Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/Vm8QBThDfmD79qTKPWetfewDC0M.roa
File: Vm8QBThDfmD79qTKPWetfewDC0M.roa (raw, json)
Hash identifier: z6sQ7ghk5E6r07cdnV3v2Hn4mtcA5JA5faoFJ1ZK9dI=
Subject key identifier: 56:6F:10:05:38:43:7E:60:FB:F6:A4:CA:3D:67:AD:7D:EC:03:0B:43
Certificate issuer: /CN=ec65d31440bf75d25c606f7915c236ca614464a2
Certificate serial: 01857070677D693DCF81AB1007AE7F30DC0C
Authority key identifier: EC:65:D3:14:40:BF:75:D2:5C:60:6F:79:15:C2:36:CA:61:44:64:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/Vm8QBThDfmD79qTKPWetfewDC0M.roa
Signing time: Mon 02 Jan 2023 03:04:52 +0000
ROA not before: Mon 02 Jan 2023 03:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42673
IP address blocks: 91.150.160.0/19 maxlen: 32
91.246.64.0/21 maxlen: 32
91.189.216.0/21 maxlen: 32
91.246.72.0/22 maxlen: 32
195.248.246.0/23 maxlen: 32
185.80.32.0/22 maxlen: 32
2a05:7100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:67:7d:69:3d:cf:81:ab:10:07:ae:7f:30:dc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec65d31440bf75d25c606f7915c236ca614464a2
Validity
Not Before: Jan 2 03:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=566f100538437e60fbf6a4ca3d67ad7dec030b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:de:84:2e:83:2d:bf:f1:43:80:88:27:4b:84:
91:af:e4:af:6c:ad:df:f9:ef:b8:5f:dd:22:7a:73:
b0:0c:2b:b4:55:f1:a1:fa:58:37:07:52:70:be:9b:
91:9a:66:44:95:20:70:ff:34:6f:ac:48:3d:a3:5f:
b6:e4:57:83:d7:fa:2d:6e:0c:54:96:ce:bf:17:67:
9f:5b:ef:da:26:d5:9d:fb:82:ac:30:4c:32:0a:ab:
f1:bd:02:a7:28:a4:f6:bc:f6:63:36:1a:7e:ff:f3:
ae:9c:48:43:ee:84:11:a0:a4:ba:ed:b2:5b:1f:2c:
97:a6:2e:b7:f7:8f:9c:17:23:4a:9b:78:7b:a2:b6:
f8:6a:c5:c5:19:62:76:66:4b:97:a5:52:c7:da:83:
8a:11:7d:8b:b1:02:e4:a7:8c:c9:7b:6c:8d:95:c4:
09:af:bd:99:8a:e0:bb:24:73:5c:65:4e:ea:ce:9c:
88:15:0a:64:eb:a3:ca:cd:92:37:8d:be:88:79:ef:
33:11:0a:95:5f:d1:8c:08:16:46:36:e1:c3:c7:a4:
6d:2d:02:51:2f:ca:12:2c:2f:27:f8:d9:3b:1f:04:
ee:e1:b0:29:53:e3:e2:46:f7:24:5f:d5:b9:17:93:
af:70:10:52:36:71:81:14:2a:c1:bf:cc:de:7d:92:
57:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:6F:10:05:38:43:7E:60:FB:F6:A4:CA:3D:67:AD:7D:EC:03:0B:43
X509v3 Authority Key Identifier:
keyid:EC:65:D3:14:40:BF:75:D2:5C:60:6F:79:15:C2:36:CA:61:44:64:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/Vm8QBThDfmD79qTKPWetfewDC0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/7GXTFEC_ddJcYG95FcI2ymFEZKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.150.160.0/19
91.189.216.0/21
91.246.64.0-91.246.75.255
185.80.32.0/22
195.248.246.0/23
IPv6:
2a05:7100::/29
