Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/pTEFi-fTb6_aOFeR8DgS4uB3DDo.roa
File: pTEFi-fTb6_aOFeR8DgS4uB3DDo.roa (raw, json)
Hash identifier: Zs/26uQa/FiLWp9k/qr9rhzes4zzOvypowDPwtAuftM=
Subject key identifier: A5:31:05:8B:E7:D3:6F:AF:DA:38:57:91:F0:38:12:E2:E0:77:0C:3A
Certificate issuer: /CN=58d2a356a5478155beaa8bc6256a86f6d5b3f73c
Certificate serial: 37AA8D01
Authority key identifier: 58:D2:A3:56:A5:47:81:55:BE:AA:8B:C6:25:6A:86:F6:D5:B3:F7:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNKjVqVHgVW-qovGJWqG9tWz9zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/pTEFi-fTb6_aOFeR8DgS4uB3DDo.roa
Signing time: Sat 01 Jan 2022 16:11:23 +0000
ROA not before: Sat 01 Jan 2022 16:11:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16218
IP address blocks: 217.113.32.0/20 maxlen: 20
185.60.208.0/22 maxlen: 22
2a02:ea0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 933924097 (0x37aa8d01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2a356a5478155beaa8bc6256a86f6d5b3f73c
Validity
Not Before: Jan 1 16:11:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a531058be7d36fafda385791f03812e2e0770c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:01:4b:f7:5a:52:aa:1c:c2:69:6d:dc:6a:2a:
04:e1:33:90:e4:49:30:5d:44:ad:a7:36:ec:92:38:
17:23:33:56:39:9f:ad:a8:7c:a2:08:2a:d1:57:3f:
5c:7e:fb:ef:40:a7:c6:d3:0e:27:73:69:ef:89:69:
3e:6f:cd:7a:3c:99:ed:13:2e:e7:fb:61:f1:33:53:
96:8d:60:6b:0d:36:81:c8:36:b8:d7:50:de:36:27:
cc:cb:8d:48:02:53:37:dc:a9:f5:a6:a0:b5:08:8f:
17:86:fb:5e:a1:bb:ff:e4:88:6d:f9:77:8b:7f:15:
72:52:83:92:0d:dd:7e:15:55:f5:b8:42:f9:33:75:
65:8e:2d:30:ea:da:9f:ba:1d:f2:49:58:e6:e3:31:
73:0b:1f:4d:2d:50:8c:6a:48:69:28:db:2e:4d:28:
15:16:f3:72:39:04:a9:19:10:f5:b7:f4:c2:d3:60:
a4:29:26:6a:0e:8d:f2:c1:03:73:a3:d1:78:73:dc:
d6:51:fb:3a:de:ec:09:0e:8c:fc:c5:3b:d1:1e:e5:
00:40:8d:b7:9e:34:de:22:00:c0:6c:45:f2:c5:cd:
3b:4f:f7:05:07:dc:9d:60:8b:c1:3f:e3:37:1d:52:
a2:18:18:a0:35:e2:17:d4:2e:a7:da:e5:41:31:59:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:31:05:8B:E7:D3:6F:AF:DA:38:57:91:F0:38:12:E2:E0:77:0C:3A
X509v3 Authority Key Identifier:
keyid:58:D2:A3:56:A5:47:81:55:BE:AA:8B:C6:25:6A:86:F6:D5:B3:F7:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNKjVqVHgVW-qovGJWqG9tWz9zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/pTEFi-fTb6_aOFeR8DgS4uB3DDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/WNKjVqVHgVW-qovGJWqG9tWz9zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.208.0/22
217.113.32.0/20
IPv6:
2a02:ea0::/29
