Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/4ULEzYm7Ig0hxEER0urrGe9x4Pc.roa
File: 4ULEzYm7Ig0hxEER0urrGe9x4Pc.roa (raw, json)
Hash identifier: imAgiOJXPGtbMchjtb1/3lFFyK+VmzpNoW10dqtusbQ=
Subject key identifier: E1:42:C4:CD:89:BB:22:0D:21:C4:41:11:D2:EA:EB:19:EF:71:E0:F7
Certificate issuer: /CN=7f168028ec0dab668a67d5bf6f5358caabe337a8
Certificate serial: 0184C8589A32B9A191EC58A38970D6A2C2A7
Authority key identifier: 7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/4ULEzYm7Ig0hxEER0urrGe9x4Pc.roa
Signing time: Wed 30 Nov 2022 11:42:40 +0000
ROA not before: Wed 30 Nov 2022 11:42:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 185.99.184.0/22 maxlen: 24
185.57.172.0/23 maxlen: 24
185.103.36.0/22 maxlen: 24
185.2.150.0/23 maxlen: 24
185.104.132.0/23 maxlen: 24
185.104.132.0/22 maxlen: 24
185.104.134.0/24 maxlen: 24
185.104.134.0/23 maxlen: 24
146.255.16.0/22 maxlen: 24
185.47.12.0/22 maxlen: 24
146.255.21.0/24 maxlen: 24
146.255.20.0/22 maxlen: 24
146.255.19.0/24 maxlen: 24
185.57.174.0/23 maxlen: 24
5.57.224.0/22 maxlen: 24
185.105.222.0/23 maxlen: 24
185.105.220.0/22 maxlen: 24
2a00:de40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:58:9a:32:b9:a1:91:ec:58:a3:89:70:d6:a2:c2:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f168028ec0dab668a67d5bf6f5358caabe337a8
Validity
Not Before: Nov 30 11:42:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e142c4cd89bb220d21c44111d2eaeb19ef71e0f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:52:41:a1:ef:56:44:91:3e:99:59:71:03:a7:
12:bc:8e:12:47:a3:84:ac:5a:59:ce:f4:9a:27:c0:
81:d9:58:2d:ca:4c:23:66:92:fa:3d:10:4b:71:e9:
30:79:7c:2d:11:61:ff:6f:0d:14:ef:e0:c1:cb:23:
6f:96:8b:75:67:32:93:9e:40:81:49:ac:68:24:2f:
cd:92:72:2a:3e:6f:4d:40:e5:8d:fa:41:e0:71:b2:
8e:36:50:8a:78:2f:ff:66:cc:d6:6a:32:fb:7e:37:
92:7d:0d:58:a3:6e:04:f6:0a:94:09:65:a4:bd:9f:
61:85:d3:42:6e:8f:ef:db:5c:d5:3b:eb:04:aa:28:
8f:cb:8e:58:43:82:d7:46:38:79:ab:e3:fe:34:0c:
ac:83:13:e3:8e:f6:ab:5f:1d:da:f5:5a:38:ce:f9:
5e:cd:4a:df:9c:65:b0:66:00:d3:d5:c0:4b:cd:49:
e2:13:9b:cd:77:1a:26:41:c7:3c:74:cf:63:71:4a:
42:94:ad:a0:e2:7c:94:a7:d3:95:41:85:2b:36:2a:
11:13:05:d2:01:04:9b:11:2a:69:2a:5a:90:e3:78:
08:e6:70:45:1b:78:e8:ed:7e:eb:7d:af:1d:c7:25:
f9:1b:67:62:10:46:46:cc:33:b1:8f:57:90:8e:78:
63:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:42:C4:CD:89:BB:22:0D:21:C4:41:11:D2:EA:EB:19:EF:71:E0:F7
X509v3 Authority Key Identifier:
keyid:7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/4ULEzYm7Ig0hxEER0urrGe9x4Pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.224.0/22
146.255.16.0/21
185.2.150.0/23
185.47.12.0/22
185.57.172.0/22
185.99.184.0/22
185.103.36.0/22
