Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/601d6f-b31a-492e-8ef0-52bccb06af3c/1/ltoUdjhRjZ3l43QCbgkFJK6GSAg.roa
File: ltoUdjhRjZ3l43QCbgkFJK6GSAg.roa (raw, json)
Hash identifier: H2Xmih6tGzUhVz9qSVgC3AJdc3kHpWmml1CLap6YVbE=
Subject key identifier: 96:DA:14:76:38:51:8D:9D:E5:E3:74:02:6E:09:05:24:AE:86:48:08
Certificate issuer: /CN=5a8d389278485edd50d32cf5ca84ce2728c08cc6
Certificate serial: 01856F54A19D539037A8FD562DBDFEF8D0B8
Authority key identifier: 5A:8D:38:92:78:48:5E:DD:50:D3:2C:F5:CA:84:CE:27:28:C0:8C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wo04knhIXt1Q0yz1yoTOJyjAjMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/601d6f-b31a-492e-8ef0-52bccb06af3c/1/ltoUdjhRjZ3l43QCbgkFJK6GSAg.roa
Signing time: Sun 01 Jan 2023 21:54:55 +0000
ROA not before: Sun 01 Jan 2023 21:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60516
IP address blocks: 185.30.4.0/22 maxlen: 22
185.30.4.0/23 maxlen: 23
185.30.6.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a1:9d:53:90:37:a8:fd:56:2d:bd:fe:f8:d0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a8d389278485edd50d32cf5ca84ce2728c08cc6
Validity
Not Before: Jan 1 21:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96da147638518d9de5e374026e090524ae864808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:94:0b:b1:64:ef:43:67:8d:75:f9:b7:4d:c9:
1e:c7:26:74:c3:3e:ee:23:0c:a7:f0:a1:a4:ec:08:
73:c7:c8:96:30:44:04:2f:84:fb:51:c5:a0:90:7a:
dc:84:97:88:c0:df:1c:a5:4d:de:fc:0b:38:7c:10:
00:6b:7d:c7:ba:3c:e2:d8:d7:da:08:a5:dc:a2:26:
88:ec:73:92:e0:53:80:fe:fa:aa:a7:0d:36:b9:b8:
07:8b:84:75:c0:42:41:40:5e:b7:93:d1:40:93:76:
66:62:70:94:20:82:77:5e:06:cd:aa:9b:b1:26:d5:
e7:34:4c:eb:f1:f3:89:e0:ec:31:e7:69:7d:cb:3b:
fe:b6:7a:8e:bb:92:c0:29:2d:ab:18:d0:3a:96:19:
96:d3:36:51:73:4b:0f:de:eb:e7:77:43:c6:db:d0:
eb:8b:08:26:a8:7a:62:01:b8:2a:7f:11:e9:13:f4:
cd:c1:3f:14:01:02:e9:3f:af:95:89:fa:f0:9d:27:
da:16:9e:1a:51:c2:57:2e:9e:22:c5:d3:2f:b4:e2:
b5:7a:6f:a6:68:45:f4:a9:84:bc:31:51:06:8d:13:
78:e8:b6:c1:bb:01:1d:0b:27:89:0e:62:e5:9a:2a:
f8:08:87:b6:c8:d2:ab:8c:b7:fc:71:fc:f6:58:7c:
54:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DA:14:76:38:51:8D:9D:E5:E3:74:02:6E:09:05:24:AE:86:48:08
X509v3 Authority Key Identifier:
keyid:5A:8D:38:92:78:48:5E:DD:50:D3:2C:F5:CA:84:CE:27:28:C0:8C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wo04knhIXt1Q0yz1yoTOJyjAjMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/601d6f-b31a-492e-8ef0-52bccb06af3c/1/ltoUdjhRjZ3l43QCbgkFJK6GSAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/601d6f-b31a-492e-8ef0-52bccb06af3c/1/Wo04knhIXt1Q0yz1yoTOJyjAjMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.4.0/22
