Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/9fqLJlpulyPYUJeu4XOLheAw60Y.roa
File: 9fqLJlpulyPYUJeu4XOLheAw60Y.roa (raw, json)
Hash identifier: 079eFaeMgLZ9Qbk7uQ0//jMV3qXFrqKoFNTIpOMPEKw=
Subject key identifier: F5:FA:8B:26:5A:6E:97:23:D8:50:97:AE:E1:73:8B:85:E0:30:EB:46
Certificate issuer: /CN=774d215caedb050d6f6fe8426d5058afe29aa896
Certificate serial: 01856B8A2057F1948A48D3A7A3165C637E47
Authority key identifier: 77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/9fqLJlpulyPYUJeu4XOLheAw60Y.roa
Signing time: Sun 01 Jan 2023 04:14:52 +0000
ROA not before: Sun 01 Jan 2023 04:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47264
IP address blocks: 185.66.112.0/24 maxlen: 24
185.66.113.0/24 maxlen: 24
185.66.115.0/24 maxlen: 24
185.66.114.0/24 maxlen: 24
93.191.32.0/21 maxlen: 21
178.248.105.0/24 maxlen: 24
178.248.104.0/21 maxlen: 21
2a02:400::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:20:57:f1:94:8a:48:d3:a7:a3:16:5c:63:7e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=774d215caedb050d6f6fe8426d5058afe29aa896
Validity
Not Before: Jan 1 04:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5fa8b265a6e9723d85097aee1738b85e030eb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7a:4e:88:94:ff:e1:ed:fa:e4:f5:08:21:55:
dc:41:ed:54:2f:92:12:ce:67:f2:47:0e:70:6d:ca:
86:2e:1a:39:89:4b:7e:40:cd:94:cd:25:8e:db:04:
5a:70:d5:52:8a:7e:83:dd:ee:12:89:ca:8a:84:16:
f9:85:f2:de:5a:3b:75:57:46:21:6a:70:ff:95:ed:
12:95:20:b4:c5:52:15:bb:c7:ba:bb:9e:00:38:a4:
ca:f4:0b:24:57:7e:07:d0:f1:8b:f2:68:cc:a6:bb:
46:b0:a4:1d:c5:6e:3d:ec:a9:84:93:c3:35:af:5b:
4f:75:84:ea:b7:d5:5b:a0:33:9b:8a:50:27:50:83:
87:3e:76:87:20:84:b3:73:9c:6e:36:58:e8:78:8b:
ef:ef:5d:f4:e1:29:c2:63:5a:d2:ce:ca:61:ce:75:
e1:8d:b6:52:de:69:5f:11:74:cb:7f:6b:fd:36:df:
da:6a:5b:89:91:58:fb:0d:32:48:44:c9:1c:13:3a:
60:66:ad:86:d6:5d:7b:32:7c:8b:52:8a:94:26:bb:
91:fb:c7:bf:b2:05:7d:44:07:21:38:34:61:8e:2f:
8a:b6:bf:b8:c7:ac:93:da:34:86:01:f1:7e:88:0d:
47:27:f2:a0:50:33:a6:a5:2e:35:1d:2e:af:d6:4d:
c6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FA:8B:26:5A:6E:97:23:D8:50:97:AE:E1:73:8B:85:E0:30:EB:46
X509v3 Authority Key Identifier:
keyid:77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/9fqLJlpulyPYUJeu4XOLheAw60Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.32.0/21
178.248.104.0/21
185.66.112.0/22
IPv6:
2a02:400::/32
Signature Algorithm: sha256WithRSAEncryption
a0:4b:db:3f:16:a5:50:9c:c9:a8:3e:50:e4:a1:71:24:f2:c1:
