Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/d88apqzPG930VSJ4ZhMT-O-vX24.roa
File: d88apqzPG930VSJ4ZhMT-O-vX24.roa (raw, json)
Hash identifier: C2Wq8v1rcsUCPbBl/zN5rB7Mmjri+N9skDQU4R8ZsXU=
Subject key identifier: 77:CF:1A:A6:AC:CF:1B:DD:F4:55:22:78:66:13:13:F8:EF:AF:5F:6E
Certificate issuer: /CN=a968adf120a74a5d10809cfd3cb6814fc89b1f46
Certificate serial: 0187BDBCD30AD26FE3E4BFF18CA95D1DD034
Authority key identifier: A9:68:AD:F1:20:A7:4A:5D:10:80:9C:FD:3C:B6:81:4F:C8:9B:1F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qWit8SCnSl0QgJz9PLaBT8ibH0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/d88apqzPG930VSJ4ZhMT-O-vX24.roa
Signing time: Wed 26 Apr 2023 13:24:41 +0000
ROA not before: Wed 26 Apr 2023 13:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39507
IP address blocks: 176.101.80.0/21 maxlen: 21
91.234.100.0/22 maxlen: 22
46.253.208.0/20 maxlen: 20
91.237.219.0/24 maxlen: 24
91.237.224.0/22 maxlen: 22
91.231.32.0/23 maxlen: 23
185.41.80.0/22 maxlen: 22
185.245.44.0/22 maxlen: 22
91.221.158.0/23 maxlen: 23
194.180.220.0/22 maxlen: 22
188.191.216.0/21 maxlen: 21
185.3.60.0/22 maxlen: 22
91.224.196.0/23 maxlen: 23
95.171.192.0/19 maxlen: 19
185.234.232.0/22 maxlen: 22
91.222.72.0/22 maxlen: 22
185.23.44.0/22 maxlen: 22
91.237.228.0/23 maxlen: 23
176.101.128.0/20 maxlen: 20
185.253.64.0/22 maxlen: 22
185.107.140.0/22 maxlen: 22
185.95.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:bc:d3:0a:d2:6f:e3:e4:bf:f1:8c:a9:5d:1d:d0:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a968adf120a74a5d10809cfd3cb6814fc89b1f46
Validity
Not Before: Apr 26 13:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77cf1aa6accf1bddf4552278661313f8efaf5f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:af:96:6e:1c:6a:72:61:85:ed:90:a1:ce:77:
03:c6:17:19:a0:63:e5:5c:5f:c8:37:79:33:85:c9:
f2:c3:bf:d1:5f:90:b4:b5:4f:fe:b1:49:0b:ea:64:
14:ba:d9:2d:d1:33:2e:c4:82:00:ec:6b:b7:e7:d1:
d6:b3:a3:0c:1e:16:69:91:f9:3d:d9:7a:74:60:88:
06:ef:7f:16:61:20:87:66:0c:1f:65:23:39:b0:2f:
7c:83:40:46:f3:d7:97:33:22:97:0a:20:d2:3e:a8:
85:0a:7c:34:ec:16:40:ef:16:4c:d5:0c:b4:8c:72:
03:63:db:33:56:a2:e2:dc:e3:e7:36:42:31:f0:6b:
fe:62:57:8c:56:f2:cd:df:e2:c9:a2:b5:1f:fa:53:
e7:64:2a:83:81:84:8a:85:08:d0:18:71:6e:77:bb:
f1:21:7c:d7:00:ba:05:09:55:cd:b1:ef:3d:c1:ca:
af:e5:e5:2f:7f:50:ab:91:42:5c:ee:5b:f5:7a:a8:
48:3f:ad:11:01:6f:08:d1:1b:38:3a:05:2f:dd:98:
82:0e:87:d3:b6:dc:c5:06:f5:aa:02:65:b4:1d:c9:
61:a2:92:a4:00:33:65:30:49:48:26:a3:0b:ce:d7:
04:58:5c:e6:bf:96:da:04:50:c1:e7:e4:2f:9f:33:
12:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:CF:1A:A6:AC:CF:1B:DD:F4:55:22:78:66:13:13:F8:EF:AF:5F:6E
X509v3 Authority Key Identifier:
keyid:A9:68:AD:F1:20:A7:4A:5D:10:80:9C:FD:3C:B6:81:4F:C8:9B:1F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qWit8SCnSl0QgJz9PLaBT8ibH0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/d88apqzPG930VSJ4ZhMT-O-vX24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/qWit8SCnSl0QgJz9PLaBT8ibH0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.208.0/20