Signature Algorithm: sha256WithRSAEncryption
87:98:ee:26:a3:a4:31:0c:9c:ac:3f:e5:dc:2d:0f:e9:3a:12:
d9:f6:09:8d:9f:5a:fe:4e:38:5a:52:e8:e8:b1:bd:b7:d7:dc:
3d:23:f1:67:61:9c:33:4c:40:7b:c6:92:82:33:fd:2f:55:10:
24:78:bf:5f:91:1e:b9:8a:b6:b3:a6:a5:13:cd:1b:9f:4a:a9:
3f:e8:b3:c4:e7:2c:aa:87:dc:9d:35:98:08:c8:4c:8f:e0:01:
5f:39:f9:8b:29:f5:19:9d:9a:15:d8:36:f7:05:af:1e:b0:00:
f7:e7:18:89:4a:d6:cd:76:13:01:01:63:8f:65:e5:8d:a4:fe:
e6:7e:b4:2a:b0:72:49:86:b6:21:95:00:39:37:52:05:d4:c7:
95:c0:3b:dc:83:d5:d0:2f:20:ee:ad:4c:91:6f:e2:41:d0:e4:
54:c6:b2:99:97:1d:7c:4e:dd:c1:55:33:0c:95:b5:ea:7d:6c:
f2:58:fc:2e:00:6f:bb:21:7b:d4:53:08:ec:85:26:06:fa:03:
02:a7:f5:b2:4a:06:6c:59:d9:b1:18:88:c9:4e:05:0f:10:4d:
53:ee:10:56:54:77:aa:6e:19:9a:7f:dc:fd:ac:f1:89:cc:59:
38:23:ac:a0:26:94:bf:92:55:88:e6:a2:4a:36:25:d7:81:71:
ad:6d:22:ca
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEN6qNATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OGQyYTM1NmE1NDc4MTU1YmVhYThiYzYyNTZhODZmNmQ1YjNmNzNjMB4XDTIyMDEw
MTE2MTEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUzMTA1OGJlN2Qz
NmZhZmRhMzg1NzkxZjAzODEyZTJlMDc3MGMzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKABS/daUqocwmlt3GoqBOEzkORJMF1Erac27JI4FyMzVjmf
rah8oggq0Vc/XH7770CnxtMOJ3Np74lpPm/NejyZ7RMu5/th8TNTlo1gaw02gcg2
uNdQ3jYnzMuNSAJTN9yp9aagtQiPF4b7XqG7/+SIbfl3i38VclKDkg3dfhVV9bhC
+TN1ZY4tMOran7od8klY5uMxcwsfTS1QjGpIaSjbLk0oFRbzcjkEqRkQ9bf0wtNg
pCkmag6N8sEDc6PReHPc1lH7Ot7sCQ6M/MU70R7lAECNt5403iIAwGxF8sXNO0/3
BQfcnWCLwT/jNx1SohgYoDXiF9Qup9rlQTFZwT8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSlMQWL59Nvr9o4V5HwOBLi4HcMOjAfBgNVHSMEGDAWgBRY0qNWpUeBVb6q
i8Ylaob21bP3PDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dOS2pWcVZIZ1ZXLXFvdkdKV3FHOXRXejl6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvZDVhZmMyLWIwNGMtNDQ2ZC05YTA0LTkwNTMwNTRhNWNhYi8x
L3BURUZpLWZUYjZfYU9GZVI4RGdTNHVCM0REby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
ZDVhZmMyLWIwNGMtNDQ2ZC05YTA0LTkwNTMwNTRhNWNhYi8xL1dOS2pWcVZIZ1ZX
LXFvdkdKV3FHOXRXejl6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArk80AMEBNlxIDANBAIAAjAHAwUD
KgIOoDANBgkqhkiG9w0BAQsFAAOCAQEAh5juJqOkMQycrD/l3C0P6ToS2fYJjZ9a
/k44WlLo6LG9t9fcPSPxZ2GcM0xAe8aSgjP9L1UQJHi/X5EeuYq2s6alE80bn0qp
P+izxOcsqofcnTWYCMhMj+ABXzn5iyn1GZ2aFdg29wWvHrAA9+cYiUrWzXYTAQFj
j2XljaT+5n60KrBySYa2IZUAOTdSBdTHlcA73IPV0C8g7q1MkW/iQdDkVMaymZcd
fE7dwVUzDJW16n1s8lj8LgBvuyF71FMI7IUmBvoDAqf1skoGbFnZsRiIyU4FDxBN
U+4QVlR3qm4Zmn/c/azxicxZOCOsoCaUv5JViOaiSjYl14FxrW0iyg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:32 2025 by rpki-client