Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/4sFwnnsdPz6ZzmtMvLYtHFHKfxI.roa
File: 4sFwnnsdPz6ZzmtMvLYtHFHKfxI.roa (raw, json)
Hash identifier: iNnwPJ9C+Edc39X1iIKHgdGfRKaVAxThhNajucWa+Ws=
Subject key identifier: E2:C1:70:9E:7B:1D:3F:3E:99:CE:6B:4C:BC:B6:2D:1C:51:CA:7F:12
Certificate issuer: /CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Certificate serial: 043C0534
Authority key identifier: 88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/4sFwnnsdPz6ZzmtMvLYtHFHKfxI.roa
Signing time: Sat 01 Jan 2022 00:53:38 +0000
ROA not before: Sat 01 Jan 2022 00:53:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206011
IP address blocks: 185.199.10.0/24 maxlen: 24
185.199.8.0/24 maxlen: 24
185.199.9.0/24 maxlen: 24
80.244.44.0/22 maxlen: 22
80.244.40.0/22 maxlen: 22
80.244.40.0/21 maxlen: 21
2a0a:9740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71042356 (0x43c0534)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Validity
Not Before: Jan 1 00:53:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2c1709e7b1d3f3e99ce6b4cbcb62d1c51ca7f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8f:8d:12:42:8a:9d:30:f5:73:86:f2:69:63:
99:b1:e5:6d:a6:02:b8:02:cf:45:78:b3:93:83:c9:
d7:a6:a4:27:7e:0f:39:fb:d7:04:66:40:d0:59:b8:
3d:b0:e9:13:39:38:d9:7c:c7:05:43:98:77:59:7c:
f1:ff:58:30:46:ad:c7:63:02:8f:d6:a5:3d:1f:80:
3f:df:81:a2:b5:63:06:f9:11:87:b3:b2:22:cb:7d:
79:d3:81:c7:b8:cc:95:19:2a:e9:17:f4:a2:fa:3f:
02:06:0b:ce:bb:11:fa:46:58:bf:56:94:bd:a5:f7:
a3:59:d7:6e:d0:92:e1:c8:81:d5:cf:50:28:ac:5a:
b8:28:68:11:44:4e:42:d1:94:95:95:49:06:78:a7:
8d:20:e3:76:ec:4c:d4:fc:0e:a1:9f:25:5e:1f:16:
10:ca:26:75:00:bf:d7:df:df:10:b4:05:a2:14:e7:
aa:64:0e:18:ef:df:62:4e:3d:8d:0c:bd:1a:f5:85:
66:b0:78:fe:eb:b7:ef:b2:21:f1:fe:a7:5c:d2:8f:
70:ca:2a:6c:e2:27:0b:c5:fe:b0:22:22:bd:03:06:
91:63:93:1f:72:3f:a8:91:12:5f:ff:ba:d7:69:b0:
1f:39:e1:5f:e2:0e:03:47:7d:32:3e:53:32:9a:9b:
42:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C1:70:9E:7B:1D:3F:3E:99:CE:6B:4C:BC:B6:2D:1C:51:CA:7F:12
X509v3 Authority Key Identifier:
keyid:88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/4sFwnnsdPz6ZzmtMvLYtHFHKfxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.40.0/21
185.199.8.0-185.199.10.255
IPv6:
2a0a:9740::/32
Signature Algorithm: sha256WithRSAEncryption
60:a3:ec:d4:c1:08:99:e8:48:2e:41:05:10:26:fb:8c:68:a4:
c8:65:7b:26:eb:c3:5a:1a:2a:94:65:f3:11:3e:c2:0f:8e:c0:
