39:25:6B:24:EC:D9:9D:D8:2B:3B:BB:95:2C:D4:F2:73:6A:0B
X509v3 Authority Key Identifier:
keyid:40:CB:59:A4:18:EA:DF:A5:DC:86:9F:56:F1:84:7F:B2:5D:98:7F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QMtZpBjq36Xchp9W8YR_sl2Yf8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/924c77-b283-4a52-9094-11f1b5a4b0dc/1/d3I5JWsk7Nmd2Cs7u5Us1PJzags.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/924c77-b283-4a52-9094-11f1b5a4b0dc/1/QMtZpBjq36Xchp9W8YR_sl2Yf8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.103.0/24
185.18.172.0/22
IPv6:
2a04:cc0::/29
Signature Algorithm: sha256WithRSAEncryption
76:4c:e9:ab:b3:1b:b5:eb:76:11:af:22:98:5d:c3:12:27:ff:
c3:34:40:56:ad:16:4c:ab:61:29:9d:9b:81:5e:cf:d2:92:ca:
48:12:21:a2:a9:81:56:43:7d:ac:6f:17:8a:16:ae:73:0e:7c:
48:c8:e6:71:c4:33:4d:b6:da:2e:37:ad:0d:08:f3:19:13:2c:
ed:76:55:3d:35:18:ff:fd:e3:f5:8b:85:2f:6c:bc:fa:18:46:
ae:de:19:71:f0:8a:10:b1:0d:19:ea:79:c2:24:8f:b1:4e:9a:
3f:b0:fd:3c:b8:d4:24:b1:65:b4:21:da:c5:32:93:22:0b:12:
3e:07:0b:0e:3c:f8:ef:5a:ae:9b:fe:86:ba:6c:65:9a:ae:c2:
7c:6f:07:18:c9:93:d6:80:ee:b1:68:49:32:7c:4c:16:f2:df:
50:c8:dd:43:80:99:4f:4f:2a:e0:11:3e:91:da:43:d1:71:7b:
61:46:cb:b1:17:66:8d:11:11:97:b5:11:f3:d5:79:e7:62:db:
91:6a:f1:fe:04:66:13:72:85:82:f8:16:d4:b5:1f:78:e8:a1:
24:f1:18:51:5c:90:7d:fa:17:15:84:32:68:d3:3b:e0:a6:ae:
3a:a0:11:15:a3:f5:bd:e2:10:c1:93:3a:8c:26:6f:22:98:b8:
38:2d:52:d6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBac/+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGNiNTlhNDE4ZWFkZmE1ZGM4NjlmNTZmMTg0N2ZiMjVkOTg3ZmM2MB4XDTIyMDEy
MTAxNTQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc3MjM5MjU2YjI0
ZWNkOTlkZDgyYjNiYmI5NTJjZDRmMjczNmEwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIbwmj848Ajdi6w/u2s0osVnpYJs8osPVpr+O4NMSqhC1qQ
E8UMWs7/4xbjtKrNBlg5P6GmBO9Uel3QfkfFXQq19Q+2isR6V8doz4Sm3hVyvSqZ
3skP9T6H9uVF8QkUuxLDgSEaLRDgLZxzGeLt0XboZ9QzimslE6SOgvi8BvRd+Bwf
crUClbA8KhLqHioNmAywPsQn0BsiJXUBXwDyjuA5QVAeFhg/zHQzpv61Be2V8Cm4
tOTqaLOiiFUzA/iLKWkLJzdidhEn8H29B88kiF7t61kvMVUm5s1+zT0cALOJ/Tq2
YijHO67bKdWI26y7utki1bvjl/lgiyUF5Z+o5ZMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR3cjklayTs2Z3YKzu7lSzU8nNqCzAfBgNVHSMEGDAWgBRAy1mkGOrfpdyG
n1bxhH+yXZh/xjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FNdFpwQmpxMzZYY2hwOVc4WVJfc2wyWWY4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvOTI0Yzc3LWIyODMtNGE1Mi05MDk0LTExZjFiNWE0YjBkYy8x
L2QzSTVKV3NrN05tZDJDczd1NVVzMVBKemFncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
OTI0Yzc3LWIyODMtNGE1Mi05MDk0LTExZjFiNWE0YjBkYy8xL1FNdFpwQmpxMzZY
Y2hwOVc4WVJfc2wyWWY4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAC2MZwMEArkSrDANBAIAAjAHAwUD
KgQMwDANBgkqhkiG9w0BAQsFAAOCAQEAdkzpq7Mbtet2Ea8imF3DEif/wzRAVq0W
TKthKZ2bgV7P0pLKSBIhoqmBVkN9rG8Xihaucw58SMjmccQzTbbaLjetDQjzGRMs
7XZVPTUY//3j9YuFL2y8+hhGrt4ZcfCKELENGep5wiSPsU6aP7D9PLjUJLFltCHa
xTKTIgsSPgcLDjz471qum/6Gumxlmq7CfG8HGMmT1oDusWhJMnxMFvLfUMjdQ4CZ
T08q4BE+kdpD0XF7YUbLsRdmjRERl7UR89V552LbkWrx/gRmE3KFgvgW1LUfeOih
JPEYUVyQffoXFYQyaNM74KauOqARFaP1veIQwZM6jCZvIpi4OC1S1g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:09 2025 by rpki-client