Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/SX54zWLbp-73BGjSCCssLC7rz8k.roa
File: SX54zWLbp-73BGjSCCssLC7rz8k.roa (raw, json)
Hash identifier: okQZ5K94zVPgwVHHLGL/dgTM/clX04RhB8tc4312l0o=
Subject key identifier: 49:7E:78:CD:62:DB:A7:EE:F7:04:68:D2:08:2B:2C:2C:2E:EB:CF:C9
Certificate issuer: /CN=d9e1019bbe11b55114874c961716eb238a11cd4e
Certificate serial: 062356D5
Authority key identifier: D9:E1:01:9B:BE:11:B5:51:14:87:4C:96:17:16:EB:23:8A:11:CD:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2eEBm74RtVEUh0yWFxbrI4oRzU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/SX54zWLbp-73BGjSCCssLC7rz8k.roa
Signing time: Sat 01 Jan 2022 05:54:07 +0000
ROA not before: Sat 01 Jan 2022 05:54:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44901
IP address blocks: 94.156.128.0/24 maxlen: 24
185.148.145.0/24 maxlen: 24
185.148.144.0/24 maxlen: 24
185.205.208.0/24 maxlen: 24
185.205.211.0/24 maxlen: 24
185.148.146.0/24 maxlen: 24
185.148.147.0/24 maxlen: 24
109.94.110.0/24 maxlen: 24
2a07:5740::/32 maxlen: 32
2a07:5741::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102979285 (0x62356d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9e1019bbe11b55114874c961716eb238a11cd4e
Validity
Not Before: Jan 1 05:54:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=497e78cd62dba7eef70468d2082b2c2c2eebcfc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:39:8f:92:c9:87:2f:bb:58:51:e0:a4:0a:74:
85:43:c7:56:15:ea:9a:f7:9e:85:5c:e1:c0:43:b7:
c0:54:d8:d1:66:42:e3:58:41:2e:27:6f:4d:5a:3e:
99:e6:40:4a:60:d7:a9:5c:ad:76:4f:1f:93:b6:43:
72:ca:d7:0d:af:1e:f8:06:c7:31:e1:17:ae:d3:e7:
d4:33:e5:7f:b3:8f:11:ce:ec:91:b1:e0:a3:6b:eb:
79:3b:40:1e:b9:1f:a6:50:8e:e8:6f:4f:51:16:06:
b1:93:7c:41:14:d6:a6:97:93:90:bb:90:ab:13:0a:
07:64:1c:da:6b:05:5e:05:1a:ab:40:c4:27:34:b6:
36:be:93:ed:05:4c:9f:9a:95:6b:f8:44:c9:46:4e:
42:7f:f6:29:c0:90:49:13:d6:46:75:71:24:63:70:
7a:d1:b3:21:23:20:76:7b:34:7f:58:89:24:2f:0f:
80:82:00:23:40:c5:0c:72:cd:77:99:6f:d4:11:c2:
d3:78:e2:59:c0:62:5e:62:8e:08:a2:30:a9:a5:2d:
63:39:df:bc:ab:9d:77:ae:61:76:99:76:52:2a:9d:
31:59:b5:ca:c6:2f:ef:91:50:93:63:90:5b:f5:b3:
b1:08:bc:d1:15:69:54:8b:62:6b:ef:56:dc:3f:99:
66:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7E:78:CD:62:DB:A7:EE:F7:04:68:D2:08:2B:2C:2C:2E:EB:CF:C9
X509v3 Authority Key Identifier:
keyid:D9:E1:01:9B:BE:11:B5:51:14:87:4C:96:17:16:EB:23:8A:11:CD:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2eEBm74RtVEUh0yWFxbrI4oRzU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/SX54zWLbp-73BGjSCCssLC7rz8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/2eEBm74RtVEUh0yWFxbrI4oRzU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.128.0/24
