Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/i9QzyFz3i5gUO82oXo1ERh_9UGg.roa
File: i9QzyFz3i5gUO82oXo1ERh_9UGg.roa (raw, json)
Hash identifier: TZRPFA6fOYtd2jJa/pg82Ys78KaDY5sRghiQMxgHd6g=
Subject key identifier: 8B:D4:33:C8:5C:F7:8B:98:14:3B:CD:A8:5E:8D:44:46:1F:FD:50:68
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 0BFEC106
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/i9QzyFz3i5gUO82oXo1ERh_9UGg.roa
Signing time: Wed 23 Mar 2022 06:09:59 +0000
ROA not before: Wed 23 Mar 2022 06:09:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 18
62.129.245.0/24 maxlen: 24
62.129.250.0/24 maxlen: 24
89.161.253.0/24 maxlen: 24
212.85.96.0/24 maxlen: 24
212.85.96.0/19 maxlen: 19
89.161.254.0/24 maxlen: 24
46.41.159.0/24 maxlen: 24
46.242.144.0/24 maxlen: 24
79.96.0.0/16 maxlen: 16
46.242.150.0/24 maxlen: 24
62.129.192.0/18 maxlen: 18
188.128.244.0/24 maxlen: 24
188.128.255.0/24 maxlen: 24
89.161.128.0/17 maxlen: 17
46.242.128.0/17 maxlen: 17
188.128.128.0/17 maxlen: 17
188.128.128.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
2a02:25a8:dead::/48 maxlen: 48
2a02:25ad:1a:d1::/64 maxlen: 64
2a02:25a8::/32 maxlen: 32
2a02:25a8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201244934 (0xbfec106)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Mar 23 06:09:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bd433c85cf78b98143bcda85e8d44461ffd5068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:97:2f:27:df:38:a4:63:41:10:02:33:07:c4:
ae:53:b8:5d:44:47:60:fc:d0:4f:35:3b:3d:2e:4f:
3a:da:fc:9a:60:e0:6a:b6:46:80:91:48:46:00:c4:
28:b2:aa:e8:d5:3d:34:6c:57:31:ed:23:79:a9:33:
7b:43:3a:9a:8a:52:be:0a:38:51:87:80:8e:73:1e:
81:da:3c:41:aa:b0:cf:93:ca:84:6a:00:33:ca:9f:
2b:28:c6:7e:6b:3c:ba:f7:aa:64:ae:56:47:d5:04:
52:d7:8d:62:14:02:22:24:63:6d:07:bc:9c:d5:2c:
78:55:96:01:3c:d1:9e:87:12:2d:e2:e3:ea:90:d5:
63:14:fa:70:cb:d5:ca:db:59:d1:bf:47:3f:7b:83:
04:1c:1e:02:05:c7:7d:04:20:5d:5a:2c:92:e6:f4:
fb:80:dc:cb:1f:1f:99:8b:16:a8:a6:43:dc:1f:81:
88:8c:14:96:9c:4f:b8:7f:02:70:0c:0e:be:9d:8c:
be:b4:da:9b:e2:93:a8:5d:cb:3d:60:da:ef:60:2b:
8e:b2:c3:f9:f6:22:33:6d:ce:84:68:eb:58:45:ba:
74:bf:01:64:5f:c6:3a:39:d0:71:66:4c:c6:02:d3:
df:8f:b7:97:a1:52:19:b0:83:aa:dd:4e:4d:9d:fb:
52:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D4:33:C8:5C:F7:8B:98:14:3B:CD:A8:5E:8D:44:46:1F:FD:50:68
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/i9QzyFz3i5gUO82oXo1ERh_9UGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
42:97:bb:84:34:36:01:35:dc:6c:67:01:ba:28:41:0a:d8:16:
c0:5c:82:b9:ac:74:78:d7:33:39:5d:78:a3:fc:bc:85:95:0b:
41:4a:2e:3a:67:d5:6c:e2:9b:a8:8b:c6:77:dc:18:09:7a:00:
4d:24:92:9f:d3:d3:9c:90:61:52:e8:55:df:de:17:83:81:ec:
5a:ec:a5:9f:96:e8:6f:03:69:fd:dc:6f:ae:c5:7c:7a:e2:80:
97:fb:cd:f9:f9:56:fe:c9:13:68:ff:ee:cf:e6:46:38:9a:61:
54:e6:8a:ac:cc:2b:12:33:f8:53:d0:7d:3a:e2:d2:cd:11:a3:
d1:e6:98:63:5b:2e:dd:89:2d:8f:92:23:2c:09:c1:65:59:df:
45:7b:12:48:9a:14:6c:db:4d:6e:17:4e:97:a0:c3:99:cc:85:
f8:84:11:53:9a:37:06:c3:2d:05:5a:e6:59:10:5d:e9:5c:da:
b5:86:35:94:dd:4b:f0:9e:36:b4:6c:63:81:cf:4e:5e:3f:73:
47:42:e1:74:35:3a:e3:ab:f1:f8:e1:ae:0c:80:ce:06:40:99:
24:45:e0:d8:62:5d:c2:f0:42:7a:d5:ba:59:7e:20:e6:9f:e3:
51:36:1d:09:7c:61:65:c8:76:bf:26:59:1f:17:44:4e:ad:a3:
20:36:e8:3a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEC/7BBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjJiNDhmNjQzNTgwMTFjNzg0MmQzY2VjNWNiMmQ0NzA2OGI4MzZkMB4XDTIyMDMy
MzA2MDk1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJkNDMzYzg1Y2Y3
OGI5ODE0M2JjZGE4NWU4ZDQ0NDYxZmZkNTA2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmXLyffOKRjQRACMwfErlO4XURHYPzQTzU7PS5POtr8mmDg
arZGgJFIRgDEKLKq6NU9NGxXMe0jeakze0M6mopSvgo4UYeAjnMegdo8Qaqwz5PK
hGoAM8qfKyjGfms8uveqZK5WR9UEUteNYhQCIiRjbQe8nNUseFWWATzRnocSLeLj
6pDVYxT6cMvVyttZ0b9HP3uDBBweAgXHfQQgXVoskub0+4Dcyx8fmYsWqKZD3B+B
iIwUlpxPuH8CcAwOvp2MvrTam+KTqF3LPWDa72ArjrLD+fYiM23OhGjrWEW6dL8B
ZF/GOjnQcWZMxgLT34+3l6FSGbCDqt1OTZ37UqcCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBSL1DPIXPeLmBQ7zahejURGH/1QaDAfBgNVHSMEGDAWgBS7K0j2Q1gBHHhC
087Fyy1HBouDbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3V5dEk5a05ZQVJ4NFF0UE94Y3N0UndhTGcyMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZjY2YjZiLWNkZGUtNDBjYi1hMTgyLWM1MjI5ODYzYWViYS8x
L2k5UXp5RnozaTVnVU84Mm9YbzFFUmhfOVVHZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZjY2YjZiLWNkZGUtNDBjYi1hMTgyLWM1MjI5ODYzYWViYS8xL3V5dEk5a05ZQVJ4
NFF0UE94Y3N0UndhTGcyMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwLwQCAAEwKQMEBi4pgAMEBy7ygAMEBj6BwAMDAE9g
AwQHWaGAAwQHvICAAwQF1FVgMA0EAgACMAcDBQMqAiWoMA0GCSqGSIb3DQEBCwUA
A4IBAQBCl7uENDYBNdxsZwG6KEEK2BbAXIK5rHR41zM5XXij/LyFlQtBSi46Z9Vs
4puoi8Z33BgJegBNJJKf09OckGFS6FXf3heDgexa7KWfluhvA2n93G+uxXx64oCX
+835+Vb+yRNo/+7P5kY4mmFU5oqszCsSM/hT0H064tLNEaPR5phjWy7diS2PkiMs
CcFlWd9FexJImhRs201uF06XoMOZzIX4hBFTmjcGwy0FWuZZEF3pXNq1hjWU3Uvw
nja0bGOBz05eP3NHQuF0NTrjq/H44a4MgM4GQJkkReDYYl3C8EJ61bpZfiDmn+NR
Nh0JfGFlyHa/JlkfF0ROraMgNug6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:21 2025 by rpki-client