Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/58Ya-g-gTNz_poa20mzK7CwTrGU.roa
File: 58Ya-g-gTNz_poa20mzK7CwTrGU.roa (raw, json)
Hash identifier: jmhRMaGlaOWST2UA/FwOJsrsuVD8Yx3GIu6Ys6NdsLg=
Subject key identifier: E7:C6:1A:FA:0F:A0:4C:DC:FF:A6:86:B6:D2:6C:CA:EC:2C:13:AC:65
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 018B418090E9B48F315BBCDA27A238D737AA
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/58Ya-g-gTNz_poa20mzK7CwTrGU.roa
Signing time: Wed 18 Oct 2023 06:37:06 +0000
ROA not before: Wed 18 Oct 2023 06:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198252
IP address blocks: 94.250.38.0/24 maxlen: 24
94.250.37.0/24 maxlen: 24
94.250.39.0/24 maxlen: 24
94.250.44.0/22 maxlen: 22
94.250.42.0/23 maxlen: 23
94.250.40.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:80:90:e9:b4:8f:31:5b:bc:da:27:a2:38:d7:37:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Oct 18 06:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7c61afa0fa04cdcffa686b6d26ccaec2c13ac65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ce:86:a3:f5:1f:75:88:13:b0:c1:94:e4:af:
09:f5:3e:3c:97:05:a1:2a:cb:8b:0e:01:58:e5:d6:
df:90:68:b6:f8:1a:a0:bb:72:18:b6:a2:60:88:12:
33:7a:8f:d4:da:ba:4b:cc:1b:b2:3a:a6:e5:0c:05:
0a:96:f9:8f:a4:96:ec:5c:b4:c9:a2:9e:9d:34:e8:
71:74:6d:78:5a:2c:28:22:8b:80:b1:0e:19:b4:cf:
78:a8:54:04:e3:f0:91:3d:ce:2c:b1:88:1e:ed:3e:
75:88:5a:5a:74:b2:1f:04:c8:aa:06:64:ab:2b:83:
80:a6:17:0e:52:1d:7e:32:ef:db:77:f5:d8:7e:83:
f2:be:cd:86:80:40:b3:f2:7a:70:e3:32:9f:ce:3a:
03:aa:62:98:e1:47:91:ac:96:c2:fb:76:59:48:db:
29:9c:44:0d:97:3c:1d:8d:e2:4d:8a:8f:a9:b6:5f:
3e:78:67:11:37:36:73:ab:dd:db:13:60:12:f9:b2:
77:96:75:b5:42:4f:ca:a1:06:ca:7e:92:89:82:62:
e4:ee:95:5f:d1:b6:d0:9a:2d:b5:b7:0b:ee:d2:db:
e5:8e:e3:4e:da:f8:c5:4e:5d:1b:ed:b1:ca:56:8c:
3f:e2:7a:1b:cd:d6:f6:ac:87:3a:7c:6b:39:2e:3c:
c2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C6:1A:FA:0F:A0:4C:DC:FF:A6:86:B6:D2:6C:CA:EC:2C:13:AC:65
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/58Ya-g-gTNz_poa20mzK7CwTrGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.37.0-94.250.47.255
Signature Algorithm: sha256WithRSAEncryption
1e:0d:95:47:57:a9:16:8d:2e:a8:6a:8c:64:9b:0c:c9:56:1c:
81:c1:f7:b8:7f:4d:35:91:95:1e:96:ae:2a:0f:8d:97:df:c6:
ba:27:83:b1:dd:92:4d:1b:dc:32:8d:ae:bb:38:6e:dd:d4:00:
b5:62:a6:88:32:3e:37:4e:4d:ce:90:a5:b8:8b:d4:cd:0a:a9:
6a:35:58:8b:58:2b:06:21:52:ca:80:d8:60:c0:ed:20:42:ff:
42:26:7a:47:f2:2b:d3:13:06:27:37:19:94:2a:5f:41:6f:38:
54:d3:ec:01:3e:69:c2:2d:d3:55:e9:eb:d6:c3:45:59:ca:93:
87:c3:eb:45:17:cb:71:41:91:d8:f8:fc:e1:53:e4:72:0a:23:
e6:ad:32:65:41:97:5f:e4:9d:b5:91:40:ec:a4:0b:7b:65:88:
32:79:5e:11:c8:ce:8e:e8:c6:d8:39:d5:30:8e:9d:aa:95:8b:
aa:a6:19:cf:74:25:8d:e6:8b:1d:6e:19:d9:f8:44:40:aa:a5:
3f:35:1d:00:88:4c:7d:44:df:0f:89:e9:52:34:84:7b:19:dc:
ba:3d:f4:10:54:b2:1e:78:d8:66:93:aa:a0:fa:24:c0:0a:e9:
65:e1:01:5a:43:59:eb:21:51:50:46:c9:f8:bb:7e:26:41:da:
2a:58:a9:11
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtBgJDptI8xW7zaJ6I41zeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjMxMDE4MDYzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2M2MWFmYTBmYTA0Y2RjZmZhNjg2YjZkMjZjY2FlYzJjMTNhYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic6Go/UfdYgTsMGU5K8J9T48lwWh
KsuLDgFY5dbfkGi2+Bqgu3IYtqJgiBIzeo/U2rpLzBuyOqblDAUKlvmPpJbsXLTJ
op6dNOhxdG14WiwoIouAsQ4ZtM94qFQE4/CRPc4ssYge7T51iFpadLIfBMiqBmSr
K4OAphcOUh1+Mu/bd/XYfoPyvs2GgECz8npw4zKfzjoDqmKY4UeRrJbC+3ZZSNsp
nEQNlzwdjeJNio+ptl8+eGcRNzZzq93bE2AS+bJ3lnW1Qk/KoQbKfpKJgmLk7pVf
0bbQmi21twvu0tvljuNO2vjFTl0b7bHKVow/4nobzdb2rIc6fGs5LjzCSQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOfGGvoPoEzc/6aGttJsyuwsE6xlMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvNThZYS1nLWdUTnpfcG9hMjBteks3Q3dUckdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABe+iUD
BARe+iAwDQYJKoZIhvcNAQELBQADggEBAB4NlUdXqRaNLqhqjGSbDMlWHIHB97h/
TTWRlR6WrioPjZffxrong7Hdkk0b3DKNrrs4bt3UALVipogyPjdOTc6QpbiL1M0K
qWo1WItYKwYhUsqA2GDA7SBC/0ImekfyK9MTBic3GZQqX0FvOFTT7AE+acIt01Xp
69bDRVnKk4fD60UXy3FBkdj4/OFT5HIKI+atMmVBl1/knbWRQOykC3tliDJ5XhHI
zo7oxtg51TCOnaqVi6qmGc90JY3mix1uGdn4RECqpT81HQCITH1E3w+J6VI0hHsZ
3Lo99BBUsh542GaTqqD6JMAK6WXhAVpDWeshUVBGyfi7fiZB2ipYqRE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:26 2025 by rpki-client