Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/05lEOHz6WlhCnM8iu9xvcn8VHig.roa
File: 05lEOHz6WlhCnM8iu9xvcn8VHig.roa (raw, json)
Hash identifier: HcuSBeTPYemHbzkDuAJQ+jiYp5hr3U4Lg9gwb/JKQ60=
Subject key identifier: D3:99:44:38:7C:FA:5A:58:42:9C:CF:22:BB:DC:6F:72:7F:15:1E:28
Certificate issuer: /CN=edafdca6eace4f1293223b02eebc278243869b7b
Certificate serial: 0ACBAEA4
Authority key identifier: ED:AF:DC:A6:EA:CE:4F:12:93:22:3B:02:EE:BC:27:82:43:86:9B:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7a_cpurOTxKTIjsC7rwngkOGm3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/05lEOHz6WlhCnM8iu9xvcn8VHig.roa
Signing time: Sat 01 Jan 2022 09:02:56 +0000
ROA not before: Sat 01 Jan 2022 09:02:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1902
IP address blocks: 185.156.128.0/24 maxlen: 24
185.156.130.0/23 maxlen: 23
185.156.129.0/24 maxlen: 24
2a07:9e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181120676 (0xacbaea4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edafdca6eace4f1293223b02eebc278243869b7b
Validity
Not Before: Jan 1 09:02:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d39944387cfa5a58429ccf22bbdc6f727f151e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9a:90:f8:ba:bd:b8:45:f9:78:1c:70:a0:de:
a7:83:e5:6b:f7:fd:06:6a:f3:75:92:b3:35:3f:4e:
13:60:2e:23:e7:8f:bc:a2:fe:1c:f9:5b:a6:93:21:
a1:9c:a4:de:9c:86:ca:1e:ee:2b:40:c8:22:e0:09:
71:11:ed:5a:7b:22:84:bb:70:0c:18:75:84:20:28:
47:2c:ef:96:b4:f3:28:3d:87:fb:d4:94:9b:d9:7c:
56:03:9a:b2:7e:2c:85:b9:36:98:22:c9:f4:af:cd:
b0:c3:c8:8b:78:d6:a9:86:7f:71:b7:16:65:59:ae:
05:93:07:69:10:2e:be:b2:b8:8b:74:a6:78:aa:cb:
74:d7:ca:b6:c4:8c:f3:8e:bf:86:35:31:0d:c2:66:
1b:4f:0c:e2:07:8e:84:65:ac:65:e9:0f:9c:c4:ee:
60:df:12:69:44:84:84:62:a8:9f:f7:cc:da:bd:83:
ee:2f:d1:7b:2a:99:1d:64:74:5e:a3:98:38:71:d0:
7d:b2:26:97:6c:ce:1a:a8:81:5a:4d:62:18:01:9d:
1e:0b:a6:a9:2c:ac:d2:26:b3:97:a5:5c:01:9f:ec:
d7:20:64:96:55:bc:ca:32:30:69:98:98:9c:71:63:
de:7d:17:28:35:77:bb:16:31:16:55:42:1a:58:54:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:99:44:38:7C:FA:5A:58:42:9C:CF:22:BB:DC:6F:72:7F:15:1E:28
X509v3 Authority Key Identifier:
keyid:ED:AF:DC:A6:EA:CE:4F:12:93:22:3B:02:EE:BC:27:82:43:86:9B:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a_cpurOTxKTIjsC7rwngkOGm3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/05lEOHz6WlhCnM8iu9xvcn8VHig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/7a_cpurOTxKTIjsC7rwngkOGm3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.128.0/22
IPv6:
