Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/Ca4SNuiTK0lLsIy7PXpe1l38nIk.roa
File: Ca4SNuiTK0lLsIy7PXpe1l38nIk.roa (raw, json)
Hash identifier: az/Qn84BXSVJRvzVYo5lX0dqeKnkwtrCge/AJGATdT4=
Subject key identifier: 09:AE:12:36:E8:93:2B:49:4B:B0:8C:BB:3D:7A:5E:D6:5D:FC:9C:89
Certificate issuer: /CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Certificate serial: 0188BB518ACCDE9C8BAFF1A50D506690B1AB
Authority key identifier: 7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/Ca4SNuiTK0lLsIy7PXpe1l38nIk.roa
Signing time: Wed 14 Jun 2023 19:11:03 +0000
ROA not before: Wed 14 Jun 2023 19:11:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41344
IP address blocks: 185.124.176.0/22 maxlen: 22
185.124.177.0/24 maxlen: 24
31.185.13.0/24 maxlen: 24
31.185.12.0/24 maxlen: 24
89.249.233.0/24 maxlen: 24
89.249.232.0/24 maxlen: 24
89.249.231.0/24 maxlen: 24
31.185.15.0/24 maxlen: 24
31.185.14.0/24 maxlen: 24
89.249.235.0/24 maxlen: 24
89.249.239.0/24 maxlen: 24
89.249.238.0/24 maxlen: 24
89.249.237.0/24 maxlen: 24
89.249.236.0/24 maxlen: 24
31.185.11.0/24 maxlen: 24
89.249.226.0/24 maxlen: 24
31.185.10.0/24 maxlen: 24
31.185.9.0/24 maxlen: 24
31.185.8.0/21 maxlen: 21
89.249.224.0/20 maxlen: 20
31.185.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bb:51:8a:cc:de:9c:8b:af:f1:a5:0d:50:66:90:b1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Validity
Not Before: Jun 14 19:11:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09ae1236e8932b494bb08cbb3d7a5ed65dfc9c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:52:7c:bf:7e:7d:87:27:32:fa:90:cf:64:78:
37:94:27:b0:58:bf:b2:ff:2b:6d:c0:18:00:6b:25:
89:73:4f:82:1f:1d:79:15:e4:89:2b:a5:5e:96:b1:
29:af:dd:48:97:5e:d2:ba:11:32:cd:3e:ab:8f:3e:
3b:2b:35:ef:3d:ce:92:bd:c5:14:ec:47:f6:ad:d2:
ff:6a:26:fa:c7:f6:6e:dc:e1:2b:7a:cd:80:d0:b5:
67:6d:37:dc:c0:70:7c:8d:39:c1:c0:15:db:cf:4e:
f6:7d:3a:bf:8a:04:60:4f:61:3f:df:be:5f:c0:73:
69:72:7a:41:1c:cc:9a:62:d4:6c:ff:0f:45:43:38:
38:6a:fb:c6:35:07:33:aa:21:35:76:a8:8c:e1:7b:
db:3e:bd:e8:d7:82:2b:63:c5:51:68:c6:a4:43:a5:
8a:94:a0:2e:32:2c:bb:3a:ba:7d:69:da:64:81:9a:
49:53:8b:21:2e:0f:4b:79:3d:0f:e3:6a:55:84:6b:
c0:79:c4:27:37:7c:1b:0d:29:e9:e8:78:0f:ca:15:
49:9f:f7:a6:9a:b1:67:9b:99:4d:f3:d1:81:75:70:
5e:6e:03:48:6e:0a:ad:e2:23:f1:f8:ba:5e:64:41:
ad:70:c5:4b:c3:41:80:0d:55:2a:f6:b5:c7:c1:c3:
7f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AE:12:36:E8:93:2B:49:4B:B0:8C:BB:3D:7A:5E:D6:5D:FC:9C:89
X509v3 Authority Key Identifier:
