Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/ekvoGas43tEQQMWFcQy13kCg9z0.roa
File: ekvoGas43tEQQMWFcQy13kCg9z0.roa (raw, json)
Hash identifier: nQnoEt1qqUTaCXGMpVB6HQLGVLUE77yXdZJvPQbYSJk=
Subject key identifier: 7A:4B:E8:19:AB:38:DE:D1:10:40:C5:85:71:0C:B5:DE:40:A0:F7:3D
Certificate issuer: /CN=2f88a53fcb96777f99e02df8940dd040b454cd1c
Certificate serial: 076E2810
Authority key identifier: 2F:88:A5:3F:CB:96:77:7F:99:E0:2D:F8:94:0D:D0:40:B4:54:CD:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4ilP8uWd3-Z4C34lA3QQLRUzRw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/ekvoGas43tEQQMWFcQy13kCg9z0.roa
Signing time: Sat 01 Jan 2022 15:02:24 +0000
ROA not before: Sat 01 Jan 2022 15:02:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49770
IP address blocks: 185.154.108.0/22 maxlen: 24
95.143.192.0/20 maxlen: 24
2a03:d780::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124659728 (0x76e2810)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f88a53fcb96777f99e02df8940dd040b454cd1c
Validity
Not Before: Jan 1 15:02:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a4be819ab38ded11040c585710cb5de40a0f73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:22:df:91:f6:80:f0:3d:30:96:65:8f:a5:d0:
70:d6:e2:11:ec:76:46:83:1e:f0:36:6a:b8:05:c6:
e0:54:2d:2e:c5:f7:a4:07:eb:22:61:96:71:f0:31:
75:24:a6:0c:06:40:09:ef:2a:13:77:54:b5:6a:57:
8f:f6:26:af:0d:fc:e0:6a:0c:ac:8a:16:29:da:16:
9a:95:17:9a:af:ad:2d:74:a9:ec:31:d0:c0:c1:52:
6d:b8:0c:4f:b0:fe:fc:6c:ad:43:8d:ce:51:bf:3a:
9e:ff:0a:6f:d8:6c:3f:8b:0b:59:3b:04:4b:c4:32:
a1:1a:6a:89:3a:c5:0f:55:57:dd:d6:c6:8d:78:d9:
db:31:d6:7d:22:ea:a8:96:72:53:d9:07:14:c6:73:
d4:aa:4d:fb:31:31:57:74:28:91:29:36:01:92:27:
05:9d:6d:50:6d:e6:14:e4:94:f6:a7:bc:c0:5e:62:
e2:2d:1d:29:79:06:70:2a:80:3e:7d:e9:62:3b:fd:
05:e3:30:ad:81:2d:41:85:f4:ee:12:01:2a:24:2d:
54:b3:de:e0:41:53:58:15:82:16:68:81:36:61:a5:
df:b0:12:03:05:e8:bb:11:b2:7a:20:d3:61:02:9c:
7c:be:a7:13:bb:86:a9:ee:84:af:25:52:16:73:37:
a8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4B:E8:19:AB:38:DE:D1:10:40:C5:85:71:0C:B5:DE:40:A0:F7:3D
X509v3 Authority Key Identifier:
keyid:2F:88:A5:3F:CB:96:77:7F:99:E0:2D:F8:94:0D:D0:40:B4:54:CD:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4ilP8uWd3-Z4C34lA3QQLRUzRw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/ekvoGas43tEQQMWFcQy13kCg9z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/L4ilP8uWd3-Z4C34lA3QQLRUzRw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.143.192.0/20
185.154.108.0/22
IPv6:
2a03:d780::/32