2a07:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
2d:d4:db:6a:86:3c:ba:8c:d9:eb:8b:3f:b0:18:a0:9b:d2:61:
9c:c9:2a:1e:fa:7f:2a:d0:2c:b5:36:fd:e7:bf:1b:c7:71:7f:
26:da:1e:75:95:fb:92:7c:2f:f8:ab:24:d2:88:e0:39:85:57:
a7:b2:07:27:96:d5:87:d6:23:de:f8:e7:36:6d:c2:bd:ae:36:
f1:29:31:e5:e6:81:94:37:dc:17:20:f4:d5:03:55:8d:a0:80:
42:c3:5a:07:ab:b0:54:87:a1:17:80:dc:41:e6:4f:88:10:22:
d5:05:99:56:9f:f6:8f:48:34:73:83:02:f1:9d:72:e7:7f:e3:
8e:29:a9:d6:5a:cf:11:33:4b:28:98:2f:df:b2:63:e9:34:22:
78:0f:19:70:7a:51:30:0d:e8:04:81:89:af:1c:92:d2:5c:fb:
9e:5a:d1:1f:bb:7d:c3:7f:e1:3f:be:81:2b:17:2d:26:0f:ba:
d5:3f:e4:45:10:c1:2c:bf:37:88:fa:44:6b:9e:61:18:09:bd:
e9:df:4d:a6:3b:f6:ab:49:53:2b:af:9f:26:9d:be:dc:eb:11:
6b:3d:28:0d:6f:43:e5:d4:7f:28:ab:56:24:35:ab:f7:f9:e2:
e3:f9:c6:2b:ce:62:09:de:09:1b:b2:40:c9:ac:97:51:57:b7:
41:cf:7b:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECsuupDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZGFmZGNhNmVhY2U0ZjEyOTMyMjNiMDJlZWJjMjc4MjQzODY5YjdiMB4XDTIyMDEw
MTA5MDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM5OTQ0Mzg3Y2Zh
NWE1ODQyOWNjZjIyYmJkYzZmNzI3ZjE1MWUyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmakPi6vbhF+XgccKDep4Pla/f9BmrzdZKzNT9OE2AuI+eP
vKL+HPlbppMhoZyk3pyGyh7uK0DIIuAJcRHtWnsihLtwDBh1hCAoRyzvlrTzKD2H
+9SUm9l8VgOasn4shbk2mCLJ9K/NsMPIi3jWqYZ/cbcWZVmuBZMHaRAuvrK4i3Sm
eKrLdNfKtsSM846/hjUxDcJmG08M4geOhGWsZekPnMTuYN8SaUSEhGKon/fM2r2D
7i/ReyqZHWR0XqOYOHHQfbIml2zOGqiBWk1iGAGdHgumqSys0iazl6VcAZ/s1yBk
llW8yjIwaZiYnHFj3n0XKDV3uxYxFlVCGlhUv3MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTTmUQ4fPpaWEKczyK73G9yfxUeKDAfBgNVHSMEGDAWgBTtr9ym6s5PEpMi
OwLuvCeCQ4abezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdhX2NwdXJPVHhLVElqc0M3cnduZ2tPR20zcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvYjQ3NmY5LWQyNDItNDY1YS04NzQ4LTVmMWRjMGEwYmZjZi8x
LzA1bEVPSHo2V2xoQ25NOGl1OXh2Y244VkhpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
YjQ3NmY5LWQyNDItNDY1YS04NzQ4LTVmMWRjMGEwYmZjZi8xLzdhX2NwdXJPVHhL
VElqc0M3cnduZ2tPR20zcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmcgDANBAIAAjAHAwUDKgeeQDAN
BgkqhkiG9w0BAQsFAAOCAQEALdTbaoY8uozZ64s/sBigm9JhnMkqHvp/KtAstTb9
578bx3F/JtoedZX7knwv+Ksk0ojgOYVXp7IHJ5bVh9Yj3vjnNm3Cva428Skx5eaB
lDfcFyD01QNVjaCAQsNaB6uwVIehF4DcQeZPiBAi1QWZVp/2j0g0c4MC8Z1y53/j
jimp1lrPETNLKJgv37Jj6TQieA8ZcHpRMA3oBIGJrxyS0lz7nlrRH7t9w3/hP76B
KxctJg+61T/kRRDBLL83iPpEa55hGAm96d9Npjv2q0lTK6+fJp2+3OsRaz0oDW9D
5dR/KKtWJDWr9/ni4/nGK85iCd4JG7JAyayXUVe3Qc97LQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:33 2025 by rpki-client