Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/m0SVxa_FDQKJx0KnNYLUcKKVDv0.roa
File: m0SVxa_FDQKJx0KnNYLUcKKVDv0.roa (raw, json)
Hash identifier: exvfyFtV+vflhL1TfWytgi8xiWUGXDu32Esj6XOSSrM=
Subject key identifier: 9B:44:95:C5:AF:C5:0D:02:89:C7:42:A7:35:82:D4:70:A2:95:0E:FD
Certificate issuer: /CN=543c54067385a765b1d5617c43331956fb208e89
Certificate serial: 01870804D55AA1991CC6A19FF917384B9B86
Authority key identifier: 54:3C:54:06:73:85:A7:65:B1:D5:61:7C:43:33:19:56:FB:20:8E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/m0SVxa_FDQKJx0KnNYLUcKKVDv0.roa
Signing time: Wed 22 Mar 2023 06:32:27 +0000
ROA not before: Wed 22 Mar 2023 06:32:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198595
IP address blocks: 185.202.124.0/24 maxlen: 24
185.202.125.0/24 maxlen: 24
185.202.126.0/24 maxlen: 24
185.202.127.0/24 maxlen: 24
91.236.57.0/24 maxlen: 24
2001:67c:104::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:04:d5:5a:a1:99:1c:c6:a1:9f:f9:17:38:4b:9b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543c54067385a765b1d5617c43331956fb208e89
Validity
Not Before: Mar 22 06:32:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b4495c5afc50d0289c742a73582d470a2950efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:34:e8:e8:8e:cf:50:9a:2e:11:72:dc:4c:a6:
65:44:be:db:67:78:b0:15:dd:2d:6a:e5:65:00:fd:
24:c6:3d:d7:4e:54:10:b8:92:28:0b:a2:cc:b2:d2:
03:a4:47:b7:4d:42:35:c4:4a:85:04:a7:9e:39:64:
45:32:8e:be:4d:12:3d:ac:0b:f4:2d:14:27:4d:31:
de:5d:bd:f3:d0:97:99:e8:3d:30:1d:75:58:c5:6f:
ab:f1:8c:7b:85:c4:12:4c:77:f2:fe:05:48:53:83:
b5:f8:8e:90:da:fb:66:cd:e6:10:ac:87:8f:7b:ea:
08:77:63:bf:f5:8b:a0:ef:ba:18:39:90:90:e0:95:
6a:e7:ec:be:8f:00:fa:aa:58:8f:87:30:75:db:c0:
65:b1:dc:bc:41:9c:27:f4:40:c5:f0:18:cd:64:28:
68:97:4d:2b:7b:52:19:e1:ab:8f:44:7d:d0:82:0f:
a0:f6:1d:b2:fc:2c:b9:1b:a4:90:b0:c1:fa:0c:25:
42:ad:12:ee:34:0d:00:a8:ba:77:6d:45:85:65:d1:
04:52:3d:97:08:fd:ab:41:fd:b7:c2:26:b5:6a:04:
d1:b8:ce:3c:89:96:23:85:90:78:50:6a:c1:a9:d1:
70:dd:1e:b0:60:72:92:63:75:40:b4:67:4e:54:9e:
a9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:44:95:C5:AF:C5:0D:02:89:C7:42:A7:35:82:D4:70:A2:95:0E:FD
X509v3 Authority Key Identifier:
keyid:54:3C:54:06:73:85:A7:65:B1:D5:61:7C:43:33:19:56:FB:20:8E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/m0SVxa_FDQKJx0KnNYLUcKKVDv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/VDxUBnOFp2Wx1WF8QzMZVvsgjok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.57.0/24
185.202.124.0/22
IPv6:
2001:67c:104::/48
