Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/9hIQs49P7105880qF5yP11ZF4Hw.roa
File: 9hIQs49P7105880qF5yP11ZF4Hw.roa (raw, json)
Hash identifier: y6D2aHCYTWD6LAdaCMPyG/5wVKyyweAiB4O2iDO/0Lo=
Subject key identifier: F6:12:10:B3:8F:4F:EF:5D:39:F3:CD:2A:17:9C:8F:D7:56:45:E0:7C
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018BF6884DA45A4217FCD8C6071B54025E38
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/9hIQs49P7105880qF5yP11ZF4Hw.roa
Signing time: Wed 22 Nov 2023 10:16:49 +0000
ROA not before: Wed 22 Nov 2023 10:16:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197343
IP address blocks: 5.57.34.0/24 maxlen: 24
5.57.36.0/24 maxlen: 24
5.57.35.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
178.239.156.0/23 maxlen: 23
178.239.156.0/22 maxlen: 22
5.56.128.0/22 maxlen: 22
37.32.42.0/24 maxlen: 24
37.32.41.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:88:4d:a4:5a:42:17:fc:d8:c6:07:1b:54:02:5e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Nov 22 10:16:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f61210b38f4fef5d39f3cd2a179c8fd75645e07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:26:e6:56:f3:3b:5d:4c:5b:bb:8b:33:c6:a7:
1d:a6:fe:14:68:26:7f:49:77:18:b4:64:13:87:f2:
ff:91:a6:d9:a7:ab:36:03:9b:3e:3c:87:29:89:a4:
d3:ed:66:6e:7f:57:d2:a1:de:77:d6:3a:5c:c8:2e:
88:ea:e5:10:dc:a4:71:e8:4d:1b:26:b6:77:85:41:
c3:94:bc:c7:0f:50:ef:ed:0e:38:a6:2a:2b:eb:c8:
a2:68:99:b2:5b:57:d8:75:ab:a5:0e:6c:5f:b7:c3:
cf:a0:73:a2:da:99:fd:b5:76:5d:56:74:62:d0:26:
52:7b:34:fb:02:b6:0e:96:8f:46:0d:2f:7e:fd:79:
82:8f:91:73:7c:ee:5d:ea:ba:8b:fb:55:47:e4:4c:
da:62:5d:52:31:5f:a2:7d:70:50:fd:32:d8:19:d6:
dc:34:e0:d0:c7:69:c3:ee:12:28:35:99:14:17:d6:
ab:dd:dd:1d:44:15:fa:e4:e4:b0:60:35:6e:91:f6:
13:75:6e:79:ff:f2:91:86:36:3c:ef:25:46:f0:79:
48:ad:11:5a:6c:3d:a6:54:f4:1c:04:26:4f:bd:25:
26:db:37:9c:af:4f:73:ab:28:46:88:aa:dd:89:76:
0e:35:b9:1a:32:a7:b4:39:fc:69:f5:f9:56:3e:e2:
97:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:12:10:B3:8F:4F:EF:5D:39:F3:CD:2A:17:9C:8F:D7:56:45:E0:7C
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/9hIQs49P7105880qF5yP11ZF4Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.34.0-5.57.36.255
37.32.40.0/22
178.239.156.0/22
185.212.48.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:71:b0:90:9b:4f:25:5b:50:55:26:e6:2c:34:a1:09:17:6e:
05:d1:38:95:6a:04:12:8a:72:a2:69:e7:e9:f1:29:a3:0f:56:
cd:48:30:d6:f9:a6:73:85:9b:88:65:da:c0:37:26:17:8e:b5:
2b:9b:31:fb:dd:70:0f:33:a6:73:cb:cd:33:4d:60:be:2a:ee:
85:49:91:45:57:1e:d6:e3:ab:52:8d:3f:3a:b9:ef:90:a1:ef:
f1:bf:6e:2b:ac:ce:e1:5d:90:85:26:65:99:5c:50:e8:31:c6:
f2:b0:ce:71:ba:65:8d:55:ea:5a:d1:db:67:50:94:69:b3:6b:
9c:8c:56:f9:a2:31:12:38:20:61:b9:69:88:ec:2b:42:6d:79:
6c:a7:37:95:3f:f4:6a:67:d7:b2:ca:65:4d:75:dd:61:6b:b0:
c8:42:75:96:04:3d:5e:f7:11:84:cd:98:49:14:94:45:fd:a5:
b2:85:b9:d6:d8:06:31:3a:a1:ea:84:ad:9b:27:2c:90:c5:64:
a9:78:20:70:f0:02:29:ee:0e:9e:29:16:35:b1:0c:8f:44:88:
11:e6:0f:e8:fd:62:d5:aa:d5:72:06:62:52:58:d6:86:22:b2:
e4:2c:9a:88:9f:ab:9a:c5:dd:9f:71:ff:a3:e8:70:30:e8:76:
98:99:46:7f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYv2iE2kWkIX/NjGBxtUAl44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMTIyMTAxNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjEyMTBiMzhmNGZlZjVkMzlmM2NkMmExNzljOGZkNzU2NDVlMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCbmVvM7XUxbu4szxqcdpv4UaCZ/
SXcYtGQTh/L/kabZp6s2A5s+PIcpiaTT7WZuf1fSod531jpcyC6I6uUQ3KRx6E0b
JrZ3hUHDlLzHD1Dv7Q44pior68iiaJmyW1fYdaulDmxft8PPoHOi2pn9tXZdVnRi
0CZSezT7ArYOlo9GDS9+/XmCj5FzfO5d6rqL+1VH5EzaYl1SMV+ifXBQ/TLYGdbc
NODQx2nD7hIoNZkUF9ar3d0dRBX65OSwYDVukfYTdW55//KRhjY87yVG8HlIrRFa
bD2mVPQcBCZPvSUm2zecr09zqyhGiKrdiXYONbkaMqe0Ofxp9flWPuKX2QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPYSELOPT+9dOfPNKhecj9dWReB8MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvOWhJUXM0OVA3MTA1ODgwcUY1eVAxMVpGNEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBTiAMAwD
BAEFOSIDBAAFOSQDBAIlICgDBAKy75wDBAC51DAwDQYJKoZIhvcNAQELBQADggEB
AAtxsJCbTyVbUFUm5iw0oQkXbgXROJVqBBKKcqJp5+nxKaMPVs1IMNb5pnOFm4hl
2sA3JheOtSubMfvdcA8zpnPLzTNNYL4q7oVJkUVXHtbjq1KNPzq575Ch7/G/bius
zuFdkIUmZZlcUOgxxvKwznG6ZY1V6lrR22dQlGmza5yMVvmiMRI4IGG5aYjsK0Jt
eWynN5U/9Gpn17LKZU113WFrsMhCdZYEPV73EYTNmEkUlEX9pbKFudbYBjE6oeqE
rZsnLJDFZKl4IHDwAinuDp4pFjWxDI9EiBHmD+j9YtWq1XIGYlJY1oYisuQsmoif
q5rF3Z9x/6PocDDodpiZRn8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:08 2025 by rpki-client