Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/f907c8-53a3-457a-8d05-963b25fa3068/1/24orW7WgB9qNi8JFB-2n0-3Pm2g.roa
File: 24orW7WgB9qNi8JFB-2n0-3Pm2g.roa (raw, json)
Hash identifier: OZPaGbEIrVcjzN4Ap9psqBeNsvKBphJ5Xa/mZISGqZ4=
Subject key identifier: DB:8A:2B:5B:B5:A0:07:DA:8D:8B:C2:45:07:ED:A7:D3:ED:CF:9B:68
Certificate issuer: /CN=cdc9814a82ccb68f51c37bf83ae6cf578244ca1a
Certificate serial: 052EC15D
Authority key identifier: CD:C9:81:4A:82:CC:B6:8F:51:C3:7B:F8:3A:E6:CF:57:82:44:CA:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zcmBSoLMto9Rw3v4OubPV4JEyho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/f907c8-53a3-457a-8d05-963b25fa3068/1/24orW7WgB9qNi8JFB-2n0-3Pm2g.roa
Signing time: Sat 01 Jan 2022 14:05:44 +0000
ROA not before: Sat 01 Jan 2022 14:05:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42065
IP address blocks: 83.243.64.0/21 maxlen: 21
83.243.64.0/24 maxlen: 24
83.243.66.0/24 maxlen: 24
83.243.70.0/24 maxlen: 24
83.243.67.0/24 maxlen: 24
83.243.71.0/24 maxlen: 24
83.243.68.0/24 maxlen: 24
83.243.65.0/24 maxlen: 24
193.218.140.0/22 maxlen: 22
193.218.140.0/23 maxlen: 23
193.218.142.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86950237 (0x52ec15d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdc9814a82ccb68f51c37bf83ae6cf578244ca1a
Validity
Not Before: Jan 1 14:05:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db8a2b5bb5a007da8d8bc24507eda7d3edcf9b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:31:27:c7:2d:3d:35:77:42:64:9b:76:da:b2:
9e:92:c7:5e:0c:d6:04:c7:f1:b8:27:02:6d:a4:8a:
99:6a:c6:fd:5f:92:c9:01:22:48:ca:91:ce:69:a8:
3c:da:d4:98:53:ba:f0:17:22:cc:70:c6:b1:32:08:
c9:2c:48:a8:97:2c:51:77:86:60:93:04:99:50:7d:
8e:8a:30:5b:b2:a9:49:4f:59:73:07:e1:34:55:f6:
93:e0:91:57:4f:ad:42:25:5d:0d:09:b7:46:0c:ad:
2d:22:86:ae:3a:bc:60:05:63:85:aa:17:70:16:7b:
1e:64:77:48:76:1c:5f:df:3d:9a:de:f1:d3:9f:51:
0e:4e:40:94:77:f8:e6:69:ea:2d:25:ea:1e:02:07:
c4:cc:ba:43:2f:8d:ea:55:90:f3:30:3d:5d:e0:35:
80:6f:d2:98:4a:6c:f4:99:c9:20:0e:65:19:4d:dc:
ca:82:b4:c8:f5:bd:66:3e:99:9a:24:3e:f3:52:71:
b6:d2:3f:86:c6:53:d4:3c:b7:c7:77:18:19:01:d6:
42:3c:97:c9:6e:57:97:e8:17:42:10:75:f6:f0:8f:
26:be:15:12:37:af:c1:68:3e:9a:f0:61:45:18:3d:
fd:c9:46:c2:35:78:af:15:ce:2d:24:68:34:2e:9d:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8A:2B:5B:B5:A0:07:DA:8D:8B:C2:45:07:ED:A7:D3:ED:CF:9B:68
X509v3 Authority Key Identifier:
keyid:CD:C9:81:4A:82:CC:B6:8F:51:C3:7B:F8:3A:E6:CF:57:82:44:CA:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zcmBSoLMto9Rw3v4OubPV4JEyho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f907c8-53a3-457a-8d05-963b25fa3068/1/24orW7WgB9qNi8JFB-2n0-3Pm2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f907c8-53a3-457a-8d05-963b25fa3068/1/zcmBSoLMto9Rw3v4OubPV4JEyho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.64.0/21
