Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/_p4XL8T8U-y4XqwxbBIfTrxoc80.roa
File: _p4XL8T8U-y4XqwxbBIfTrxoc80.roa (raw, json)
Hash identifier: VR4d1jpnjnJz+XNW1QujR/xxm0n8d4MrMBRmtMp6dGk=
Subject key identifier: FE:9E:17:2F:C4:FC:53:EC:B8:5E:AC:31:6C:12:1F:4E:BC:68:73:CD
Certificate issuer: /CN=7a6735b7a553a1680c11add3e48c3635b53979ca
Certificate serial: 1B1F643A
Authority key identifier: 7A:67:35:B7:A5:53:A1:68:0C:11:AD:D3:E4:8C:36:35:B5:39:79:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/_p4XL8T8U-y4XqwxbBIfTrxoc80.roa
Signing time: Sat 01 Jan 2022 11:00:47 +0000
ROA not before: Sat 01 Jan 2022 11:00:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49604
IP address blocks: 185.31.240.0/22 maxlen: 24
85.234.246.0/23 maxlen: 24
85.234.242.0/23 maxlen: 23
85.234.244.0/23 maxlen: 23
217.146.64.0/20 maxlen: 24
85.222.232.0/22 maxlen: 24
2a02:29ea:1e::/48 maxlen: 48
2a02:29ea:14::/48 maxlen: 48
2a02:29e8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 455042106 (0x1b1f643a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a6735b7a553a1680c11add3e48c3635b53979ca
Validity
Not Before: Jan 1 11:00:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe9e172fc4fc53ecb85eac316c121f4ebc6873cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5d:e8:c6:41:9d:83:0b:67:83:32:07:70:cf:
f9:7b:d7:69:7b:3f:37:55:a1:36:32:55:ca:87:3c:
4b:76:eb:63:a7:80:de:4e:b2:c1:d6:21:1c:11:37:
d0:0b:f7:88:ae:7d:15:9b:44:fd:28:a6:f8:c0:66:
6e:9c:00:cf:7b:91:1a:6a:bb:13:4f:cd:ac:76:2b:
61:4c:54:da:1b:9a:30:59:ba:63:c2:a6:82:b0:2d:
b1:fc:bd:c8:c9:b7:32:af:9b:dd:a9:84:2a:61:06:
73:24:9b:cd:36:85:2d:77:57:29:a5:da:17:db:5c:
6c:a7:70:a9:9e:37:c1:a7:c2:73:7e:2b:66:8f:22:
c0:68:48:50:59:06:5f:b5:ef:b8:13:6c:e4:49:15:
4f:08:76:37:e2:5b:f8:93:1b:e6:05:7b:a5:13:e0:
88:d7:1a:5a:1f:ca:30:ff:8d:44:ae:42:16:60:bb:
27:ca:04:22:4a:a0:79:b9:40:a7:1d:c1:0d:76:43:
82:0a:77:d9:11:03:a4:c5:84:b7:9d:8d:0b:31:03:
b3:3a:cd:bd:e6:aa:38:73:f1:24:66:12:0a:89:81:
b5:f8:63:2c:0a:96:7a:fb:60:32:a7:7d:30:10:cf:
93:cc:84:44:3f:97:69:da:cc:5d:da:ff:1c:de:7e:
d1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9E:17:2F:C4:FC:53:EC:B8:5E:AC:31:6C:12:1F:4E:BC:68:73:CD
X509v3 Authority Key Identifier:
keyid:7A:67:35:B7:A5:53:A1:68:0C:11:AD:D3:E4:8C:36:35:B5:39:79:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/_p4XL8T8U-y4XqwxbBIfTrxoc80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/emc1t6VToWgMEa3T5Iw2NbU5eco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.232.0/22
85.234.242.0-85.234.247.255
185.31.240.0/22
217.146.64.0/20
IPv6:
2a02:29e8::/32
2a02:29ea:14::/48
2a02:29ea:1e::/48
