Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/4DAnX1pYnKe1iDfZtKyfxthE5OM.roa
File: 4DAnX1pYnKe1iDfZtKyfxthE5OM.roa (raw, json)
Hash identifier: 0ZEEaGSPYCjIRr3886PLfqcFvNRBGfMOdNuRPGGpnik=
Subject key identifier: E0:30:27:5F:5A:58:9C:A7:B5:88:37:D9:B4:AC:9F:C6:D8:44:E4:E3
Certificate issuer: /CN=a0639adf1e0b84b9ff64e4f8ebe638ebbf5d27b9
Certificate serial: 0708D061
Authority key identifier: A0:63:9A:DF:1E:0B:84:B9:FF:64:E4:F8:EB:E6:38:EB:BF:5D:27:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oGOa3x4LhLn_ZOT46-Y4679dJ7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/4DAnX1pYnKe1iDfZtKyfxthE5OM.roa
Signing time: Thu 27 Jan 2022 18:22:38 +0000
ROA not before: Thu 27 Jan 2022 18:22:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21263
IP address blocks: 185.124.224.0/22 maxlen: 24
146.255.112.0/22 maxlen: 24
185.16.72.0/22 maxlen: 24
217.24.192.0/20 maxlen: 24
185.162.220.0/22 maxlen: 24
217.31.208.0/20 maxlen: 24
185.198.140.0/22 maxlen: 24
212.62.192.0/19 maxlen: 24
45.155.112.0/22 maxlen: 24
81.27.112.0/20 maxlen: 24
185.231.72.0/22 maxlen: 24
217.11.144.0/20 maxlen: 24
2a02:590::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118018145 (0x708d061)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0639adf1e0b84b9ff64e4f8ebe638ebbf5d27b9
Validity
Not Before: Jan 27 18:22:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e030275f5a589ca7b58837d9b4ac9fc6d844e4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:82:98:f7:b2:ac:6b:c8:04:4e:83:1d:35:17:
98:04:82:e8:73:be:b6:7c:9d:9e:5f:4d:bd:b6:fc:
dd:0e:f9:00:f5:2e:b7:17:ce:7a:18:69:24:6b:2d:
10:f8:09:05:df:31:13:f5:65:77:a4:10:31:0c:a3:
14:8e:f7:ee:c6:6f:6a:4c:e1:98:42:82:1e:b9:12:
8c:0f:74:b1:6d:1a:ed:af:eb:08:91:6b:85:70:14:
d9:c4:83:c0:9d:c2:52:54:e5:05:fa:8c:00:db:c6:
db:b0:89:5f:b5:1e:b2:aa:0a:29:8a:d2:a7:33:d2:
a7:5b:5a:e8:6d:03:92:b3:ca:42:9c:31:30:dc:1b:
80:5f:9c:7b:7e:34:0c:59:44:39:16:8d:a6:6d:3d:
47:79:0e:72:86:7a:5e:16:9f:22:10:ae:40:b7:7e:
68:70:ff:c1:ca:fc:b3:93:b4:8c:72:80:7f:01:71:
bc:d0:8c:fe:9a:2f:08:3c:3a:60:b2:50:79:84:66:
88:14:e2:76:03:df:d9:19:e4:aa:30:cb:92:54:38:
2b:0c:73:46:8c:67:cb:8c:95:02:34:68:ea:35:df:
73:4c:69:b7:06:89:cd:1c:ad:f4:5f:d0:42:1f:42:
1c:86:e8:37:83:56:c8:3b:e3:16:a3:36:62:0a:f8:
c7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:30:27:5F:5A:58:9C:A7:B5:88:37:D9:B4:AC:9F:C6:D8:44:E4:E3
X509v3 Authority Key Identifier:
keyid:A0:63:9A:DF:1E:0B:84:B9:FF:64:E4:F8:EB:E6:38:EB:BF:5D:27:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGOa3x4LhLn_ZOT46-Y4679dJ7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/4DAnX1pYnKe1iDfZtKyfxthE5OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/oGOa3x4LhLn_ZOT46-Y4679dJ7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.112.0/22
81.27.112.0/20
146.255.112.0/22
