Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/sVumSd9FWkJdZTR9kCkQ2LjQ9kc.roa
File: sVumSd9FWkJdZTR9kCkQ2LjQ9kc.roa (raw, json)
Hash identifier: Y6wqdAyyfypNIBhKQhs80GL0mffKlvC8b3em9BQmsA8=
Subject key identifier: B1:5B:A6:49:DF:45:5A:42:5D:65:34:7D:90:29:10:D8:B8:D0:F6:47
Certificate issuer: /CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Certificate serial: 01857255810212C5CE57179FF4E6CEF27C5D
Authority key identifier: 88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/sVumSd9FWkJdZTR9kCkQ2LjQ9kc.roa
Signing time: Mon 02 Jan 2023 11:54:44 +0000
ROA not before: Mon 02 Jan 2023 11:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206011
IP address blocks: 185.199.10.0/24 maxlen: 24
185.199.8.0/24 maxlen: 24
185.199.9.0/24 maxlen: 24
80.244.44.0/22 maxlen: 22
80.244.40.0/22 maxlen: 22
80.244.40.0/21 maxlen: 21
2a0a:9740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:81:02:12:c5:ce:57:17:9f:f4:e6:ce:f2:7c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Validity
Not Before: Jan 2 11:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b15ba649df455a425d65347d902910d8b8d0f647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:08:0a:3f:33:c0:88:ed:bc:84:e1:cc:0b:ab:
da:2e:3a:69:a4:fe:b7:4a:f3:fd:c8:bf:f9:d0:40:
94:de:a1:e6:42:81:ce:d3:dd:81:7e:dc:24:94:82:
20:c0:29:ae:7a:79:b4:09:b3:66:d9:dd:48:c9:5f:
01:45:41:c7:f2:4f:36:05:99:9f:65:9d:72:a5:a9:
b8:9a:4b:39:28:74:bc:22:00:d2:1b:95:8f:77:cb:
9d:04:44:b7:de:13:22:88:85:17:a9:52:ed:8a:ac:
35:2d:12:7c:4e:ce:27:22:7b:e2:9f:38:fb:c6:51:
d9:f3:17:2b:2b:61:3f:32:b3:ee:35:e5:c8:48:d2:
5f:b0:9b:0e:db:30:66:0b:8c:b9:6a:fa:3e:75:40:
81:b2:51:ea:81:fe:55:04:cb:27:ab:29:6f:ee:2a:
c0:87:fd:3e:88:a1:06:27:f7:f1:68:af:45:b1:5f:
1d:ee:63:c7:07:95:e2:45:20:84:bb:a1:4f:56:34:
ad:af:45:2e:9d:61:73:7b:cc:03:60:2c:0f:97:3e:
36:40:e3:89:29:a4:e2:15:8b:c0:d7:f1:3f:11:61:
98:fc:6c:fb:c6:ce:52:f5:ac:05:92:93:2c:3c:89:
96:1c:38:6e:32:84:a9:cc:86:39:a4:fa:2a:39:b6:
a0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:5B:A6:49:DF:45:5A:42:5D:65:34:7D:90:29:10:D8:B8:D0:F6:47
X509v3 Authority Key Identifier:
keyid:88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/sVumSd9FWkJdZTR9kCkQ2LjQ9kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.40.0/21
185.199.8.0-185.199.10.255
IPv6:
2a0a:9740::/32
Signature Algorithm: sha256WithRSAEncryption
49:bf:37:31:33:89:7e:9e:c9:3a:be:d8:9d:85:33:d6:89:83:
bd:1b:be:46:f7:93:bf:d8:d7:04:10:46:ee:91:0b:cf:ac:8c:
ae:0c:33:e0:03:f1:cd:b7:85:6f:5f:3e:47:e6:c5:ff:84:e5:
f0:ba:c8:90:f1:64:2b:98:27:5d:6f:9f:f9:be:26:58:cb:bb:
bd:a9:e2:86:e2:f4:8b:f6:84:12:91:8a:c5:e6:2a:cf:fe:94:
98:95:34:39:5d:b8:c3:a7:c0:fc:7d:ac:0d:12:89:38:96:38:
e0:13:e1:c7:7a:04:6b:bc:a2:39:2a:9b:22:c4:b7:2b:90:6e:
18:91:3f:27:df:e2:ce:bc:9c:87:59:b1:f7:76:08:2d:e8:62:
af:31:44:db:ae:a7:dd:e3:3e:a1:b4:3e:7b:f4:1b:89:83:c7:
db:7d:22:36:de:31:91:04:d7:62:c9:17:62:b9:09:46:7b:6d:
69:af:76:b0:46:e4:a2:19:8c:d8:58:ea:16:53:2b:c1:56:9f:
94:c2:76:64:83:a7:1e:d1:ce:eb:17:95:d3:a9:64:74:22:dc:
e8:2a:13:1e:e2:65:c7:1c:40:5f:6e:05:69:89:80:44:ea:d5:
aa:44:98:89:2e:10:c8:4f:84:11:ac:f2:30:d7:8f:77:66:37:
7c:99:19:6a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVyVYECEsXOVxef9ObO8nxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MmZhMDE5MDJmNGU4YzM0N2YyMTE2ZTQ2NDVkYTFhNmI0
ZTA5NjIwHhcNMjMwMTAyMTE1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTViYTY0OWRmNDU1YTQyNWQ2NTM0N2Q5MDI5MTBkOGI4ZDBmNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAgKPzPAiO28hOHMC6vaLjpppP63
SvP9yL/50ECU3qHmQoHO092BftwklIIgwCmuenm0CbNm2d1IyV8BRUHH8k82BZmf
ZZ1ypam4mks5KHS8IgDSG5WPd8udBES33hMiiIUXqVLtiqw1LRJ8Ts4nInvinzj7
xlHZ8xcrK2E/MrPuNeXISNJfsJsO2zBmC4y5avo+dUCBslHqgf5VBMsnqylv7irA
h/0+iKEGJ/fxaK9FsV8d7mPHB5XiRSCEu6FPVjStr0UunWFze8wDYCwPlz42QOOJ
KaTiFYvA1/E/EWGY/Gz7xs5S9awFkpMsPImWHDhuMoSpzIY5pPoqObagOwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLFbpknfRVpCXWU0fZApENi40PZHMB8GA1UdIwQY
MBaAFIgvoBkC9OjDR/IRbkZF2hprTgliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAt
NWMyZDI2NTcwNWUwLzEvc1Z1bVNkOUZXa0pkWlRSOWtDa1EyTGpROWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAtNWMyZDI2NTcwNWUw
LzEvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDUPQoMAwD
BAO5xwgDBAC5xwowDQQCAAIwBwMFACoKl0AwDQYJKoZIhvcNAQELBQADggEBAEm/
NzEziX6eyTq+2J2FM9aJg70bvkb3k7/Y1wQQRu6RC8+sjK4MM+AD8c23hW9fPkfm
xf+E5fC6yJDxZCuYJ11vn/m+JljLu72p4obi9Iv2hBKRisXmKs/+lJiVNDlduMOn
wPx9rA0SiTiWOOAT4cd6BGu8ojkqmyLEtyuQbhiRPyff4s68nIdZsfd2CC3oYq8x
RNuup93jPqG0Pnv0G4mDx9t9IjbeMZEE12LJF2K5CUZ7bWmvdrBG5KIZjNhY6hZT
K8FWn5TCdmSDpx7RzusXldOpZHQi3OgqEx7iZcccQF9uBWmJgETq1apEmIkuEMhP
hBGs8jDXj3dmN3yZGWo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:26 2025 by rpki-client