Signature Algorithm: sha256WithRSAEncryption
2d:67:eb:a6:41:92:ea:35:65:6d:dc:42:ba:ea:52:02:37:46:
d6:41:7a:5a:9b:02:12:29:02:c0:db:0a:70:81:b3:71:fa:0e:
e8:7a:35:ff:6b:aa:b7:65:4b:21:4b:1b:a2:a3:69:4b:05:bc:
62:a0:9f:73:8f:ef:04:2b:4e:8b:9e:1b:ca:c3:b7:49:47:f3:
21:51:58:c8:dd:43:c9:df:97:af:43:f6:1f:01:f2:68:60:27:
75:ae:c9:35:6e:8e:7c:c8:f7:22:ce:55:31:49:98:a1:02:50:
45:79:f1:cb:25:06:18:d9:d1:e5:d3:9f:7e:5c:79:e0:34:d2:
a1:2e:33:07:c4:8a:7f:b9:25:94:08:52:be:66:18:d0:03:73:
e4:d6:42:58:1e:1b:bd:0b:a6:81:65:ff:f5:83:e4:2c:a0:2e:
7d:2f:73:bb:9b:bf:bf:3f:25:38:4c:8c:ad:34:d9:b0:d6:ef:
90:e8:03:7b:32:44:79:76:0f:92:a6:e3:e4:15:f9:8e:0c:f2:
eb:8d:c4:6b:bf:40:b2:b8:b8:f0:71:d3:6a:6e:d8:9c:75:66:
10:e1:b6:7e:88:46:48:ed:5b:f1:e1:79:94:ae:f3:47:3c:5b:
1c:40:a5:32:94:03:44:e5:90:11:70:df:3b:d2:fc:cb:d5:5a:
d9:d7:3b:7a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEGx9kOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTY3MzViN2E1NTNhMTY4MGMxMWFkZDNlNDhjMzYzNWI1Mzk3OWNhMB4XDTIyMDEw
MTExMDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmU5ZTE3MmZjNGZj
NTNlY2I4NWVhYzMxNmMxMjFmNGViYzY4NzNjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdd6MZBnYMLZ4MyB3DP+XvXaXs/N1WhNjJVyoc8S3brY6eA
3k6ywdYhHBE30Av3iK59FZtE/Sim+MBmbpwAz3uRGmq7E0/NrHYrYUxU2huaMFm6
Y8KmgrAtsfy9yMm3Mq+b3amEKmEGcySbzTaFLXdXKaXaF9tcbKdwqZ43wafCc34r
Zo8iwGhIUFkGX7XvuBNs5EkVTwh2N+Jb+JMb5gV7pRPgiNcaWh/KMP+NRK5CFmC7
J8oEIkqgeblApx3BDXZDggp32REDpMWEt52NCzEDszrNveaqOHPxJGYSComBtfhj
LAqWevtgMqd9MBDPk8yERD+XadrMXdr/HN5+0e0CAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBT+nhcvxPxT7LherDFsEh9OvGhzzTAfBgNVHSMEGDAWgBR6ZzW3pVOhaAwR
rdPkjDY1tTl5yjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VtYzF0NlZUb1dnTUVhM1Q1SXcyTmJVNWVjby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvYmIyNjQ3LTA5NTAtNDZhNC1iNTZkLTM0ZWI2N2I0NzVmNi8x
L19wNFhMOFQ4VS15NFhxd3hiQklmVHJ4b2M4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
YmIyNjQ3LTA5NTAtNDZhNC1iNTZkLTM0ZWI2N2I0NzVmNi8xL2VtYzF0NlZUb1dn
TUVhM1Q1SXcyTmJVNWVjby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwJgQCAAEwIAMEAlXe6DAMAwQBVeryAwQDVerwAwQC
uR/wAwQE2ZJAMB8EAgACMBkDBQAqAinoAwcAKgIp6gAUAwcAKgIp6gAeMA0GCSqG
SIb3DQEBCwUAA4IBAQAtZ+umQZLqNWVt3EK66lICN0bWQXpamwISKQLA2wpwgbNx
+g7oejX/a6q3ZUshSxuio2lLBbxioJ9zj+8EK06LnhvKw7dJR/MhUVjI3UPJ35ev
Q/YfAfJoYCd1rsk1bo58yPcizlUxSZihAlBFefHLJQYY2dHl059+XHngNNKhLjMH
xIp/uSWUCFK+ZhjQA3Pk1kJYHhu9C6aBZf/1g+QsoC59L3O7m7+/PyU4TIytNNmw
1u+Q6AN7MkR5dg+SpuPkFfmODPLrjcRrv0CyuLjwcdNqbticdWYQ4bZ+iEZI7Vvx
4XmUrvNHPFscQKUylANE5ZARcN870vzL1VrZ1zt6
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:21:33 2025 by rpki-client