Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/4q-bEZg20eRTu-EPMll7F7m_PhM.roa
File: 4q-bEZg20eRTu-EPMll7F7m_PhM.roa (raw, json)
Hash identifier: n5PVXgPvP38CKPK/KqffRO7z4U6OCjet4FDYrg+AF8k=
Subject key identifier: E2:AF:9B:11:98:36:D1:E4:53:BB:E1:0F:32:59:7B:17:B9:BF:3E:13
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 02C005F1
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/4q-bEZg20eRTu-EPMll7F7m_PhM.roa
Signing time: Mon 28 Mar 2022 09:43:37 +0000
ROA not before: Mon 28 Mar 2022 09:43:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20915
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.25.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.0.0/24 maxlen: 24
87.254.3.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
87.254.12.0/24 maxlen: 24
87.254.13.0/24 maxlen: 24
87.254.19.0/24 maxlen: 24
2a00:eac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46138865 (0x2c005f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Mar 28 09:43:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2af9b119836d1e453bbe10f32597b17b9bf3e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a0:0c:df:27:b3:90:fb:3d:d7:4d:f4:24:75:
e8:d0:3c:5a:fd:a9:fd:d8:c3:6d:3e:61:23:56:9c:
4f:8f:e2:5e:9f:f9:f6:25:d7:81:c9:8c:ef:7d:6e:
9a:93:b8:d3:8c:dd:9f:38:47:ad:21:59:dc:62:51:
3e:90:c6:ee:af:07:ce:c5:62:4b:dd:af:9c:a2:32:
eb:0d:07:3a:b2:30:34:3f:30:5d:c8:6b:e9:d5:2e:
bf:5f:0e:aa:ed:11:af:b3:cd:fc:bc:ee:f1:79:ac:
c2:94:53:ff:bd:ab:e4:f9:ca:6d:70:0f:ae:e1:08:
1c:27:00:c0:3b:77:d1:d2:45:2c:cc:23:ce:49:52:
d8:8b:c1:94:01:7b:c4:ca:45:c4:b4:ba:e9:b5:2a:
cf:a7:0c:58:3e:16:1b:ef:f8:4d:c2:ee:e1:f6:21:
95:f9:2d:e2:53:1c:d1:ad:1b:bb:be:a2:2d:a1:a6:
d9:d8:2a:d4:a4:59:fa:ae:53:8d:a3:fc:1c:82:4b:
f0:16:ad:43:08:db:ff:17:f0:7c:d0:d3:ba:2f:60:
cc:cd:cf:52:30:ff:18:84:e9:e8:4d:72:69:2e:d5:
03:37:30:34:e6:2b:9f:62:b2:71:2a:45:11:1f:63:
16:fd:99:76:0d:73:0f:ae:2a:e1:73:82:c1:eb:2b:
32:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AF:9B:11:98:36:D1:E4:53:BB:E1:0F:32:59:7B:17:B9:BF:3E:13
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/4q-bEZg20eRTu-EPMll7F7m_PhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/24
87.254.2.0/23
87.254.10.0-87.254.13.255
87.254.19.0/24
87.254.25.0/24
217.25.12.0/24
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
55:9a:dc:d6:31:43:65:d2:db:af:d8:ad:6a:fd:35:4c:31:b0:
16:a9:89:90:7f:0a:05:c9:59:a3:f3:c2:d9:0f:ec:f5:23:7b:
1d:2b:ae:68:95:24:75:fd:bb:59:16:81:15:c6:6c:11:8c:29:
4f:53:46:f1:33:63:18:b4:b0:d0:9b:84:84:70:25:7b:97:63:
be:0b:a5:5d:73:0a:13:7a:04:1f:78:7c:da:db:b3:d7:c5:e2:
44:88:ca:c9:bf:9f:f5:81:fc:d4:ba:39:d9:0e:a3:ad:51:fc:
08:8e:3c:de:19:3c:f4:0b:21:d8:06:ad:05:36:e0:94:e3:e5:
f5:47:38:63:f0:28:6f:fb:ff:e3:ca:c3:b5:ec:c1:aa:32:4d:
5b:f5:a5:af:86:0a:1f:8e:9c:32:47:de:2b:1c:81:2c:2d:93:
db:b4:93:3e:cb:d8:67:cd:bc:e8:fe:a8:e5:3f:ba:1d:90:e2:
7f:7d:b9:e7:5f:79:67:16:85:89:69:54:56:dc:a2:ee:68:7a:
d7:1d:9b:be:3f:ae:68:c2:8b:47:53:62:2e:f6:68:11:ce:b9:
5b:c9:be:c9:15:a5:63:99:22:dd:29:10:ae:0f:2d:f2:67:bb:
82:80:10:88:90:f7:ab:d7:ce:cb:dd:67:cc:38:4c:10:26:c2:
4b:88:06:da
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEAsAF8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmY4MGNiZGZlMTgzNTRhM2NmZGJhMmZlMDc5YWEyZWJjNThkY2Q0MB4XDTIyMDMy
ODA5NDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJhZjliMTE5ODM2
ZDFlNDUzYmJlMTBmMzI1OTdiMTdiOWJmM2UxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKgDN8ns5D7PddN9CR16NA8Wv2p/djDbT5hI1acT4/iXp/5
9iXXgcmM731umpO404zdnzhHrSFZ3GJRPpDG7q8HzsViS92vnKIy6w0HOrIwND8w
Xchr6dUuv18Oqu0Rr7PN/Lzu8XmswpRT/72r5PnKbXAPruEIHCcAwDt30dJFLMwj
zklS2IvBlAF7xMpFxLS66bUqz6cMWD4WG+/4TcLu4fYhlfkt4lMc0a0bu76iLaGm
2dgq1KRZ+q5TjaP8HIJL8BatQwjb/xfwfNDTui9gzM3PUjD/GITp6E1yaS7VAzcw
NOYrn2KycSpFER9jFv2Zdg1zD64q4XOCwesrMqMCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBTir5sRmDbR5FO74Q8yWXsXub8+EzAfBgNVHSMEGDAWgBQP+Ay9/hg1Sjz9
ui/geaouvFjc1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RfZ012ZjRZTlVvOF9ib3Y0SG1xTHJ4WTNOUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvMTI5NTY0LWYxZGItNGRjNS04OTA2LTZmY2RjZDVhYjY2MC8x
LzRxLWJFWmcyMGVSVHUtRVBNbGw3RjdtX1BoTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
MTI5NTY0LWYxZGItNGRjNS04OTA2LTZmY2RjZDVhYjY2MC8xL0RfZ012ZjRZTlVv
OF9ib3Y0SG1xTHJ4WTNOUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEAFf+AAMEAVf+AjAMAwQBV/4KAwQB
V/4MAwQAV/4TAwQAV/4ZAwQA2RkMMA0EAgACMAcDBQAqAOrAMA0GCSqGSIb3DQEB
CwUAA4IBAQBVmtzWMUNl0tuv2K1q/TVMMbAWqYmQfwoFyVmj88LZD+z1I3sdK65o
lSR1/btZFoEVxmwRjClPU0bxM2MYtLDQm4SEcCV7l2O+C6VdcwoTegQfeHza27PX
xeJEiMrJv5/1gfzUujnZDqOtUfwIjjzeGTz0CyHYBq0FNuCU4+X1Rzhj8Chv+//j
ysO17MGqMk1b9aWvhgofjpwyR94rHIEsLZPbtJM+y9hnzbzo/qjlP7odkOJ/fbnn
X3lnFoWJaVRW3KLuaHrXHZu+P65owotHU2Iu9mgRzrlbyb7JFaVjmSLdKRCuDy3y
Z7uCgBCIkPer187L3WfMOEwQJsJLiAba
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org