Signature Algorithm: sha256WithRSAEncryption
88:9f:75:f9:ef:c3:6a:58:0a:ae:b1:a1:bf:4f:d7:86:0c:d6:
19:7c:bb:d7:c9:05:69:70:17:73:de:f8:2d:d1:79:78:27:27:
2b:7e:ce:77:a8:2c:c8:17:77:df:86:b1:34:2f:6b:1c:b1:9f:
b2:8c:f2:9c:bd:7b:89:63:7b:34:f5:1c:8d:d0:97:f9:47:93:
d4:c6:62:0d:7b:44:c5:3f:c5:43:13:9a:36:71:a2:66:5e:53:
20:52:48:a2:99:6b:36:b6:d3:d1:aa:bc:df:22:2a:b6:8a:05:
27:8c:2f:96:c4:de:ed:2f:4f:78:53:f5:9e:31:dc:e8:56:14:
f9:46:5b:89:72:1f:96:80:f0:36:8a:9a:9b:84:0b:f8:5b:f6:
f9:65:41:ea:c1:2a:c8:d3:98:d2:99:91:de:0d:11:e3:8d:db:
af:42:5c:3c:54:dc:bc:10:5f:0a:e4:7d:f4:89:7c:86:09:d1:
97:40:a5:83:0e:b8:94:c0:32:ad:ae:a3:52:cb:fa:b6:7c:68:
e7:2b:fa:fe:ed:7e:49:b5:45:61:ad:5a:17:40:a9:96:5e:0b:
73:3d:d4:ab:2a:60:a7:76:26:4a:07:55:00:05:20:21:47:5f:
b4:00:80:71:bf:81:55:b2:e2:7d:9d:5a:6b:62:fa:03:f4:41:
9f:80:c5:04
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYcIBNVaoZkcxqGf+Rc4S5uGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1NDA2NzM4NWE3NjViMWQ1NjE3YzQzMzMxOTU2ZmIy
MDhlODkwHhcNMjMwMzIyMDYzMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ0OTVjNWFmYzUwZDAyODljNzQyYTczNTgyZDQ3MGEyOTUwZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jTo6I7PUJouEXLcTKZlRL7bZ3iw
Fd0tauVlAP0kxj3XTlQQuJIoC6LMstIDpEe3TUI1xEqFBKeeOWRFMo6+TRI9rAv0
LRQnTTHeXb3z0JeZ6D0wHXVYxW+r8Yx7hcQSTHfy/gVIU4O1+I6Q2vtmzeYQrIeP
e+oId2O/9Yug77oYOZCQ4JVq5+y+jwD6qliPhzB128Blsdy8QZwn9EDF8BjNZCho
l00re1IZ4auPRH3Qgg+g9h2y/Cy5G6SQsMH6DCVCrRLuNA0AqLp3bUWFZdEEUj2X
CP2rQf23wia1agTRuM48iZYjhZB4UGrBqdFw3R6wYHKSY3VAtGdOVJ6p4wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJtElcWvxQ0CicdCpzWC1HCilQ79MB8GA1UdIwQY
MBaAFFQ8VAZzhadlsdVhfEMzGVb7II6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4VUJuT0ZwMld4MVdGOFF6TVpWdnNnam9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82M2ZiZjgtNWNmZi00OTkxLThmMjct
YTQxYTQ4MzRlY2FhLzEvbTBTVnhhX0ZEUUtKeDBLbk5ZTFVjS0tWRHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82M2ZiZjgtNWNmZi00OTkxLThmMjctYTQxYTQ4MzRlY2Fh
LzEvVkR4VUJuT0ZwMld4MVdGOFF6TVpWdnNnam9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW+w5AwQC
ucp8MA8EAgACMAkDBwAgAQZ8AQQwDQYJKoZIhvcNAQELBQADggEBAIifdfnvw2pY
Cq6xob9P14YM1hl8u9fJBWlwF3Pe+C3ReXgnJyt+zneoLMgXd9+GsTQvaxyxn7KM
8py9e4ljezT1HI3Ql/lHk9TGYg17RMU/xUMTmjZxomZeUyBSSKKZaza209GqvN8i
KraKBSeML5bE3u0vT3hT9Z4x3OhWFPlGW4lyH5aA8DaKmpuEC/hb9vllQerBKsjT
mNKZkd4NEeON269CXDxU3LwQXwrkffSJfIYJ0ZdApYMOuJTAMq2uo1LL+rZ8aOcr
+v7tfkm1RWGtWhdAqZZeC3M91KsqYKd2JkoHVQAFICFHX7QAgHG/gVWy4n2dWmti
+gP0QZ+AxQQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:57 2025 by rpki-client