Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9Jbl3vBrxpZa_Zi5SvA59wy5ZbY.roa
File: 9Jbl3vBrxpZa_Zi5SvA59wy5ZbY.roa (raw, json)
Hash identifier: cpCna71WflFarLKCCP/zR1EYdKAye2BnnevJlbCHNbE=
Subject key identifier: F4:96:E5:DE:F0:6B:C6:96:5A:FD:98:B9:4A:F0:39:F7:0C:B9:65:B6
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018907B397D5578972A9C2F0157F1B3AF4A0
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9Jbl3vBrxpZa_Zi5SvA59wy5ZbY.roa
Signing time: Thu 29 Jun 2023 15:09:17 +0000
ROA not before: Thu 29 Jun 2023 15:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 86.107.51.0/24 maxlen: 24
89.34.202.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.37.195.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:07:b3:97:d5:57:89:72:a9:c2:f0:15:7f:1b:3a:f4:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 29 15:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f496e5def06bc6965afd98b94af039f70cb965b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e1:24:53:8b:9b:11:e8:76:c6:8b:75:78:30:
e6:ed:87:72:0a:34:46:51:c8:00:ca:4d:02:ba:60:
35:2e:41:26:7d:d8:c1:19:60:70:47:83:71:a6:28:
30:b5:56:43:5a:76:99:f3:17:1e:81:e8:05:ea:6b:
aa:18:ed:1a:23:13:c3:3c:f6:53:ff:5b:78:ad:1a:
68:46:25:10:c3:77:b3:19:21:2a:90:46:ff:de:a1:
3f:83:f0:e1:aa:fc:ff:6c:59:ca:58:e3:ee:e4:6c:
72:18:7d:ad:a2:be:8e:cd:95:78:ed:a8:ba:a7:62:
71:b8:00:be:ae:98:ea:3a:c5:42:34:bf:fe:e5:a2:
45:76:94:4d:5f:ad:25:b4:cf:af:5c:4e:a9:25:69:
56:e1:41:cd:4f:52:17:56:e8:ca:aa:4f:dc:5c:26:
0b:41:d7:2b:8a:97:d6:e2:b1:75:7b:77:7e:1f:56:
d1:4e:a5:0f:ef:0a:be:59:fd:17:7e:dc:4e:52:76:
df:72:e7:93:a2:44:87:db:14:f2:c2:be:13:1b:51:
93:36:e8:b2:f4:08:4b:36:1e:75:bb:6c:c0:46:93:
9b:5d:ee:7d:ec:f4:79:9a:28:fe:2e:e1:43:a5:36:
0b:4d:72:70:57:e7:68:fe:f9:d7:67:f3:d2:24:a7:
af:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:96:E5:DE:F0:6B:C6:96:5A:FD:98:B9:4A:F0:39:F7:0C:B9:65:B6
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9Jbl3vBrxpZa_Zi5SvA59wy5ZbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.237.0/24
85.204.18.0/24
86.105.4.0/24
86.107.51.0/24
89.34.202.0/24
89.36.140.0/24
89.37.195.0/24
89.40.36.0/24
89.45.35.0/24
Signature Algorithm: sha256WithRSAEncryption
55:30:16:9a:08:3c:9c:d5:5a:cb:81:08:48:44:65:57:6d:e6:
d7:b8:a4:b7:3b:ff:cb:d6:87:f1:9f:82:2f:9a:b4:59:d4:34:
75:f7:c1:1e:d3:58:97:cc:40:74:05:3d:97:67:2b:cd:4b:41:
68:24:cf:32:c7:17:e6:f5:d9:79:e9:3a:2e:52:48:32:04:a3:
79:5b:01:46:37:6d:f2:ea:61:9d:49:04:c7:4d:e5:8a:fd:bb:
90:22:8f:e2:7a:9f:01:f5:e4:ed:8a:29:5a:bb:4a:6d:e6:92:
19:8f:34:d1:ce:5c:6d:2f:b6:f2:0a:87:6e:b4:ec:2b:0a:bf:
f3:93:ff:cb:40:2c:e8:7e:e4:1f:7a:71:c8:ee:ce:6a:a7:6f:
fa:36:60:f6:1d:6e:9d:a6:7d:b3:55:03:ca:9a:1f:e3:ff:6b:
f2:22:29:44:d5:3e:cc:b6:f3:97:80:f5:e4:88:66:9e:d7:5c:
1d:16:69:a8:09:63:92:04:01:74:a9:54:4e:5a:8f:70:38:28:
f6:ca:f7:4b:af:39:7f:9d:5b:ab:e5:7d:90:64:71:d7:6d:a7:
c1:62:f9:8c:65:04:b9:67:f3:97:d4:54:e3:e5:79:ca:bc:c0:
9a:54:40:b0:8a:c3:cd:7b:c2:38:cb:d7:2f:6a:7a:3d:fa:b8:
c6:a1:0f:94
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYkHs5fVV4lyqcLwFX8bOvSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjI5MTUwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk2ZTVkZWYwNmJjNjk2NWFmZDk4Yjk0YWYwMzlmNzBjYjk2NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuEkU4ubEeh2xot1eDDm7YdyCjRG
UcgAyk0CumA1LkEmfdjBGWBwR4NxpigwtVZDWnaZ8xcegegF6muqGO0aIxPDPPZT
/1t4rRpoRiUQw3ezGSEqkEb/3qE/g/Dhqvz/bFnKWOPu5GxyGH2tor6OzZV47ai6
p2JxuAC+rpjqOsVCNL/+5aJFdpRNX60ltM+vXE6pJWlW4UHNT1IXVujKqk/cXCYL
QdcripfW4rF1e3d+H1bRTqUP7wq+Wf0XftxOUnbfcueTokSH2xTywr4TG1GTNuiy
9AhLNh51u2zARpObXe597PR5mij+LuFDpTYLTXJwV+do/vnXZ/PSJKevKwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPSW5d7wa8aWWv2YuUrwOfcMuWW2MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvOUpibDN2QnJ4cFphX1ppNVN2QTU5d3k1WmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALmbtAwQA
VcwSAwQAVmkEAwQAVmszAwQAWSLKAwQAWSSMAwQAWSXDAwQAWSgkAwQAWS0jMA0G
CSqGSIb3DQEBCwUAA4IBAQBVMBaaCDyc1VrLgQhIRGVXbebXuKS3O//L1ofxn4Iv
mrRZ1DR198Ee01iXzEB0BT2XZyvNS0FoJM8yxxfm9dl56TouUkgyBKN5WwFGN23y
6mGdSQTHTeWK/buQIo/iep8B9eTtiilau0pt5pIZjzTRzlxtL7byCodutOwrCr/z
k//LQCzofuQfenHI7s5qp2/6NmD2HW6dpn2zVQPKmh/j/2vyIilE1T7MtvOXgPXk
iGae11wdFmmoCWOSBAF0qVROWo9wOCj2yvdLrzl/nVur5X2QZHHXbafBYvmMZQS5
Z/OX1FTj5XnKvMCaVECwisPNe8I4y9cvano9+rjGoQ+U
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:26 2025 by rpki-client