Signature Algorithm: sha256WithRSAEncryption
3b:06:ec:d7:4e:ed:80:8a:53:52:77:89:5e:36:2a:77:48:e3:
97:73:e0:7e:14:3b:86:c0:ef:ee:d0:70:32:e8:d4:72:2c:a3:
eb:69:d2:0a:5c:4c:d0:7b:ba:37:fe:ec:a0:67:15:30:22:18:
73:a9:9a:e9:e8:cb:84:c7:da:68:34:89:d8:96:b7:e9:e0:3c:
25:5b:06:6d:b3:46:2a:3a:f9:bc:4a:f8:b3:70:c6:57:82:4b:
3f:75:b1:c4:45:ea:f2:ed:d1:17:8a:67:ad:7e:f5:60:b2:e1:
9f:09:29:66:30:7c:02:42:ab:f9:65:7a:e5:0a:97:f1:f9:82:
d3:59:25:8b:d4:57:47:9f:d3:0a:ab:17:e1:c6:40:05:c3:c2:
67:af:6c:e0:1f:18:5a:16:34:c4:8e:bd:d4:13:4d:44:da:b6:
09:70:aa:d1:0c:3a:01:1b:b8:c0:85:d5:30:39:5d:ef:e0:3d:
84:1c:46:89:b1:8f:b8:cf:9f:0b:b6:d1:eb:a9:af:2f:30:67:
1d:5c:0b:f6:21:64:5b:97:0f:61:ef:1d:a5:6c:10:62:81:25:
c7:22:f8:fe:ea:c4:ca:49:06:5c:3e:ac:7b:a3:44:30:4f:b1:
0a:b9:41:18:b7:7c:2d:7f:b0:ed:31:0b:0b:26:e0:67:8e:77:
e8:8f:97:b2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVwcGd9aT3PgasQB65/MNwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNjVkMzE0NDBiZjc1ZDI1YzYwNmY3OTE1YzIzNmNhNjE0
NDY0YTIwHhcNMjMwMTAyMDMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjZmMTAwNTM4NDM3ZTYwZmJmNmE0Y2EzZDY3YWQ3ZGVjMDMwYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3t6ELoMtv/FDgIgnS4SRr+SvbK3f
+e+4X90ienOwDCu0VfGh+lg3B1JwvpuRmmZElSBw/zRvrEg9o1+25FeD1/otbgxU
ls6/F2efW+/aJtWd+4KsMEwyCqvxvQKnKKT2vPZjNhp+//OunEhD7oQRoKS67bJb
HyyXpi6394+cFyNKm3h7orb4asXFGWJ2ZkuXpVLH2oOKEX2LsQLkp4zJe2yNlcQJ
r72ZiuC7JHNcZU7qzpyIFQpk66PKzZI3jb6Iee8zEQqVX9GMCBZGNuHDx6RtLQJR
L8oSLC8n+Nk7HwTu4bApU+PiRvckX9W5F5OvcBBSNnGBFCrBv8zefZJXnwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFZvEAU4Q35g+/akyj1nrX3sAwtDMB8GA1UdIwQY
MBaAFOxl0xRAv3XSXGBveRXCNsphRGSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0dYVEZFQ19kZEpjWUc5NUZjSTJ5bUZFWktJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8yYTZkZjUtODIzNi00MTJkLWFkNzkt
ZTI5NTg5ZTg5NjRhLzEvVm04UUJUaERmbUQ3OXFUS1BXZXRmZXdEQzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8yYTZkZjUtODIzNi00MTJkLWFkNzktZTI5NTg5ZTg5NjRh
LzEvN0dYVEZFQ19kZEpjWUc5NUZjSTJ5bUZFWktJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQFW5agAwQD
W73YMAwDBAZb9kADBAJb9kgDBAK5UCADBAHD+PYwDQQCAAIwBwMFAyoFcQAwDQYJ
KoZIhvcNAQELBQADggEBADsG7NdO7YCKU1J3iV42KndI45dz4H4UO4bA7+7QcDLo
1HIso+tp0gpcTNB7ujf+7KBnFTAiGHOpmunoy4TH2mg0idiWt+ngPCVbBm2zRio6
+bxK+LNwxleCSz91scRF6vLt0ReKZ61+9WCy4Z8JKWYwfAJCq/lleuUKl/H5gtNZ
JYvUV0ef0wqrF+HGQAXDwmevbOAfGFoWNMSOvdQTTUTatglwqtEMOgEbuMCF1TA5
Xe/gPYQcRomxj7jPnwu20eupry8wZx1cC/YhZFuXD2HvHaVsEGKBJcci+P7qxMpJ
Blw+rHujRDBPsQq5QRi3fC1/sO0xCwsm4GeOd+iPl7I=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:19:52 2025 by rpki-client