Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/0fgL05y8aKGBGlRht84OoCnxAIE.roa
File: 0fgL05y8aKGBGlRht84OoCnxAIE.roa (raw, json)
Hash identifier: /+hGEurHVOMXwpq1wZMOd+o/IjDQn8DhQk+NWl+dcyI=
Subject key identifier: D1:F8:0B:D3:9C:BC:68:A1:81:1A:54:61:B7:CE:0E:A0:29:F1:00:81
Certificate issuer: /CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Certificate serial: 01856F14F1BF924B3A6ECF7B33B6AC4A7502
Authority key identifier: 17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/0fgL05y8aKGBGlRht84OoCnxAIE.roa
Signing time: Sun 01 Jan 2023 20:45:21 +0000
ROA not before: Sun 01 Jan 2023 20:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201695
IP address blocks: 94.40.87.0/24 maxlen: 24
82.160.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:f1:bf:92:4b:3a:6e:cf:7b:33:b6:ac:4a:75:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Validity
Not Before: Jan 1 20:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1f80bd39cbc68a1811a5461b7ce0ea029f10081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:38:62:cb:bd:7b:00:b5:f7:c0:ef:62:44:02:
07:1a:e2:e8:71:b8:21:32:21:44:8d:d5:51:e6:3d:
dc:a4:7f:cb:1b:f1:15:9b:7d:d5:dc:ba:4f:39:29:
f6:3f:a7:da:f0:f7:35:13:de:98:6e:60:94:8b:6e:
21:74:8a:8c:42:f0:03:11:3d:ef:7a:22:15:fb:fb:
73:26:8e:ee:22:1e:23:c6:03:a0:30:94:0c:70:f0:
6d:76:8f:0f:98:63:c6:c1:18:3f:eb:75:86:fc:3f:
38:af:dd:ae:18:c8:b8:fd:0f:ea:99:66:86:ac:37:
cb:b0:d7:03:d5:d8:07:6b:a9:93:f3:0c:e5:98:7a:
ab:ac:fa:75:f3:55:7a:a0:8c:84:fc:dc:f1:d8:59:
d9:61:f3:69:51:71:29:b2:64:ea:04:e1:9e:1d:52:
46:a0:9f:b5:6f:c1:15:db:3d:75:77:05:91:d4:bf:
5e:66:3c:3a:af:8a:eb:d4:d8:bf:b8:1b:bc:cf:55:
e9:9f:7a:6c:b5:00:b5:86:70:f3:74:11:fc:7a:f2:
0c:61:4f:35:8d:00:c8:a9:89:a3:5a:e0:54:6c:35:
01:6d:93:47:b6:8f:7f:10:cc:06:99:f1:e1:a7:6a:
d8:3c:d2:12:fb:b0:41:b3:cd:ba:71:7d:ca:43:5a:
84:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F8:0B:D3:9C:BC:68:A1:81:1A:54:61:B7:CE:0E:A0:29:F1:00:81
X509v3 Authority Key Identifier:
keyid:17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/0fgL05y8aKGBGlRht84OoCnxAIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.160.134.0/24
94.40.87.0/24
Signature Algorithm: sha256WithRSAEncryption
64:5a:d2:dd:d0:44:f4:a2:30:12:09:44:05:87:2f:e2:5f:07:
e4:3e:79:d6:5e:c2:21:d4:2b:66:3a:e1:11:35:96:e7:8d:77:
97:15:6b:e8:5e:c2:2f:39:b1:eb:41:e4:b0:92:80:06:db:28:
47:15:10:15:80:36:e5:5c:c1:99:e8:84:1f:e9:8a:30:3e:1f:
c7:6c:8a:7a:c4:17:16:3f:21:9e:15:94:90:61:d5:96:07:f4:
a4:33:2d:8a:80:68:67:6b:f2:e0:7e:fd:c5:26:3f:0f:42:ed:
bc:30:cd:7c:21:36:68:65:38:b6:eb:6f:a0:71:a7:4e:11:90:
54:87:a5:13:60:d0:40:bc:b5:1b:df:e4:ce:26:3a:11:bd:70:
f1:a2:b8:29:e2:7f:46:02:fd:8a:57:8f:12:4e:04:ba:e3:a2:
93:5c:73:53:11:37:f4:61:69:39:e8:76:ca:c4:67:f4:28:53:
b6:0b:82:11:c9:7b:da:d0:a1:26:65:c0:7f:bf:09:9b:e6:ed:
19:b9:76:fa:a2:e9:d7:33:23:ce:12:eb:70:6c:fa:87:89:71:
16:54:b4:38:e8:25:57:8a:19:52:2c:fa:64:a5:fa:69:91:f3:
8b:6c:a0:08:c8:ea:2c:2d:e1:59:11:e5:f0:54:7b:f2:dd:d8:
4e:58:7f:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFPG/kks6bs97M7asSnUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTMwMWRjYzdmYWU0ZjdjZTAxZTQ5ODdhNzdjYjgyYTMz
NmFiZmYwHhcNMjMwMTAxMjA0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWY4MGJkMzljYmM2OGExODExYTU0NjFiN2NlMGVhMDI5ZjEwMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDhiy717ALX3wO9iRAIHGuLocbgh
MiFEjdVR5j3cpH/LG/EVm33V3LpPOSn2P6fa8Pc1E96YbmCUi24hdIqMQvADET3v
eiIV+/tzJo7uIh4jxgOgMJQMcPBtdo8PmGPGwRg/63WG/D84r92uGMi4/Q/qmWaG
rDfLsNcD1dgHa6mT8wzlmHqrrPp181V6oIyE/Nzx2FnZYfNpUXEpsmTqBOGeHVJG
oJ+1b8EV2z11dwWR1L9eZjw6r4rr1Ni/uBu8z1Xpn3pstQC1hnDzdBH8evIMYU81
jQDIqYmjWuBUbDUBbZNHto9/EMwGmfHhp2rYPNIS+7BBs826cX3KQ1qEXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNH4C9OcvGihgRpUYbfODqAp8QCBMB8GA1UdIwQY
MBaAFBeTAdzH+uT3zgHkmHp3y4KjNqv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQt
YWZmOTJjMTZkOGUzLzEvMGZnTDA1eThhS0dCR2xSaHQ4NE9vQ254QUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQtYWZmOTJjMTZkOGUz
LzEvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUqCGAwQA
XihXMA0GCSqGSIb3DQEBCwUAA4IBAQBkWtLd0ET0ojASCUQFhy/iXwfkPnnWXsIh
1CtmOuERNZbnjXeXFWvoXsIvObHrQeSwkoAG2yhHFRAVgDblXMGZ6IQf6YowPh/H
bIp6xBcWPyGeFZSQYdWWB/SkMy2KgGhna/Lgfv3FJj8PQu28MM18ITZoZTi262+g
cadOEZBUh6UTYNBAvLUb3+TOJjoRvXDxorgp4n9GAv2KV48STgS646KTXHNTETf0
YWk56HbKxGf0KFO2C4IRyXva0KEmZcB/vwmb5u0ZuXb6ounXMyPOEutwbPqHiXEW
VLQ46CVXihlSLPpkpfppkfOLbKAIyOosLeFZEeXwVHvy3dhOWH+z
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:35 2025 by rpki-client