Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/tKZC0f9mS2GlGH6SQY2lIUGsAkE.roa
File: tKZC0f9mS2GlGH6SQY2lIUGsAkE.roa (raw, json)
Hash identifier: PETRYzHUJQKAlxg5wvXLAJIrL//4ptJmcFW5eB6fgKQ=
Subject key identifier: B4:A6:42:D1:FF:66:4B:61:A5:18:7E:92:41:8D:A5:21:41:AC:02:41
Certificate issuer: /CN=e31aba3c2f56283ce5c74bce405844c1591babfc
Certificate serial: 07E2A28F
Authority key identifier: E3:1A:BA:3C:2F:56:28:3C:E5:C7:4B:CE:40:58:44:C1:59:1B:AB:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xq6PC9WKDzlx0vOQFhEwVkbq_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/tKZC0f9mS2GlGH6SQY2lIUGsAkE.roa
Signing time: Sat 01 Jan 2022 15:57:32 +0000
ROA not before: Sat 01 Jan 2022 15:57:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199469
IP address blocks: 185.15.112.0/22 maxlen: 22
185.15.112.0/24 maxlen: 24
185.15.115.0/24 maxlen: 24
185.15.114.0/24 maxlen: 24
185.15.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132293263 (0x7e2a28f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e31aba3c2f56283ce5c74bce405844c1591babfc
Validity
Not Before: Jan 1 15:57:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4a642d1ff664b61a5187e92418da52141ac0241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bd:7b:c8:6a:62:2a:35:54:fb:6e:16:18:83:
f3:32:e2:48:cd:1d:77:bb:8b:d3:68:e6:76:a9:fa:
b2:c1:4c:84:8a:a9:97:75:70:a1:bc:5d:a1:e4:4d:
1b:61:54:b1:fd:4f:56:56:d6:22:80:e0:9c:1d:18:
06:ff:a5:d4:d2:37:63:d0:b9:16:ad:82:42:47:c7:
94:8b:6b:de:d3:cd:8f:f7:fa:a6:18:e1:ca:94:91:
4a:5d:ea:a9:0f:05:81:e6:be:70:2c:5f:4b:ed:57:
3c:ba:8f:31:25:68:b0:df:aa:cc:db:19:65:0b:8e:
bc:4e:74:79:04:53:a0:a1:c9:5e:c8:52:5d:35:38:
df:70:83:be:80:c6:f8:2d:42:ef:52:72:b7:38:68:
46:bd:e4:70:56:f2:4d:d1:df:52:9c:50:d6:87:ae:
2a:49:3d:cf:bd:ae:82:1f:49:a1:51:91:56:3b:63:
5f:59:5b:3c:d6:4c:16:65:de:ab:07:55:a5:38:46:
53:af:bb:57:60:5b:3c:1c:84:dc:4f:10:ab:4e:06:
59:89:e8:07:09:1c:42:a9:0e:98:55:52:b4:bd:19:
25:a3:e9:c0:47:25:dd:c7:1f:65:ac:81:7a:72:ad:
1d:33:47:db:fa:fd:07:8b:fc:40:b7:aa:40:8a:a3:
c5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A6:42:D1:FF:66:4B:61:A5:18:7E:92:41:8D:A5:21:41:AC:02:41
X509v3 Authority Key Identifier:
keyid:E3:1A:BA:3C:2F:56:28:3C:E5:C7:4B:CE:40:58:44:C1:59:1B:AB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xq6PC9WKDzlx0vOQFhEwVkbq_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/tKZC0f9mS2GlGH6SQY2lIUGsAkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/4xq6PC9WKDzlx0vOQFhEwVkbq_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.112.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:86:bb:a9:36:7e:79:ba:32:b5:10:5d:5b:40:2d:12:ff:7d:
fe:0c:f9:ef:9b:a6:11:9f:42:ca:4a:0f:aa:c3:4b:32:81:0e:
75:a3:75:dd:89:0e:95:c6:de:90:b1:8c:0a:b9:48:53:66:57:
4f:78:18:b6:c0:10:0a:86:f1:f5:eb:5f:15:b7:ca:cf:1d:bd:
7f:06:9f:c4:25:f9:37:e7:52:d3:03:5b:38:ab:f1:3c:a4:65:
b0:1f:a5:2f:00:4b:11:9c:28:49:b9:70:39:bc:4d:c4:93:0e:
b7:26:d8:e9:9d:44:ec:26:92:33:89:6c:bd:ea:c5:32:43:6e:
3f:cb:37:65:de:9a:51:a0:24:c4:34:f4:14:77:2f:04:7f:4a:
a2:56:43:25:78:3c:46:2e:81:c8:e9:fc:f9:5c:3d:6e:0d:21:
d1:a0:1f:39:b1:3b:aa:65:e0:76:61:2f:7d:79:23:9c:6a:15:
c8:92:66:c1:b7:24:d7:6a:89:b3:15:64:10:6b:fd:27:d7:af:
7e:61:24:0a:4e:12:7b:48:9b:37:bd:be:05:10:5d:31:2d:db:
25:0b:b3:a6:1d:f5:53:7d:38:8e:2a:5f:7b:52:53:d6:ca:ca:
2d:df:f3:47:bf:55:dc:18:45:2c:5b:0e:a0:93:8e:a0:07:37:
7e:97:f6:d7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB+KijzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzFhYmEzYzJmNTYyODNjZTVjNzRiY2U0MDU4NDRjMTU5MWJhYmZjMB4XDTIyMDEw
MTE1NTczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRhNjQyZDFmZjY2
NGI2MWE1MTg3ZTkyNDE4ZGE1MjE0MWFjMDI0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK69e8hqYio1VPtuFhiD8zLiSM0dd7uL02jmdqn6ssFMhIqp
l3VwobxdoeRNG2FUsf1PVlbWIoDgnB0YBv+l1NI3Y9C5Fq2CQkfHlItr3tPNj/f6
phjhypSRSl3qqQ8Fgea+cCxfS+1XPLqPMSVosN+qzNsZZQuOvE50eQRToKHJXshS
XTU433CDvoDG+C1C71JytzhoRr3kcFbyTdHfUpxQ1oeuKkk9z72ugh9JoVGRVjtj
X1lbPNZMFmXeqwdVpThGU6+7V2BbPByE3E8Qq04GWYnoBwkcQqkOmFVStL0ZJaPp
wEcl3ccfZayBenKtHTNH2/r9B4v8QLeqQIqjxZsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS0pkLR/2ZLYaUYfpJBjaUhQawCQTAfBgNVHSMEGDAWgBTjGro8L1YoPOXH
S85AWETBWRur/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR4cTZQQzlXS0R6bHgwdk9RRmhFd1ZrYnFfdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvZjgzMDczLTllODAtNDJmMi1iMGE4LTVmMjgxMzdhNzY1OC8x
L3RLWkMwZjltUzJHbEdINlNRWTJsSVVHc0FrRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
ZjgzMDczLTllODAtNDJmMi1iMGE4LTVmMjgxMzdhNzY1OC8xLzR4cTZQQzlXS0R6
bHgwdk9RRmhFd1ZrYnFfdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkPcDANBgkqhkiG9w0BAQsFAAOC
AQEAoIa7qTZ+eboytRBdW0AtEv99/gz575umEZ9CykoPqsNLMoEOdaN13YkOlcbe
kLGMCrlIU2ZXT3gYtsAQCobx9etfFbfKzx29fwafxCX5N+dS0wNbOKvxPKRlsB+l
LwBLEZwoSblwObxNxJMOtybY6Z1E7CaSM4lsverFMkNuP8s3Zd6aUaAkxDT0FHcv
BH9KolZDJXg8Ri6ByOn8+Vw9bg0h0aAfObE7qmXgdmEvfXkjnGoVyJJmwbck12qJ
sxVkEGv9J9evfmEkCk4Se0ibN72+BRBdMS3bJQuzph31U304jipfe1JT1srKLd/z
R79V3BhFLFsOoJOOoAc3fpf21w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:49 2025 by rpki-client