193.218.140.0/22
Signature Algorithm: sha256WithRSAEncryption
86:39:10:9f:88:a5:c9:47:43:d9:bc:7f:2a:aa:c7:17:63:7a:
ff:0c:44:dd:a9:bf:c5:84:20:4e:b0:68:23:8c:97:5d:c1:e4:
7a:eb:b5:77:df:da:d6:ab:f7:ca:8e:57:5b:f7:71:11:f5:f6:
bd:9d:05:08:49:63:1d:43:41:e6:23:33:a1:48:53:33:95:d8:
ff:3c:1a:fd:e2:4e:41:08:c1:0f:4b:c9:23:64:3c:b1:47:fe:
5e:b5:e7:76:8c:d9:97:82:bd:3c:73:52:91:93:b2:95:78:06:
32:7b:c7:28:b4:de:cf:2a:b9:ff:2b:ca:5c:e0:f0:d6:90:e5:
84:f5:bc:ac:42:91:76:de:4a:d7:7d:bf:0c:e5:4a:47:60:c5:
1b:2d:0d:df:dc:6c:40:90:ee:df:03:04:8c:99:74:50:de:5c:
54:cb:d2:22:91:dc:04:0c:e5:f0:57:d6:0e:96:41:0e:d4:53:
9f:3b:d5:77:26:d1:ac:14:af:5c:77:ca:3c:7c:ed:bc:04:4a:
50:4b:50:d0:8a:6d:bf:c7:53:5e:e6:dc:f9:f9:f4:65:94:46:
0c:c4:56:3c:29:a5:03:c8:ba:c9:b9:87:d5:cf:76:d2:06:8f:
b6:30:c1:af:87:eb:e2:c0:27:bf:5f:26:e9:7e:bd:41:6d:cf:
69:9d:57:b0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBS7BXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZGM5ODE0YTgyY2NiNjhmNTFjMzdiZjgzYWU2Y2Y1NzgyNDRjYTFhMB4XDTIyMDEw
MTE0MDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI4YTJiNWJiNWEw
MDdkYThkOGJjMjQ1MDdlZGE3ZDNlZGNmOWI2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwxJ8ctPTV3QmSbdtqynpLHXgzWBMfxuCcCbaSKmWrG/V+S
yQEiSMqRzmmoPNrUmFO68BcizHDGsTIIySxIqJcsUXeGYJMEmVB9joowW7KpSU9Z
cwfhNFX2k+CRV0+tQiVdDQm3RgytLSKGrjq8YAVjhaoXcBZ7HmR3SHYcX989mt7x
059RDk5AlHf45mnqLSXqHgIHxMy6Qy+N6lWQ8zA9XeA1gG/SmEps9JnJIA5lGU3c
yoK0yPW9Zj6ZmiQ+81JxttI/hsZT1Dy3x3cYGQHWQjyXyW5Xl+gXQhB19vCPJr4V
EjevwWg+mvBhRRg9/clGwjV4rxXOLSRoNC6dxCUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTbiitbtaAH2o2LwkUH7afT7c+baDAfBgNVHSMEGDAWgBTNyYFKgsy2j1HD
e/g65s9XgkTKGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pjbUJTb0xNdG85UnczdjRPdWJQVjRKRXloby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvZjkwN2M4LTUzYTMtNDU3YS04ZDA1LTk2M2IyNWZhMzA2OC8x
LzI0b3JXN1dnQjlxTmk4SkZCLTJuMC0zUG0yZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
ZjkwN2M4LTUzYTMtNDU3YS04ZDA1LTk2M2IyNWZhMzA2OC8xL3pjbUJTb0xNdG85
UnczdjRPdWJQVjRKRXloby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1PzQAMEAsHajDANBgkqhkiG9w0B
AQsFAAOCAQEAhjkQn4ilyUdD2bx/KqrHF2N6/wxE3am/xYQgTrBoI4yXXcHkeuu1
d9/a1qv3yo5XW/dxEfX2vZ0FCEljHUNB5iMzoUhTM5XY/zwa/eJOQQjBD0vJI2Q8
sUf+XrXndozZl4K9PHNSkZOylXgGMnvHKLTezyq5/yvKXODw1pDlhPW8rEKRdt5K
132/DOVKR2DFGy0N39xsQJDu3wMEjJl0UN5cVMvSIpHcBAzl8FfWDpZBDtRTnzvV
dybRrBSvXHfKPHztvARKUEtQ0Iptv8dTXubc+fn0ZZRGDMRWPCmlA8i6ybmH1c92
0gaPtjDBr4fr4sAnv18m6X69QW3PaZ1XsA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:20 2025 by rpki-client