Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8d7c02-b38d-4d65-af35-837d0031b3d1/1/1-3EA9V3p0sIx6rPHhsAo4GY6sdE.roa
File: 1-3EA9V3p0sIx6rPHhsAo4GY6sdE.roa (raw, json)
Hash identifier: 1UbRefl9snZagoh1Mr5257lptV9h57GPCYn5iUp2MV8=
Subject key identifier: FB:71:00:F5:5D:E9:D2:C2:31:EA:B3:C7:86:C0:28:E0:66:3A:B1:D1
Certificate issuer: /CN=4a222ed1b8a533858f4658c5d2539faf52abdaa7
Certificate serial: 018842710B0895F1A2BEDF459C1711E74F32
Authority key identifier: 4A:22:2E:D1:B8:A5:33:85:8F:46:58:C5:D2:53:9F:AF:52:AB:DA:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiIu0bilM4WPRljF0lOfr1Kr2qc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/8d7c02-b38d-4d65-af35-837d0031b3d1/1/1-3EA9V3p0sIx6rPHhsAo4GY6sdE.roa
Signing time: Mon 22 May 2023 07:51:24 +0000
ROA not before: Mon 22 May 2023 07:51:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49952
IP address blocks: 185.197.209.0/24 maxlen: 24
185.197.208.0/24 maxlen: 24
91.213.224.0/24 maxlen: 24
2a00:e4a0:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:71:0b:08:95:f1:a2:be:df:45:9c:17:11:e7:4f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a222ed1b8a533858f4658c5d2539faf52abdaa7
Validity
Not Before: May 22 07:51:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb7100f55de9d2c231eab3c786c028e0663ab1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c2:ed:80:1b:4f:7d:ad:94:8d:8e:10:17:12:
80:81:dc:62:a0:d8:99:a8:72:60:bf:38:99:16:9c:
27:36:99:dd:bb:ce:37:55:57:b2:be:2a:cc:09:da:
57:5c:cd:6c:9b:98:8d:16:1b:9f:ff:fe:3c:bb:56:
c5:87:9d:fc:51:bd:7d:ce:06:dc:35:34:89:62:7a:
44:10:de:57:50:8b:ae:62:86:3e:b0:70:78:7c:95:
69:64:d8:80:a4:fb:4e:9f:ae:8b:80:83:a6:2b:6b:
16:8b:0b:15:36:13:a2:8f:0c:a1:6e:79:82:f2:b7:
64:bb:73:5a:31:e1:df:14:3d:13:d4:f4:81:58:d1:
77:19:26:65:32:8f:cf:ca:31:47:e5:96:82:d6:c1:
05:c6:69:3f:1d:69:f7:72:48:86:11:3e:ad:2a:29:
41:1b:3c:c8:af:0f:cd:41:b7:fb:75:d5:88:0f:42:
d5:e8:6c:f6:2e:22:12:61:cb:b0:6b:59:69:71:de:
2a:01:63:2d:cb:06:7e:a6:0e:60:7b:f8:84:d9:c3:
92:a8:df:88:dc:31:4a:c3:79:3b:c2:6e:fd:8d:98:
1d:8e:d9:b8:fe:f0:ca:f8:07:4c:c2:24:e5:3c:66:
c4:1e:89:69:68:1d:a8:d2:dd:81:89:7e:e7:64:49:
fe:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:71:00:F5:5D:E9:D2:C2:31:EA:B3:C7:86:C0:28:E0:66:3A:B1:D1
X509v3 Authority Key Identifier:
keyid:4A:22:2E:D1:B8:A5:33:85:8F:46:58:C5:D2:53:9F:AF:52:AB:DA:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiIu0bilM4WPRljF0lOfr1Kr2qc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8d7c02-b38d-4d65-af35-837d0031b3d1/1/1-3EA9V3p0sIx6rPHhsAo4GY6sdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8d7c02-b38d-4d65-af35-837d0031b3d1/1/SiIu0bilM4WPRljF0lOfr1Kr2qc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.224.0/24