Signature Algorithm: sha256WithRSAEncryption
29:8e:c4:4b:02:b6:59:bb:5f:2d:03:76:86:bf:7c:89:95:cf:
5a:ea:04:e9:9b:22:73:29:7a:b1:78:ad:79:ec:bd:98:45:2a:
83:7b:91:42:ef:69:3a:c3:d6:38:b3:cb:10:dc:80:7f:bd:1d:
dd:1d:89:1a:26:81:22:54:bb:1d:b0:c5:5b:74:d7:86:80:d7:
0f:cd:c5:28:aa:4c:af:4e:26:ed:be:2d:4d:28:d7:59:56:50:
4c:e5:e2:49:55:7f:64:3f:62:22:e8:3a:f6:f4:c8:03:5b:72:
2b:af:41:12:1c:8f:16:f1:03:51:e7:21:c2:61:29:0d:2d:35:
cf:c5:6b:9a:99:ef:cb:62:69:03:31:cb:db:65:2b:7e:f8:d8:
fe:33:5d:ee:e0:aa:de:8d:75:0d:aa:b6:9d:c7:4e:bc:da:03:
ee:b4:30:7b:bd:81:8e:c8:01:05:da:e5:d9:89:ba:64:81:db:
bc:35:e9:09:e0:b3:0c:f4:79:87:91:9e:ff:ca:16:5e:0e:c4:
b2:9c:97:c6:26:ad:02:c0:da:97:3a:5a:1c:dc:9a:28:2b:4a:
b9:42:2a:f2:00:93:db:b8:ce:36:22:71:4b:8f:e8:c1:96:22:
6e:f8:07:25:65:eb:40:af:ce:ed:39:8b:3d:ca:f4:e3:4d:c5:
64:00:06:4e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEB24oEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Zjg4YTUzZmNiOTY3NzdmOTllMDJkZjg5NDBkZDA0MGI0NTRjZDFjMB4XDTIyMDEw
MTE1MDIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E0YmU4MTlhYjM4
ZGVkMTEwNDBjNTg1NzEwY2I1ZGU0MGEwZjczZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMki35H2gPA9MJZlj6XQcNbiEex2RoMe8DZquAXG4FQtLsX3
pAfrImGWcfAxdSSmDAZACe8qE3dUtWpXj/Ymrw384GoMrIoWKdoWmpUXmq+tLXSp
7DHQwMFSbbgMT7D+/GytQ43OUb86nv8Kb9hsP4sLWTsES8QyoRpqiTrFD1VX3dbG
jXjZ2zHWfSLqqJZyU9kHFMZz1KpN+zExV3QokSk2AZInBZ1tUG3mFOSU9qe8wF5i
4i0dKXkGcCqAPn3pYjv9BeMwrYEtQYX07hIBKiQtVLPe4EFTWBWCFmiBNmGl37AS
AwXouxGyeiDTYQKcfL6nE7uGqe6EryVSFnM3qIsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR6S+gZqzje0RBAxYVxDLXeQKD3PTAfBgNVHSMEGDAWgBQviKU/y5Z3f5ng
LfiUDdBAtFTNHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w0aWxQOHVXZDMtWjRDMzRsQTNRUUxSVXpSdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvNTUyZjBkLTAxYzItNDE4YS1hYTNjLWFjYzRhYWM3OGQwZC8x
L2Vrdm9HYXM0M3RFUVFNV0ZjUXkxM2tDZzl6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
NTUyZjBkLTAxYzItNDE4YS1hYTNjLWFjYzRhYWM3OGQwZC8xL0w0aWxQOHVXZDMt
WjRDMzRsQTNRUUxSVXpSdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBF+PwAMEArmabDANBAIAAjAHAwUA
KgPXgDANBgkqhkiG9w0BAQsFAAOCAQEAKY7ESwK2WbtfLQN2hr98iZXPWuoE6Zsi
cyl6sXiteey9mEUqg3uRQu9pOsPWOLPLENyAf70d3R2JGiaBIlS7HbDFW3TXhoDX
D83FKKpMr04m7b4tTSjXWVZQTOXiSVV/ZD9iIug69vTIA1tyK69BEhyPFvEDUech
wmEpDS01z8Vrmpnvy2JpAzHL22UrfvjY/jNd7uCq3o11Daq2ncdOvNoD7rQwe72B
jsgBBdrl2Ym6ZIHbvDXpCeCzDPR5h5Ge/8oWXg7EspyXxiatAsDalzpaHNyaKCtK
uUIq8gCT27jONiJxS4/owZYibvgHJWXrQK/O7TmLPcr0403FZAAGTg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:07:58 2025 by rpki-client