185.104.132.0/22
185.105.220.0/22
IPv6:
2a00:de40::/32
Signature Algorithm: sha256WithRSAEncryption
4d:28:31:8f:c5:ee:31:2d:36:8a:f0:ea:a5:54:10:3f:68:05:
eb:6b:f5:d2:e9:38:62:e4:15:27:0e:5f:0d:2c:68:ec:21:c6:
6a:ab:b4:95:90:01:9a:db:6b:ca:aa:31:67:d0:05:70:4b:2a:
06:6b:14:39:2d:1a:21:3e:ec:07:28:57:72:ee:eb:39:82:ac:
87:f7:7f:2f:11:8f:d0:1e:ca:c1:14:e0:2d:51:b9:84:75:a9:
eb:c7:1f:95:f4:97:2c:e9:24:a4:26:62:2a:2c:2c:dc:bf:bd:
59:74:65:c1:01:53:3a:b1:06:75:1a:54:76:ae:44:03:cb:93:
6e:73:81:21:33:da:6f:08:e4:34:51:cb:6e:4f:08:d9:c8:1d:
e0:4a:64:13:68:ef:8c:55:d0:5b:b0:0f:ec:8a:64:c3:0e:65:
20:d9:16:9b:55:98:17:35:92:55:bf:e0:06:7c:c3:80:69:59:
17:f3:5b:cc:03:f5:79:6c:dd:c2:d9:77:cb:33:03:35:92:f6:
f5:53:00:e4:21:8d:ff:17:dd:81:fd:6a:d5:6c:a4:fe:83:61:
77:3a:84:a1:4c:23:95:70:bd:28:54:07:c5:74:59:ea:a1:b9:
dc:35:0a:92:e3:f7:e2:be:9e:37:eb:33:e2:63:d1:3f:14:f7:
8c:10:d7:65
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYTIWJoyuaGR7FijiXDWosKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMTY4MDI4ZWMwZGFiNjY4YTY3ZDViZjZmNTM1OGNhYWJl
MzM3YTgwHhcNMjIxMTMwMTE0MjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQyYzRjZDg5YmIyMjBkMjFjNDQxMTFkMmVhZWIxOWVmNzFlMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1JBoe9WRJE+mVlxA6cSvI4SR6OE
rFpZzvSaJ8CB2VgtykwjZpL6PRBLcekweXwtEWH/bw0U7+DByyNvlot1ZzKTnkCB
SaxoJC/NknIqPm9NQOWN+kHgcbKONlCKeC//ZszWajL7fjeSfQ1Yo24E9gqUCWWk
vZ9hhdNCbo/v21zVO+sEqiiPy45YQ4LXRjh5q+P+NAysgxPjjvarXx3a9Vo4zvle
zUrfnGWwZgDT1cBLzUniE5vNdxomQcc8dM9jcUpClK2g4nyUp9OVQYUrNioREwXS
AQSbESppKlqQ43gI5nBFG3jo7X7rfa8dxyX5G2diEEZGzDOxj1eQjnhjrQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOFCxM2JuyINIcRBEdLq6xnvceD3MB8GA1UdIwQY
MBaAFH8WgCjsDatmimfVv29TWMqr4zeoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnhhQUtPd05xMmFLWjlXX2IxTll5cXZqTjZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTUyODYtZmQ0ZC00OWZlLWE2OWUt
N2ZhZGY1MGEyZTM3LzEvNFVMRXpZbTdJZzBoeEVFUjB1cnJHZTl4NFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTUyODYtZmQ0ZC00OWZlLWE2OWUtN2ZhZGY1MGEyZTM3
LzEvZnhhQUtPd05xMmFLWjlXX2IxTll5cXZqTjZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCBTngAwQD
kv8QAwQBuQKWAwQCuS8MAwQCuTmsAwQCuWO4AwQCuWckAwQCuWiEAwQCuWncMA0E
AgACMAcDBQAqAN5AMA0GCSqGSIb3DQEBCwUAA4IBAQBNKDGPxe4xLTaK8OqlVBA/
aAXra/XS6Thi5BUnDl8NLGjsIcZqq7SVkAGa22vKqjFn0AVwSyoGaxQ5LRohPuwH
KFdy7us5gqyH938vEY/QHsrBFOAtUbmEdanrxx+V9Jcs6SSkJmIqLCzcv71ZdGXB
AVM6sQZ1GlR2rkQDy5Nuc4EhM9pvCOQ0UctuTwjZyB3gSmQTaO+MVdBbsA/simTD
DmUg2RabVZgXNZJVv+AGfMOAaVkX81vMA/V5bN3C2XfLMwM1kvb1UwDkIY3/F92B
/WrVbKT+g2F3OoShTCOVcL0oVAfFdFnqobncNQqS4/fivp436zPiY9E/FPeMENdl
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:11:35 2025 by rpki-client