185.197.208.0/23
IPv6:
2a00:e4a0:100::/40
Signature Algorithm: sha256WithRSAEncryption
97:31:a0:d5:6d:91:72:b5:5f:10:33:d8:ba:98:2a:7e:1d:10:
6a:30:71:3e:b2:76:94:ef:93:20:7b:3e:cb:a2:e0:19:e9:5a:
c5:dc:f8:66:ca:81:a9:c4:36:1a:e2:c4:d1:02:3a:ad:e9:19:
9c:0c:46:a8:b3:2e:5c:62:d0:31:af:92:39:80:1d:b8:76:f6:
0b:9c:e0:64:00:0a:0f:f3:2b:d9:2a:7d:cb:c9:35:e1:a6:47:
5c:6c:84:da:28:63:f2:ae:54:d4:fd:4d:8d:91:89:86:39:b4:
51:8b:48:b9:4e:59:b3:37:d7:dd:7d:17:76:65:00:16:dd:bf:
ce:95:e0:51:91:ee:dd:ab:d7:a0:c7:07:d9:02:a1:8a:d0:e6:
34:d4:eb:1c:37:86:7f:93:00:e0:59:43:41:07:07:e2:42:93:
01:c3:56:59:8e:cb:f6:64:27:38:a8:f0:56:db:61:78:a6:0b:
7b:34:77:54:11:32:df:32:8f:e7:7b:1e:38:ab:ba:be:24:24:
39:3e:93:6d:6a:ee:6f:5c:6c:42:13:6c:6e:5c:1e:ef:36:8c:
b5:d2:5d:dd:5c:c7:53:a5:72:81:72:f3:05:0e:07:84:c3:2f:
cb:b3:54:38:1e:ef:be:16:3d:f9:b0:a7:c5:ec:00:2c:1a:d8:
c2:8e:43:9f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYhCcQsIlfGivt9FnBcR508yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjIyZWQxYjhhNTMzODU4ZjQ2NThjNWQyNTM5ZmFmNTJh
YmRhYTcwHhcNMjMwNTIyMDc1MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjcxMDBmNTVkZTlkMmMyMzFlYWIzYzc4NmMwMjhlMDY2M2FiMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMLtgBtPfa2UjY4QFxKAgdxioNiZ
qHJgvziZFpwnNpndu843VVeyvirMCdpXXM1sm5iNFhuf//48u1bFh538Ub19zgbc
NTSJYnpEEN5XUIuuYoY+sHB4fJVpZNiApPtOn66LgIOmK2sWiwsVNhOijwyhbnmC
8rdku3NaMeHfFD0T1PSBWNF3GSZlMo/PyjFH5ZaC1sEFxmk/HWn3ckiGET6tKilB
GzzIrw/NQbf7ddWID0LV6Gz2LiISYcuwa1lpcd4qAWMtywZ+pg5ge/iE2cOSqN+I
3DFKw3k7wm79jZgdjtm4/vDK+AdMwiTlPGbEHolpaB2o0t2BiX7nZEn+0QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPtxAPVd6dLCMeqzx4bAKOBmOrHRMB8GA1UdIwQY
MBaAFEoiLtG4pTOFj0ZYxdJTn69Sq9qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lJdTBiaWxNNFdQUmxqRjBsT2ZyMUtyMnFjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC84ZDdjMDItYjM4ZC00ZDY1LWFmMzUt
ODM3ZDAwMzFiM2QxLzEvMS0zRUE5VjNwMHNJeDZyUEhoc0FvNEdZNnNkRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTAvOGQ3YzAyLWIzOGQtNGQ2NS1hZjM1LTgzN2QwMDMxYjNk
MS8xL1NpSXUwYmlsTTRXUFJsakYwbE9mcjFLcjJxYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEAFvV4AME
AbnF0DAOBAIAAjAIAwYAKgDkoAEwDQYJKoZIhvcNAQELBQADggEBAJcxoNVtkXK1
XxAz2LqYKn4dEGowcT6ydpTvkyB7Psui4BnpWsXc+GbKganENhrixNECOq3pGZwM
RqizLlxi0DGvkjmAHbh29guc4GQACg/zK9kqfcvJNeGmR1xshNooY/KuVNT9TY2R
iYY5tFGLSLlOWbM31919F3ZlABbdv86V4FGR7t2r16DHB9kCoYrQ5jTU6xw3hn+T
AOBZQ0EHB+JCkwHDVlmOy/ZkJzio8FbbYXimC3s0d1QRMt8yj+d7Hjirur4kJDk+
k21q7m9cbEITbG5cHu82jLXSXd1cx1OlcoFy8wUOB4TDL8uzVDge774WPfmwp8Xs
ACwa2MKOQ58=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:07 2025 by rpki-client