6b:01:43:eb:6e:47:21:19:db:dd:d3:20:92:01:b1:d0:03:32:
9a:d7:89:ff:fc:c0:e9:54:3b:bb:f3:bc:87:6b:10:85:f3:b2:
5f:14:a4:2b:33:3d:11:1b:ae:f3:70:aa:7a:e3:29:4b:74:98:
f1:9e:d4:d5:33:08:b9:ff:3d:8b:6f:2f:52:ad:8f:00:b0:d6:
25:7e:24:63:e5:6a:77:3a:71:2a:0d:3c:95:23:09:5a:1e:ac:
f6:b1:82:1a:ad:48:52:38:ff:ed:14:fa:44:63:4f:f2:2d:e4:
ff:46:af:1a:22:80:0b:4b:22:d9:f5:38:9c:02:75:f5:a3:53:
29:cf:b8:c4:4d:22:aa:fd:4c:03:e3:c9:2f:e3:8d:59:10:30:
7a:16:8d:2b:ee:85:cd:5b:13:6f:4a:bc:99:d5:60:84:12:d0:
eb:42:c6:7d:c7:d3:4f:d0:38:1e:ba:fe:3a:45:3b:3e:59:b2:
16:28:83:fb:20:ff:e3:9d:50:c8:d7:89:27:6d:35:9d:24:9b:
86:a1:d2:90:1a:2e:e6:6e:09:ac:3f:1e:28:b4:02:1e:5c:15:
a7:2c:1c:de:7d:10:ba:5b:27:ec:d6:e7:58:60:40:9e:e3:7d:
99:a5:65:23
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVriiBX8ZSKSNOnoxZcY35HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NGQyMTVjYWVkYjA1MGQ2ZjZmZTg0MjZkNTA1OGFmZTI5
YWE4OTYwHhcNMjMwMTAxMDQxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWZhOGIyNjVhNmU5NzIzZDg1MDk3YWVlMTczOGI4NWUwMzBlYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXpOiJT/4e365PUIIVXcQe1UL5IS
zmfyRw5wbcqGLho5iUt+QM2UzSWO2wRacNVSin6D3e4SicqKhBb5hfLeWjt1V0Yh
anD/le0SlSC0xVIVu8e6u54AOKTK9AskV34H0PGL8mjMprtGsKQdxW497KmEk8M1
r1tPdYTqt9VboDObilAnUIOHPnaHIISzc5xuNljoeIvv71304SnCY1rSzsphznXh
jbZS3mlfEXTLf2v9Nt/aaluJkVj7DTJIRMkcEzpgZq2G1l17MnyLUoqUJruR+8e/
sgV9RAchODRhji+Ktr+4x6yT2jSGAfF+iA1HJ/KgUDOmpS41HS6v1k3G7QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPX6iyZabpcj2FCXruFzi4XgMOtGMB8GA1UdIwQY
MBaAFHdNIVyu2wUNb2/oQm1QWK/imqiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDAwaFhLN2JCUTF2Yi1oQ2JWQllyLUthcUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85YjM0NTMtYWU3OS00ZjNjLWJjNzIt
NWQ4ZmU5YWNlZjgzLzEvOWZxTEpscHVseVBZVUpldTRYT0xoZUF3NjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85YjM0NTMtYWU3OS00ZjNjLWJjNzItNWQ4ZmU5YWNlZjgz
LzEvZDAwaFhLN2JCUTF2Yi1oQ2JWQllyLUthcUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXb8gAwQD
svhoAwQCuUJwMA0EAgACMAcDBQAqAgQAMA0GCSqGSIb3DQEBCwUAA4IBAQCgS9s/
FqVQnMmoPlDkoXEk8sFrAUPrbkchGdvd0yCSAbHQAzKa14n//MDpVDu787yHaxCF
87JfFKQrMz0RG67zcKp64ylLdJjxntTVMwi5/z2Lby9SrY8AsNYlfiRj5Wp3OnEq
DTyVIwlaHqz2sYIarUhSOP/tFPpEY0/yLeT/Rq8aIoALSyLZ9TicAnX1o1Mpz7jE
TSKq/UwD48kv441ZEDB6Fo0r7oXNWxNvSryZ1WCEEtDrQsZ9x9NP0Dgeuv46RTs+
WbIWKIP7IP/jnVDI14knbTWdJJuGodKQGi7mbgmsPx4otAIeXBWnLBzefRC6Wyfs
1udYYECe432ZpWUj
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:21:08 2025 by rpki-client