Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/FDKbvEdhSoghK86QH_OtCWtd2aU.roa
File: FDKbvEdhSoghK86QH_OtCWtd2aU.roa (raw, json)
Hash identifier: xdfP6X9J9eV5Cy5ZJUWcB3cl4QoKVnRShYg06/0VmEw=
Subject key identifier: 14:32:9B:BC:47:61:4A:88:21:2B:CE:90:1F:F3:AD:09:6B:5D:D9:A5
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 046B0012
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/FDKbvEdhSoghK86QH_OtCWtd2aU.roa
Signing time: Fri 11 Mar 2022 12:31:39 +0000
ROA not before: Fri 11 Mar 2022 12:31:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.189.0/24 maxlen: 24
5.181.188.0/22 maxlen: 22
95.214.52.0/22 maxlen: 22
185.16.36.0/22 maxlen: 22
185.16.39.0/24 maxlen: 24
2a03:cfc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74121234 (0x46b0012)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Mar 11 12:31:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14329bbc47614a88212bce901ff3ad096b5dd9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e3:35:3c:fc:6b:bd:9e:57:0b:17:de:a4:bc:
ba:4b:e3:68:16:e4:19:d4:52:03:7d:8d:da:52:91:
14:76:1a:2a:44:9a:9b:76:a5:b7:7a:14:c9:0a:c7:
64:4a:51:53:d0:75:d7:08:72:17:d4:95:b2:30:82:
e0:9c:e3:a6:c0:cc:53:7a:84:c8:38:61:35:7f:6c:
f5:31:2f:e2:5e:37:58:96:f1:3f:70:27:80:b9:da:
b4:a3:21:e5:bc:75:28:41:84:3e:85:79:be:7a:52:
a5:99:15:12:46:55:86:c1:26:8e:d1:b5:7a:7a:c9:
fd:b5:9c:8f:0e:8c:66:b8:0b:73:73:9f:c5:4d:5a:
fd:68:d7:45:10:d1:7f:97:71:45:4a:60:c3:86:2e:
5a:9b:d5:61:ef:7f:3a:d4:0a:d9:62:7f:b1:7c:6e:
af:68:c1:6a:2c:bc:6d:1d:24:87:3e:d4:b1:04:3b:
2b:7c:03:fc:8c:46:89:6b:79:a8:3b:0c:e5:12:70:
23:a4:1b:5c:a2:59:14:e0:69:72:8d:ec:07:c6:27:
b2:05:d6:f0:e4:f9:d0:14:10:c5:d7:b7:83:6c:9f:
a7:1d:8d:6b:c4:14:81:cd:b3:a3:8e:8a:c7:56:ab:
70:f4:51:21:5d:fd:ed:35:54:d3:67:33:b2:d7:e3:
13:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:32:9B:BC:47:61:4A:88:21:2B:CE:90:1F:F3:AD:09:6B:5D:D9:A5
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/FDKbvEdhSoghK86QH_OtCWtd2aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
95.214.52.0/22
185.16.36.0/22
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
50:80:1f:2f:b7:ee:a9:82:71:ff:92:ef:9d:6a:fb:0b:f4:24:
c4:aa:c4:f0:d6:80:70:00:00:4f:f9:a3:53:7b:d2:08:8e:7e:
ce:1f:d4:47:8c:ae:8a:f6:c8:ed:df:85:d9:35:c4:b5:96:fd:
70:60:bc:98:30:e9:72:4e:c7:70:f5:ac:cb:38:17:ee:29:94:
93:2c:06:7c:cc:7d:87:6b:ad:c3:58:e9:7e:04:68:ab:e7:0c:
a3:02:86:0a:5a:89:9c:2c:7f:61:f2:de:ff:44:48:9e:38:fc:
55:6d:8b:79:e6:6f:cd:41:d8:15:fe:90:2d:7e:da:d9:0a:e2:
c9:60:eb:16:77:b8:94:47:08:ec:56:8f:a9:b6:f5:81:b9:49:
87:ff:e8:14:84:0e:26:1e:ca:80:ea:1f:0e:12:d6:8b:b0:98:
bc:b4:17:f9:d7:1c:c0:d3:af:ec:d9:83:48:36:18:29:28:0f:
27:05:57:9e:98:eb:68:1c:da:60:f0:18:a0:a4:44:70:7d:f8:
d0:1e:a0:08:e5:50:bb:6f:ad:d3:14:28:fa:a6:63:a9:d2:18:
67:90:df:f3:c5:e0:23:11:8b:d2:d7:34:24:3a:08:97:35:6e:
24:f5:a0:56:f7:d4:c0:fa:a0:19:fe:ab:49:a3:52:47:64:2f:
ba:20:09:7f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBGsAEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmUzOTcxYTMyYzA2OTJjNGUzNDJlOTExNzkwNjYyNDcwY2YzMWIyMB4XDTIyMDMx
MTEyMzEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQzMjliYmM0NzYx
NGE4ODIxMmJjZTkwMWZmM2FkMDk2YjVkZDlhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPjNTz8a72eVwsX3qS8ukvjaBbkGdRSA32N2lKRFHYaKkSa
m3alt3oUyQrHZEpRU9B11whyF9SVsjCC4JzjpsDMU3qEyDhhNX9s9TEv4l43WJbx
P3AngLnatKMh5bx1KEGEPoV5vnpSpZkVEkZVhsEmjtG1enrJ/bWcjw6MZrgLc3Of
xU1a/WjXRRDRf5dxRUpgw4YuWpvVYe9/OtQK2WJ/sXxur2jBaiy8bR0khz7UsQQ7
K3wD/IxGiWt5qDsM5RJwI6QbXKJZFOBpco3sB8YnsgXW8OT50BQQxde3g2yfpx2N
a8QUgc2zo46Kx1arcPRRIV397TVU02czstfjE0cCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQUMpu8R2FKiCErzpAf860Ja13ZpTAfBgNVHSMEGDAWgBS/45caMsBpLE40
LpEXkGYkcM8xsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3YtT1hHakxBYVN4T05DNlJGNUJtSkhEUE1iSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvZDc2YmY4LTU0MWYtNGVmYy05OGM1LWM0ZGNjN2Y2YjdkZi8x
L0ZES2J2RWRoU29naEs4NlFIX090Q1d0ZDJhVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
ZDc2YmY4LTU0MWYtNGVmYy05OGM1LWM0ZGNjN2Y2YjdkZi8xL3YtT1hHakxBYVN4
T05DNlJGNUJtSkhEUE1iSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAgW1vAMEAl/WNAMEArkQJDANBAIA
AjAHAwUAKgPPwDANBgkqhkiG9w0BAQsFAAOCAQEAUIAfL7fuqYJx/5LvnWr7C/Qk
xKrE8NaAcAAAT/mjU3vSCI5+zh/UR4yuivbI7d+F2TXEtZb9cGC8mDDpck7HcPWs
yzgX7imUkywGfMx9h2utw1jpfgRoq+cMowKGClqJnCx/YfLe/0RInjj8VW2LeeZv
zUHYFf6QLX7a2QriyWDrFne4lEcI7FaPqbb1gblJh//oFIQOJh7KgOofDhLWi7CY
vLQX+dccwNOv7NmDSDYYKSgPJwVXnpjraBzaYPAYoKREcH340B6gCOVQu2+t0xQo
+qZjqdIYZ5Df88XgIxGL0tc0JDoIlzVuJPWgVvfUwPqgGf6rSaNSR2QvuiAJfw==
-----END CERTIFICATE-----
Generated at Tue Mar 11 04:56:23 2025 by rpki-client