91.221.158.0/23
91.222.72.0/22
91.224.196.0/23
91.231.32.0/23
91.234.100.0/22
91.237.219.0/24
91.237.224.0-91.237.229.255
95.171.192.0/19
176.101.80.0/21
176.101.128.0/20
185.3.60.0/22
185.23.44.0/22
185.41.80.0/22
185.95.196.0/22
185.107.140.0/22
185.234.232.0/22
185.245.44.0/22
185.253.64.0/22
188.191.216.0/21
194.180.220.0/22
Signature Algorithm: sha256WithRSAEncryption
19:bc:a0:27:47:e4:d7:29:fb:aa:c8:bb:17:d2:57:e8:99:5c:
83:f9:60:2d:f0:63:6c:fc:22:c9:f4:f5:9a:4e:92:45:a7:db:
0d:f6:b3:f2:d0:25:b3:5e:92:d7:ff:97:a9:d8:a1:63:25:0f:
d1:d4:f2:52:4e:9a:f6:db:b5:70:fa:ef:49:95:69:1c:cb:c5:
99:7b:75:14:ae:75:08:4f:ef:22:7d:f6:1d:b6:a4:4d:b5:7c:
27:b0:f3:c6:05:25:16:c3:57:c6:72:ba:dd:cb:27:ab:6d:18:
a4:b7:4e:6c:da:b6:7c:4f:23:f1:02:31:0e:57:4c:83:4f:69:
bf:4d:1d:a7:54:3a:d5:e6:b9:74:90:cd:2d:c9:9d:7d:92:28:
c3:5b:9d:28:c2:14:53:8d:d7:4e:44:3d:e3:72:6f:5c:78:16:
c0:c5:67:50:83:29:f9:d3:23:89:df:29:f9:f3:7d:67:30:55:
da:84:9f:9f:56:61:bd:87:f2:74:90:9e:f5:89:14:06:c3:1c:
eb:19:e8:a1:d1:46:8f:25:99:e5:b6:af:5c:cc:a1:f6:1d:a8:
62:2b:55:3f:cd:b9:35:61:46:f5:76:17:6b:00:5f:39:fb:87:
3e:e4:7a:91:97:cb:6f:f9:0b:bf:e0:05:0e:04:b2:e4:95:45:
27:39:81:2b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYe9vNMK0m/j5L/xjKldHdA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NjhhZGYxMjBhNzRhNWQxMDgwOWNmZDNjYjY4MTRmYzg5
YjFmNDYwHhcNMjMwNDI2MTMyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2NmMWFhNmFjY2YxYmRkZjQ1NTIyNzg2NjEzMTNmOGVmYWY1ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK+WbhxqcmGF7ZChzncDxhcZoGPl
XF/IN3kzhcnyw7/RX5C0tU/+sUkL6mQUutkt0TMuxIIA7Gu359HWs6MMHhZpkfk9
2Xp0YIgG738WYSCHZgwfZSM5sC98g0BG89eXMyKXCiDSPqiFCnw07BZA7xZM1Qy0
jHIDY9szVqLi3OPnNkIx8Gv+YleMVvLN3+LJorUf+lPnZCqDgYSKhQjQGHFud7vx
IXzXALoFCVXNse89wcqv5eUvf1CrkUJc7lv1eqhIP60RAW8I0Rs4OgUv3ZiCDofT
ttzFBvWqAmW0HclhopKkADNlMElIJqMLztcEWFzmv5baBFDB5+QvnzMS+wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFHfPGqaszxvd9FUieGYTE/jvr19uMB8GA1UdIwQY
MBaAFKlorfEgp0pdEICc/Ty2gU/Imx9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVdpdDhTQ25TbDBRZ0p6OVBMYUJUOGliSDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jNGIyMTEtYzA4OS00YzA1LTgwM2It
ODBjZTQ1ODYxMjM5LzEvZDg4YXBxelBHOTMwVlNKNFpoTVQtTy12WDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jNGIyMTEtYzA4OS00YzA1LTgwM2ItODBjZTQ1ODYxMjM5
LzEvcVdpdDhTQ25TbDBRZ0p6OVBMYUJUOGliSDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAQu
/dADBAFb3Z4DBAJb3kgDBAFb4MQDBAFb5yADBAJb6mQDBABb7dswDAMEBVvt4AME
AVvt5AMEBV+rwAMEA7BlUAMEBLBlgAMEArkDPAMEArkXLAMEArkpUAMEArlfxAME
ArlrjAMEArnq6AMEArn1LAMEArn9QAMEA7y/2AMEAsK03DANBgkqhkiG9w0BAQsF
AAOCAQEAGbygJ0fk1yn7qsi7F9JX6Jlcg/lgLfBjbPwiyfT1mk6SRafbDfaz8tAl
s16S1/+XqdihYyUP0dTyUk6a9tu1cPrvSZVpHMvFmXt1FK51CE/vIn32HbakTbV8
J7DzxgUlFsNXxnK63csnq20YpLdObNq2fE8j8QIxDldMg09pv00dp1Q61ea5dJDN
LcmdfZIow1udKMIUU43XTkQ943JvXHgWwMVnUIMp+dMjid8p+fN9ZzBV2oSfn1Zh
vYfydJCe9YkUBsMc6xnoodFGjyWZ5bavXMyh9h2oYitVP825NWFG9XYXawBfOfuH
PuR6kZfLb/kLv+AFDgSy5JVFJzmBKw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:11 2025 by rpki-client