keyid:7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/Ca4SNuiTK0lLsIy7PXpe1l38nIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.8.0/21
89.249.224.0/20
185.124.176.0/22
Signature Algorithm: sha256WithRSAEncryption
02:64:3d:e6:1b:56:98:c5:c0:59:11:90:73:c2:a1:d0:4b:bd:
9d:01:9f:44:a5:09:cd:70:0e:57:ee:70:c9:44:e7:8a:a8:8e:
39:a7:08:11:ec:dc:6d:b4:7e:64:78:c4:78:f3:5b:f8:f0:f4:
23:b1:71:fe:66:ba:3b:eb:fd:d3:94:c4:82:db:b4:cf:8e:06:
94:04:76:64:8f:18:d2:0c:2c:d5:8c:7e:60:7f:82:46:4c:56:
e8:0e:1a:5c:09:49:5a:1d:3a:3b:a8:63:53:1e:ef:aa:55:a0:
6f:74:1b:69:e1:1f:71:62:a5:dd:d3:86:d6:ab:92:3f:46:d0:
a5:c0:3c:47:59:03:7a:7a:59:b2:78:6f:4e:7d:77:cd:c5:02:
b8:21:11:5b:95:c0:2c:26:67:e3:d3:85:3c:9b:5f:20:bd:d8:
35:cd:33:9a:1f:d3:86:f9:3a:38:8f:2a:f0:17:79:53:0f:bb:
0f:96:3f:1f:c9:cc:ef:e4:18:38:44:77:f9:cd:5c:a0:c1:48:
bc:70:b6:26:ed:15:6d:2c:03:12:e3:c6:e8:5f:2a:e6:ef:18:
97:bd:80:d7:13:d7:c9:fc:b9:ee:fd:41:2f:ec:3b:b0:36:65:
3d:70:c9:41:a1:b6:9b:9c:5e:09:87:7a:dc:a7:0a:14:b1:ee:
e6:1d:a0:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYi7UYrM3pyLr/GlDVBmkLGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDU5OTdlZDA3NWMyMjk4YjQ2MTIyNWUxMDYwZjU3N2Ix
ZDdkNGQwHhcNMjMwNjE0MTkxMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWFlMTIzNmU4OTMyYjQ5NGJiMDhjYmIzZDdhNWVkNjVkZmM5Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/FJ8v359hycy+pDPZHg3lCewWL+y
/yttwBgAayWJc0+CHx15FeSJK6VelrEpr91Il17SuhEyzT6rjz47KzXvPc6SvcUU
7Ef2rdL/aib6x/Zu3OEres2A0LVnbTfcwHB8jTnBwBXbz072fTq/igRgT2E/375f
wHNpcnpBHMyaYtRs/w9FQzg4avvGNQczqiE1dqiM4XvbPr3o14IrY8VRaMakQ6WK
lKAuMiy7Orp9adpkgZpJU4shLg9LeT0P42pVhGvAecQnN3wbDSnp6HgPyhVJn/em
mrFnm5lN89GBdXBebgNIbgqt4iPx+LpeZEGtcMVLw0GADVUq9rXHwcN/UQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAmuEjbokytJS7CMuz16XtZd/JyJMB8GA1UdIwQY
MBaAFHvVmX7QdcIpi0YSJeEGD1d7HX1NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUt
NWFjN2YwNjYyMzBiLzEvQ2E0U051aVRLMGxMc0l5N1BYcGUxbDM4bklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUtNWFjN2YwNjYyMzBi
LzEvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH7kIAwQE
WfngAwQCuXywMA0GCSqGSIb3DQEBCwUAA4IBAQACZD3mG1aYxcBZEZBzwqHQS72d
AZ9EpQnNcA5X7nDJROeKqI45pwgR7NxttH5keMR481v48PQjsXH+Zro76/3TlMSC
27TPjgaUBHZkjxjSDCzVjH5gf4JGTFboDhpcCUlaHTo7qGNTHu+qVaBvdBtp4R9x
YqXd04bWq5I/RtClwDxHWQN6elmyeG9OfXfNxQK4IRFblcAsJmfj04U8m18gvdg1
zTOaH9OG+To4jyrwF3lTD7sPlj8fyczv5Bg4RHf5zVygwUi8cLYm7RVtLAMS48bo
Xyrm7xiXvYDXE9fJ/Lnu/UEv7DuwNmU9cMlBobabnF4Jh3rcpwoUse7mHaAL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:33 2025 by rpki-client