4e:c3:71:f4:bb:b2:99:f6:e8:f5:d2:85:fb:58:87:5d:22:09:
da:40:8e:8d:90:4b:1a:4a:72:c9:f1:83:d0:44:6d:30:db:7a:
4c:67:32:77:53:3a:bc:ed:29:d0:c4:7b:ec:4e:14:00:f7:b8:
d2:83:2d:66:40:02:cb:7b:04:41:7e:4e:33:14:3e:82:98:0d:
b0:1c:f9:1c:4d:84:e6:e8:b6:9a:38:a3:ed:64:55:78:a9:29:
41:cd:42:93:dd:fa:e6:34:af:4f:be:31:c3:97:f9:8b:b6:ca:
96:8e:78:16:a5:fd:ba:3f:bf:51:19:bb:0d:41:5f:b5:c2:d4:
76:66:48:0e:a4:42:4d:43:1e:4d:6c:06:5d:47:f8:7f:b6:71:
76:0e:7f:24:04:96:e4:a6:17:0f:37:9f:a4:da:6a:d6:91:2d:
3e:9a:cc:f7:16:21:91:76:bd:90:37:12:d1:e3:9e:e3:58:f5:
45:31:ca:d4:17:49:95:6a:70:a0:fe:73:66:d2:02:5d:20:52:
2e:19:8e:90:c7:53:30:8a:ca:c5:f5:bf:5d:82:19:bd:3b:cf:
ba:29:c0:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBDwFNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODJmYTAxOTAyZjRlOGMzNDdmMjExNmU0NjQ1ZGExYTZiNGUwOTYyMB4XDTIyMDEw
MTAwNTMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJjMTcwOWU3YjFk
M2YzZTk5Y2U2YjRjYmNiNjJkMWM1MWNhN2YxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6PjRJCip0w9XOG8mljmbHlbaYCuALPRXizk4PJ16akJ34P
OfvXBGZA0Fm4PbDpEzk42XzHBUOYd1l88f9YMEatx2MCj9alPR+AP9+BorVjBvkR
h7OyIst9edOBx7jMlRkq6Rf0ovo/AgYLzrsR+kZYv1aUvaX3o1nXbtCS4ciB1c9Q
KKxauChoEUROQtGUlZVJBninjSDjduxM1PwOoZ8lXh8WEMomdQC/19/fELQFohTn
qmQOGO/fYk49jQy9GvWFZrB4/uu377Ih8f6nXNKPcMoqbOInC8X+sCIivQMGkWOT
H3I/qJESX/+612mwHznhX+IOA0d9Mj5TMpqbQlUCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTiwXCeex0/PpnOa0y8ti0cUcp/EjAfBgNVHSMEGDAWgBSIL6AZAvTow0fy
EW5GRdoaa04JYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lDLWdHUUwwNk1OSDhoRnVSa1hhR210T0NXSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvZWMwOTgxLWQ2ODItNGY3Yi1iMjEwLTVjMmQyNjU3MDVlMC8x
LzRzRndubnNkUHo2WnptdE12TFl0SEZIS2Z4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
ZWMwOTgxLWQ2ODItNGY3Yi1iMjEwLTVjMmQyNjU3MDVlMC8xL2lDLWdHUUwwNk1O
SDhoRnVSa1hhR210T0NXSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEA1D0KDAMAwQDuccIAwQAuccKMA0E
AgACMAcDBQAqCpdAMA0GCSqGSIb3DQEBCwUAA4IBAQBgo+zUwQiZ6EguQQUQJvuM
aKTIZXsm68NaGiqUZfMRPsIPjsBOw3H0u7KZ9uj10oX7WIddIgnaQI6NkEsaSnLJ
8YPQRG0w23pMZzJ3Uzq87SnQxHvsThQA97jSgy1mQALLewRBfk4zFD6CmA2wHPkc
TYTm6LaaOKPtZFV4qSlBzUKT3frmNK9PvjHDl/mLtsqWjngWpf26P79RGbsNQV+1
wtR2ZkgOpEJNQx5NbAZdR/h/tnF2Dn8kBJbkphcPN5+k2mrWkS0+msz3FiGRdr2Q
NxLR457jWPVFMcrUF0mVanCg/nNm0gJdIFIuGY6Qx1MwisrF9b9dghm9O8+6KcAk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:40 2025 by rpki-client