Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/eF7Q9_eQOmTzfE4_J-k_b-06khU.roa
File: eF7Q9_eQOmTzfE4_J-k_b-06khU.roa (raw, json)
Hash identifier: fdGDTtS0u5tL2IDNEGpe7F9KV/nkHc8UpD3mDc6i9rw=
Subject key identifier: 78:5E:D0:F7:F7:90:3A:64:F3:7C:4E:3F:27:E9:3F:6F:ED:3A:92:15
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01890B3B3921D09BEB4F4430F1DFC1192C09
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/eF7Q9_eQOmTzfE4_J-k_b-06khU.roa
Signing time: Fri 30 Jun 2023 07:36:17 +0000
ROA not before: Fri 30 Jun 2023 07:36:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12414
IP address blocks: 217.26.96.0/20 maxlen: 24
82.139.64.0/18 maxlen: 24
185.117.108.0/22 maxlen: 24
5.199.144.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:3b:39:21:d0:9b:eb:4f:44:30:f1:df:c1:19:2c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jun 30 07:36:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=785ed0f7f7903a64f37c4e3f27e93f6fed3a9215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6b:5d:3c:71:1f:3e:46:f2:4c:09:05:37:1c:
47:1d:f5:84:ed:2f:44:ce:60:10:52:d7:6b:b6:06:
68:30:b2:d6:03:7f:4e:59:15:df:4a:5f:de:3e:e2:
c2:11:3c:73:67:ef:a8:d2:ce:40:4f:e5:b4:20:b1:
a2:88:59:db:0f:50:a8:af:44:86:85:84:9a:9a:6d:
01:80:0b:9c:55:ba:9f:90:90:9e:05:d7:b8:fc:33:
d6:e2:dc:95:b9:78:33:34:30:78:32:8d:f5:69:f5:
ff:97:81:d5:73:63:82:aa:12:ed:ea:66:64:c3:a1:
35:81:fc:d1:de:f8:4a:c5:22:6c:14:65:cf:c2:9d:
91:3f:8e:16:b5:da:b0:25:51:8e:7b:eb:78:be:ea:
a4:5e:83:24:7a:6a:11:08:8f:48:25:ec:b8:e8:d5:
2e:c3:d6:59:f9:2c:53:31:ac:72:55:3b:35:60:a4:
4d:91:92:c4:43:c3:e5:17:45:6a:cd:31:14:87:1a:
5e:49:81:41:47:4d:85:92:28:71:bb:ee:99:82:59:
f3:39:75:8f:21:31:68:9b:6d:c5:30:f7:71:8b:35:
65:7e:cc:b5:d4:a2:a0:20:cb:f0:2c:4f:73:86:c2:
e3:a3:c8:61:f7:9f:5f:9e:eb:0a:da:85:54:fe:5c:
0d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5E:D0:F7:F7:90:3A:64:F3:7C:4E:3F:27:E9:3F:6F:ED:3A:92:15
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/eF7Q9_eQOmTzfE4_J-k_b-06khU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.144.0/20
82.139.64.0/18
185.117.108.0/22
217.26.96.0/20
Signature Algorithm: sha256WithRSAEncryption
5a:6c:0a:a9:85:b4:fc:73:be:85:b0:87:c0:dc:ed:6e:4e:e3:
d5:f2:ea:7f:5f:d1:a3:59:83:87:26:8a:a0:fa:03:79:2d:04:
f2:fa:4a:27:89:8d:72:cc:ba:ab:d0:04:79:24:ed:fb:93:d0:
29:e3:01:80:95:93:6e:16:22:87:dc:30:e4:e8:80:18:ec:08:
f3:af:bb:9e:12:77:a8:ff:ee:91:b1:90:3f:b5:c1:06:f5:64:
9e:8f:02:f9:5e:1c:8e:e2:2b:04:e7:88:d5:d8:1e:99:bf:2e:
9a:4e:b9:c0:b8:54:4c:06:82:f5:56:6c:0c:83:24:fb:24:07:
58:7f:d3:7d:30:00:06:e2:e1:43:4d:00:f7:0c:ff:82:70:4a:
33:2d:e9:f1:cb:98:3b:8e:29:a6:23:20:39:29:b3:f1:aa:d9:
31:49:ff:bd:21:b5:fc:50:55:84:1a:b6:fe:91:49:f4:d7:65:
2a:54:2e:ab:b8:e7:69:87:68:34:d9:3f:8c:e1:26:98:89:e1:
66:9b:97:9b:78:27:70:7e:39:e5:ad:f2:e5:7f:00:79:ad:bc:
26:07:51:c3:39:86:4c:ca:6f:94:0b:6c:9c:a9:a6:f2:a9:bc:
2e:f8:4a:c4:f4:a5:12:5c:68:8b:28:cf:8d:7b:24:1f:cf:6b:
81:fd:ad:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkLOzkh0JvrT0Qw8d/BGSwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwNjMwMDczNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODVlZDBmN2Y3OTAzYTY0ZjM3YzRlM2YyN2U5M2Y2ZmVkM2E5MjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGtdPHEfPkbyTAkFNxxHHfWE7S9E
zmAQUtdrtgZoMLLWA39OWRXfSl/ePuLCETxzZ++o0s5AT+W0ILGiiFnbD1Cor0SG
hYSamm0BgAucVbqfkJCeBde4/DPW4tyVuXgzNDB4Mo31afX/l4HVc2OCqhLt6mZk
w6E1gfzR3vhKxSJsFGXPwp2RP44WtdqwJVGOe+t4vuqkXoMkemoRCI9IJey46NUu
w9ZZ+SxTMaxyVTs1YKRNkZLEQ8PlF0VqzTEUhxpeSYFBR02Fkihxu+6ZglnzOXWP
ITFom23FMPdxizVlfsy11KKgIMvwLE9zhsLjo8hh959fnusK2oVU/lwNnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHhe0Pf3kDpk83xOPyfpP2/tOpIVMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvZUY3UTlfZVFPbVR6ZkU0X0ota19iLTA2a2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBceQAwQG
UotAAwQCuXVsAwQE2RpgMA0GCSqGSIb3DQEBCwUAA4IBAQBabAqphbT8c76FsIfA
3O1uTuPV8up/X9GjWYOHJoqg+gN5LQTy+koniY1yzLqr0AR5JO37k9Ap4wGAlZNu
FiKH3DDk6IAY7Ajzr7ueEneo/+6RsZA/tcEG9WSejwL5XhyO4isE54jV2B6Zvy6a
TrnAuFRMBoL1VmwMgyT7JAdYf9N9MAAG4uFDTQD3DP+CcEozLenxy5g7jimmIyA5
KbPxqtkxSf+9IbX8UFWEGrb+kUn012UqVC6ruOdph2g02T+M4SaYieFmm5ebeCdw
fjnlrfLlfwB5rbwmB1HDOYZMym+UC2ycqabyqbwu+ErE9KUSXGiLKM+NeyQfz2uB
/a1h
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:40 2025 by rpki-client