109.94.110.0/24
185.148.144.0/22
185.205.208.0/24
185.205.211.0/24
IPv6:
2a07:5740::/31
Signature Algorithm: sha256WithRSAEncryption
48:e0:c5:60:3c:7c:96:1f:30:ae:6c:17:df:6b:8a:0f:58:6e:
8b:f1:0a:79:62:03:5a:73:6c:93:09:3e:02:85:a5:69:0e:e4:
fc:5b:49:98:37:b7:f7:67:1a:54:ea:eb:5f:ba:d7:9c:04:68:
5a:cf:84:41:77:e7:10:18:bb:ef:25:2a:79:66:12:9d:1d:68:
3b:47:6e:bc:e8:2e:31:e4:3f:d2:67:b0:cd:70:c4:ad:87:28:
8c:9b:bc:2f:ef:e1:cc:88:74:a6:e2:a0:b1:6f:63:65:c7:c0:
df:f4:00:d8:91:ef:a6:40:8e:d1:4c:90:e8:16:9e:ad:a3:e2:
6c:9f:24:e8:f8:75:34:7a:c2:75:cb:38:32:3d:a3:2b:45:e3:
47:bf:16:07:06:23:bc:5e:e3:60:cb:0d:dc:67:6b:4d:3c:4d:
24:4e:b1:0b:ce:84:12:69:2a:5f:d5:a2:88:7b:cd:7f:4f:45:
ac:f1:c4:92:fd:e5:4a:a5:bd:9d:b0:6a:02:cb:cb:e7:02:a6:
9e:6a:cd:2a:e4:41:4f:ed:29:7e:d6:dc:eb:87:8a:bf:51:61:
d2:88:08:13:61:83:37:99:01:d0:cb:44:a8:36:98:ed:e0:10:
6b:d3:dd:67:22:19:f3:f1:3f:1b:b8:6e:10:7e:80:aa:f2:85:
4f:83:c0:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBiNW1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWUxMDE5YmJlMTFiNTUxMTQ4NzRjOTYxNzE2ZWIyMzhhMTFjZDRlMB4XDTIyMDEw
MTA1NTQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk3ZTc4Y2Q2MmRi
YTdlZWY3MDQ2OGQyMDgyYjJjMmMyZWViY2ZjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK05j5LJhy+7WFHgpAp0hUPHVhXqmveehVzhwEO3wFTY0WZC
41hBLidvTVo+meZASmDXqVytdk8fk7ZDcsrXDa8e+AbHMeEXrtPn1DPlf7OPEc7s
kbHgo2vreTtAHrkfplCO6G9PURYGsZN8QRTWppeTkLuQqxMKB2Qc2msFXgUaq0DE
JzS2Nr6T7QVMn5qVa/hEyUZOQn/2KcCQSRPWRnVxJGNwetGzISMgdns0f1iJJC8P
gIIAI0DFDHLNd5lv1BHC03jiWcBiXmKOCKIwqaUtYznfvKudd65hdpl2UiqdMVm1
ysYv75FQk2OQW/WzsQi80RVpVItia+9W3D+ZZkUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRJfnjNYtun7vcEaNIIKywsLuvPyTAfBgNVHSMEGDAWgBTZ4QGbvhG1URSH
TJYXFusjihHNTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJlRUJtNzRSdFZFVWgweVdGeGJySTRvUnpVNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMGUxOWZlLTBhZDktNDhlMC05YjdiLTQ1MjU2MTkzNTAzMS8x
L1NYNTR6V0xicC03M0JHalNDQ3NzTEM3cno4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MGUxOWZlLTBhZDktNDhlMC05YjdiLTQ1MjU2MTkzNTAzMS8xLzJlRUJtNzRSdFZF
VWgweVdGeGJySTRvUnpVNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAF6cgAMEAG1ebgMEArmUkAMEALnN
0AMEALnN0zANBAIAAjAHAwUBKgdXQDANBgkqhkiG9w0BAQsFAAOCAQEASODFYDx8
lh8wrmwX32uKD1hui/EKeWIDWnNskwk+AoWlaQ7k/FtJmDe392caVOrrX7rXnARo
Ws+EQXfnEBi77yUqeWYSnR1oO0duvOguMeQ/0mewzXDErYcojJu8L+/hzIh0puKg
sW9jZcfA3/QA2JHvpkCO0UyQ6BaeraPibJ8k6Ph1NHrCdcs4Mj2jK0XjR78WBwYj
vF7jYMsN3GdrTTxNJE6xC86EEmkqX9WiiHvNf09FrPHEkv3lSqW9nbBqAsvL5wKm
nmrNKuRBT+0pftbc64eKv1Fh0ogIE2GDN5kB0MtEqDaY7eAQa9PdZyIZ8/E/G7hu
EH6AqvKFT4PAEA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:36 2025 by rpki-client