Signature Algorithm: sha256WithRSAEncryption
00:cc:6e:24:a3:b3:10:3c:5f:bb:e1:a0:72:18:94:27:94:72:
e8:95:06:12:9d:a7:27:d8:fe:62:d8:88:17:8e:0a:c7:0c:e4:
c1:58:b4:a7:cd:20:b3:a0:68:c1:b6:85:57:fc:cf:84:e2:f2:
e3:f0:63:c7:a2:08:20:9b:2b:6f:2b:fe:0d:d8:5f:c9:75:1f:
0d:cb:2f:aa:0b:5b:97:4a:9b:e3:5a:b7:03:ec:c5:a4:5b:67:
20:58:4f:32:af:7a:66:13:ed:d7:06:78:5f:db:03:f3:84:a5:
d4:89:8c:51:72:28:43:23:5d:0b:9c:7a:ae:69:fa:1d:75:f0:
7b:59:9c:31:e0:b1:3c:94:4e:c7:ee:c9:45:80:d8:92:d3:59:
00:e1:e3:f4:33:20:e7:b7:a8:82:5d:7c:11:9e:c9:aa:19:1b:
ba:9f:d3:f9:aa:60:a0:ca:b7:cf:e3:38:c5:13:72:08:7a:6d:
07:eb:68:14:f4:4d:e4:8f:b7:57:2e:03:f3:5c:3f:3b:7b:78:
73:aa:e8:ae:c6:e3:31:3c:54:60:f7:82:35:e9:18:43:f3:3a:
c5:bc:ff:28:b3:ae:4a:f9:94:45:f8:3d:57:14:a1:6b:a8:17:
ed:b1:6f:9c:ed:7a:5c:4f:95:e3:e3:f6:46:a1:79:3b:25:73:
e7:3d:09:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVKGdU5A3qP1WLb3++NC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOGQzODkyNzg0ODVlZGQ1MGQzMmNmNWNhODRjZTI3Mjhj
MDhjYzYwHhcNMjMwMTAxMjE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRhMTQ3NjM4NTE4ZDlkZTVlMzc0MDI2ZTA5MDUyNGFlODY0ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJQLsWTvQ2eNdfm3TckexyZ0wz7u
Iwyn8KGk7Ahzx8iWMEQEL4T7UcWgkHrchJeIwN8cpU3e/As4fBAAa33Hujzi2Nfa
CKXcoiaI7HOS4FOA/vqqpw02ubgHi4R1wEJBQF63k9FAk3ZmYnCUIIJ3XgbNqpux
JtXnNEzr8fOJ4Owx52l9yzv+tnqOu5LAKS2rGNA6lhmW0zZRc0sP3uvnd0PG29Dr
iwgmqHpiAbgqfxHpE/TNwT8UAQLpP6+VifrwnSfaFp4aUcJXLp4ixdMvtOK1em+m
aEX0qYS8MVEGjRN46LbBuwEdCyeJDmLlmir4CIe2yNKrjLf8cfz2WHxUHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbaFHY4UY2d5eN0Am4JBSSuhkgIMB8GA1UdIwQY
MBaAFFqNOJJ4SF7dUNMs9cqEzicowIzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV28wNGtuaElYdDFRMHl6MXlvVE9KeWpBak1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82MDFkNmYtYjMxYS00OTJlLThlZjAt
NTJiY2NiMDZhZjNjLzEvbHRvVWRqaFJqWjNsNDNRQ2Jna0ZKSzZHU0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82MDFkNmYtYjMxYS00OTJlLThlZjAtNTJiY2NiMDZhZjNj
LzEvV28wNGtuaElYdDFRMHl6MXlvVE9KeWpBak1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR4EMA0G
CSqGSIb3DQEBCwUAA4IBAQAAzG4ko7MQPF+74aByGJQnlHLolQYSnacn2P5i2IgX
jgrHDOTBWLSnzSCzoGjBtoVX/M+E4vLj8GPHogggmytvK/4N2F/JdR8Nyy+qC1uX
SpvjWrcD7MWkW2cgWE8yr3pmE+3XBnhf2wPzhKXUiYxRcihDI10LnHquafoddfB7
WZwx4LE8lE7H7slFgNiS01kA4eP0MyDnt6iCXXwRnsmqGRu6n9P5qmCgyrfP4zjF
E3IIem0H62gU9E3kj7dXLgPzXD87e3hzquiuxuMxPFRg94I16RhD8zrFvP8os65K
+ZRF+D1XFKFrqBftsW+c7XpcT5Xj4/ZGoXk7JXPnPQk7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:23 2025 by rpki-client