185.16.72.0/22
185.124.224.0/22
185.162.220.0/22
185.198.140.0/22
185.231.72.0/22
212.62.192.0/19
217.11.144.0/20
217.24.192.0/20
217.31.208.0/20
IPv6:
2a02:590::/29
Signature Algorithm: sha256WithRSAEncryption
16:65:80:b2:d0:08:00:0b:6e:09:dc:0d:37:bd:53:51:c0:22:
fd:0b:fc:ab:ca:23:78:4d:86:5f:5e:d8:a6:60:89:c7:92:bf:
c6:e5:f8:52:54:1d:45:82:a8:fb:11:f5:99:b4:03:77:b8:7d:
cf:ae:14:18:13:8e:25:96:51:4c:2a:40:53:41:69:3a:66:6b:
96:10:f8:2d:75:ee:28:43:5f:8e:74:4d:9b:d9:6f:50:9d:f8:
51:ce:d6:e8:91:32:5b:34:81:ae:f4:5d:b3:48:9a:aa:f5:a2:
8a:f1:ae:d8:d5:17:5d:5f:a4:2b:9f:bc:72:1d:72:af:ff:7c:
82:2b:15:1a:00:2e:bb:fb:c5:83:74:a0:dd:94:33:b3:8a:3f:
ab:71:f9:1d:9c:0c:f4:33:b3:66:b4:f4:37:b4:3d:09:ba:28:
d4:30:ba:23:dd:f6:46:7a:42:48:dd:6e:2a:32:cd:96:54:91:
36:1b:6d:db:f1:70:4e:2e:c9:b9:e7:40:2a:cb:97:34:7d:df:
53:76:e0:97:64:c3:c7:b1:dd:9c:d4:09:fe:a6:ec:88:01:29:
18:2a:6f:f5:06:82:2b:69:6b:ca:4a:d9:d5:d6:cc:cd:5e:56:
65:ae:d6:52:4d:d9:24:65:c7:2a:f5:6a:25:73:ac:71:4d:d7:
79:36:88:72
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEBwjQYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDYzOWFkZjFlMGI4NGI5ZmY2NGU0ZjhlYmU2MzhlYmJmNWQyN2I5MB4XDTIyMDEy
NzE4MjIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAzMDI3NWY1YTU4
OWNhN2I1ODgzN2Q5YjRhYzlmYzZkODQ0ZTRlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqCmPeyrGvIBE6DHTUXmASC6HO+tnydnl9Nvbb83Q75APUu
txfOehhpJGstEPgJBd8xE/Vld6QQMQyjFI737sZvakzhmEKCHrkSjA90sW0a7a/r
CJFrhXAU2cSDwJ3CUlTlBfqMANvG27CJX7UesqoKKYrSpzPSp1ta6G0DkrPKQpwx
MNwbgF+ce340DFlEORaNpm09R3kOcoZ6XhafIhCuQLd+aHD/wcr8s5O0jHKAfwFx
vNCM/povCDw6YLJQeYRmiBTidgPf2RnkqjDLklQ4KwxzRoxny4yVAjRo6jXfc0xp
twaJzRyt9F/QQh9CHIboN4NWyDvjFqM2Ygr4x38CAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBTgMCdfWlicp7WIN9m0rJ/G2ETk4zAfBgNVHSMEGDAWgBSgY5rfHguEuf9k
5Pjr5jjrv10nuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29HT2EzeDRMaExuX1pPVDQ2LVk0Njc5ZEo3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvMGMzNjNjLTJkMGUtNGJjYS1hOWYyLTgxM2M1YWFiNzgzZS8x
LzREQW5YMXBZbktlMWlEZlp0S3lmeHRoRTVPTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
MGMzNjNjLTJkMGUtNGJjYS1hOWYyLTgxM2M1YWFiNzgzZS8xL29HT2EzeDRMaExu
X1pPVDQ2LVk0Njc5ZEo3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAi2bcAMEBFEbcAMEApL/cAMEArkQ
SAMEArl84AMEArmi3AMEArnGjAMEArnnSAMEBdQ+wAMEBNkLkAMEBNkYwAMEBNkf
0DANBAIAAjAHAwUDKgIFkDANBgkqhkiG9w0BAQsFAAOCAQEAFmWAstAIAAtuCdwN
N71TUcAi/Qv8q8ojeE2GX17YpmCJx5K/xuX4UlQdRYKo+xH1mbQDd7h9z64UGBOO
JZZRTCpAU0FpOmZrlhD4LXXuKENfjnRNm9lvUJ34Uc7W6JEyWzSBrvRds0iaqvWi
ivGu2NUXXV+kK5+8ch1yr/98gisVGgAuu/vFg3Sg3ZQzs4o/q3H5HZwM9DOzZrT0
N7Q9Cboo1DC6I932RnpCSN1uKjLNllSRNhtt2/FwTi7JuedAKsuXNH3fU3bgl2TD
x7HdnNQJ/qbsiAEpGCpv9QaCK2lrykrZ1dbMzV5WZa7WUk3ZJGXHKvVqJXOscU3X
eTaIcg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:19 2025 by rpki-client