Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fhoAyv_AqbUI3UbeMd05Y6Q6iaI.roa
File: fhoAyv_AqbUI3UbeMd05Y6Q6iaI.roa (raw, json)
Hash identifier: 3bHiNpureKHg6uyZA+PxxqgOG5QGP5lW6tx6NYyd86I=
Subject key identifier: 7E:1A:00:CA:FF:C0:A9:B5:08:DD:46:DE:31:DD:39:63:A4:3A:89:A2
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182E4F7ECEDFDDA112E7781A46B1D909348
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fhoAyv_AqbUI3UbeMd05Y6Q6iaI.roa
Signing time: Sun 28 Aug 2022 15:00:29 +0000
ROA not before: Sun 28 Aug 2022 15:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
164.215.100.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
109.205.214.0/24 maxlen: 24
109.205.215.0/24 maxlen: 24
185.81.216.0/22 maxlen: 22
88.151.192.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e4:f7:ec:ed:fd:da:11:2e:77:81:a4:6b:1d:90:93:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 28 15:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e1a00caffc0a9b508dd46de31dd3963a43a89a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c0:ae:3f:b4:db:4f:1e:c8:a3:81:b2:24:69:
e8:02:a9:56:76:d4:e4:0e:4a:e2:9e:fc:cc:45:f1:
b2:ec:5e:6b:19:6f:7e:a1:b6:33:60:38:bf:ce:c5:
b4:2a:e7:b4:4d:d1:4c:1b:01:d9:1f:fb:fe:80:53:
33:8c:1a:b4:0b:66:a1:3c:95:a1:e3:b5:1a:89:59:
51:58:00:6b:30:db:61:e7:c2:b0:87:b1:da:f8:44:
d9:c5:29:90:9d:c1:86:03:53:f0:fe:a9:a7:ea:84:
99:75:9d:c7:56:cb:5e:88:1f:07:58:26:f6:fe:df:
16:14:c4:cc:ab:28:07:5d:a5:ff:28:2e:fc:cb:86:
40:e1:53:c6:5e:50:23:9a:78:56:87:17:76:61:16:
1b:51:3c:2d:ef:82:56:c7:95:c1:91:cb:a7:b2:b9:
ae:09:93:a3:c0:6c:8a:e0:a0:d9:29:9f:47:d0:72:
32:c1:61:a8:33:c8:79:20:38:50:6e:c3:8a:dd:20:
66:73:de:ca:f2:86:74:b2:6e:3e:2d:6f:6b:a9:b5:
63:de:32:4b:fe:55:ac:c1:e6:40:c7:ff:4c:f8:bc:
67:ed:12:a1:9b:41:46:07:e8:39:39:ee:81:7e:ae:
1e:fa:19:74:8d:fa:72:66:ac:fb:30:a7:2e:e3:3d:
13:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1A:00:CA:FF:C0:A9:B5:08:DD:46:DE:31:DD:39:63:A4:3A:89:A2
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fhoAyv_AqbUI3UbeMd05Y6Q6iaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/22
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
88.151.192.0/24
88.151.199.0/24
109.205.214.0/23
164.215.100.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
11:e0:2b:94:05:df:e7:e6:b6:d3:fd:f3:02:4b:b1:2d:c7:5f:
13:95:2e:ff:eb:9f:7c:11:b3:47:eb:70:cf:fa:43:7c:b0:3b:
b9:05:7b:1b:fe:7a:61:89:59:2f:c1:0d:1f:1c:5a:a0:24:f6:
87:a5:12:c8:84:44:80:7b:55:3f:ba:78:c6:d8:b5:7f:9c:d0:
63:cd:f0:93:9c:9c:d3:77:66:83:59:ec:df:a2:58:16:7b:ef:
b1:3e:08:35:30:10:0a:cc:ee:e4:3e:29:30:a3:ee:1a:a2:93:
73:28:da:19:43:4e:af:e6:60:c6:a7:d4:aa:ca:02:c3:5f:7f:
5a:e6:fe:83:d1:fa:9f:ec:87:85:6e:cd:7b:14:90:26:f2:86:
3b:55:62:c0:9a:04:37:10:c7:8c:3f:a3:49:bd:03:7d:fc:10:
85:df:ed:ff:c0:a3:58:7c:4f:97:c3:59:c4:3b:6d:21:65:8a:
e6:1f:53:ef:4c:a7:52:2e:ba:27:9e:fa:ce:47:c7:24:40:58:
2a:70:75:1e:f4:48:ca:69:c2:ee:31:11:fe:f6:12:b8:fd:b7:
1e:9d:0f:9b:a2:7b:9e:7b:7d:38:19:93:e8:24:a4:fc:74:4a:
04:78:54:92:f2:d8:cd:4b:99:5c:6a:e8:b7:9b:fc:4a:04:bc:
3a:6e:53:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYLk9+zt/doRLneBpGsdkJNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODI4MTUwMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTFhMDBjYWZmYzBhOWI1MDhkZDQ2ZGUzMWRkMzk2M2E0M2E4OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMCuP7TbTx7Io4GyJGnoAqlWdtTk
DkrinvzMRfGy7F5rGW9+obYzYDi/zsW0Kue0TdFMGwHZH/v+gFMzjBq0C2ahPJWh
47UaiVlRWABrMNth58Kwh7Ha+ETZxSmQncGGA1Pw/qmn6oSZdZ3HVsteiB8HWCb2
/t8WFMTMqygHXaX/KC78y4ZA4VPGXlAjmnhWhxd2YRYbUTwt74JWx5XBkcunsrmu
CZOjwGyK4KDZKZ9H0HIywWGoM8h5IDhQbsOK3SBmc97K8oZ0sm4+LW9rqbVj3jJL
/lWsweZAx/9M+Lxn7RKhm0FGB+g5Oe6Bfq4e+hl0jfpyZqz7MKcu4z0TXQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFH4aAMr/wKm1CN1G3jHdOWOkOomiMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvZmhvQXl2X0FxYlVJM1ViZU1kMDVZNlE2aWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCBbIAAwQA
LhdgAwQBLhdiAwQALhdsAwQALhdvAwQAWJfAAwQAWJfHAwQBbc3WAwQApNdkAwQC
uVHYMA0GCSqGSIb3DQEBCwUAA4IBAQAR4CuUBd/n5rbT/fMCS7Etx18TlS7/6598
EbNH63DP+kN8sDu5BXsb/nphiVkvwQ0fHFqgJPaHpRLIhESAe1U/unjG2LV/nNBj
zfCTnJzTd2aDWezfolgWe++xPgg1MBAKzO7kPikwo+4aopNzKNoZQ06v5mDGp9Sq
ygLDX39a5v6D0fqf7IeFbs17FJAm8oY7VWLAmgQ3EMeMP6NJvQN9/BCF3+3/wKNY
fE+Xw1nEO20hZYrmH1PvTKdSLronnvrOR8ckQFgqcHUe9EjKacLuMRH+9hK4/bce
nQ+bonuee304GZPoJKT8dEoEeFSS8tjNS5lcaui3m/xKBLw6blPu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:59 2025 by rpki-client