Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/4hPGDmAGmzGI3KJ2if4rILqqs1Y.roa
File: 4hPGDmAGmzGI3KJ2if4rILqqs1Y.roa (raw, json)
Hash identifier: E26/KSWeT3NU8hTt8A2BkoQWXxqCSMM47OjojEoLDKY=
Subject key identifier: E2:13:C6:0E:60:06:9B:31:88:DC:A2:76:89:FE:2B:20:BA:AA:B3:56
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 01857169CA6F67C03EEF33536613D48C788A
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/4hPGDmAGmzGI3KJ2if4rILqqs1Y.roa
Signing time: Mon 02 Jan 2023 07:37:16 +0000
ROA not before: Mon 02 Jan 2023 07:37:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31615
IP address blocks: 178.224.0.0/13 maxlen: 24
95.98.0.0/15 maxlen: 24
89.205.128.0/17 maxlen: 24
91.141.128.0/17 maxlen: 24
84.241.192.0/18 maxlen: 24
188.88.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:ca:6f:67:c0:3e:ef:33:53:66:13:d4:8c:78:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 2 07:37:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e213c60e60069b3188dca27689fe2b20baaab356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ef:7f:31:08:13:1f:ea:7d:ac:26:7a:60:68:
37:ed:8c:1e:58:8b:1a:99:55:4a:33:c3:90:d6:b1:
71:9d:df:0b:b6:39:b3:2c:ec:b9:c6:63:88:1c:33:
73:57:69:2b:6c:fb:1c:ea:42:a1:8e:f6:3c:4d:87:
b5:30:d1:56:51:c8:2f:b4:08:dc:d3:fc:f0:64:e4:
96:1d:2d:0a:ae:5a:d5:19:0b:07:e9:0a:a8:5d:31:
91:d9:f3:e0:b0:eb:48:58:bc:de:99:59:19:c9:51:
3a:66:6f:4d:8d:9c:94:0d:e9:3f:a0:af:36:92:e9:
3b:3b:56:d7:84:a3:4f:6a:a3:9b:d1:98:34:b3:86:
5f:19:90:d8:f8:05:58:b8:4e:4f:ba:2a:41:e4:0d:
37:7e:01:f5:d5:36:d4:79:17:82:ae:0a:c6:45:5b:
da:c9:fe:38:79:7e:11:31:90:32:52:28:a5:41:5e:
bf:88:73:77:31:4e:01:2e:b3:a7:df:58:94:2c:aa:
eb:bd:23:ae:d3:6b:c2:e0:ff:31:67:98:14:7f:55:
3a:1d:4b:55:e0:7d:9c:ad:d6:4f:e6:78:fe:d9:0a:
ef:88:23:7b:6c:bc:f4:15:41:4e:44:33:80:32:ea:
8a:ce:32:56:4b:8d:cb:da:eb:16:f2:1c:3d:7f:a3:
78:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:13:C6:0E:60:06:9B:31:88:DC:A2:76:89:FE:2B:20:BA:AA:B3:56
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/4hPGDmAGmzGI3KJ2if4rILqqs1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.241.192.0/18
89.205.128.0/17
91.141.128.0/17
95.98.0.0/15
178.224.0.0/13
188.88.0.0/14
Signature Algorithm: sha256WithRSAEncryption
55:aa:b1:c1:bb:1b:59:58:4b:9a:2d:39:af:b7:7a:96:0d:ed:
e1:d8:81:13:6f:df:b2:9b:97:bf:c9:73:c8:bd:03:dc:65:00:
23:22:e5:31:d8:f0:71:83:8d:48:c6:3b:47:74:fd:df:12:86:
b2:f7:19:9d:dc:b7:55:ac:df:2c:dc:b4:66:73:4f:dc:72:c4:
7f:e2:c2:69:05:c1:49:37:6e:fd:6a:b8:d6:6c:01:1b:43:51:
28:4f:fd:3e:bd:36:54:ed:e3:b8:99:81:fc:a9:d8:72:20:79:
54:d4:0d:af:a1:69:6e:4b:f9:72:2a:4d:e5:8f:e7:6d:68:49:
32:1f:49:cf:e8:fc:01:2b:0a:77:42:0b:f4:53:48:e7:3b:44:
a6:c9:7e:6a:7f:74:07:62:00:52:b7:bb:08:4f:a5:52:8f:99:
34:78:33:b7:db:0a:99:a8:9d:6a:a5:9f:37:ad:eb:9d:08:46:
66:87:de:f9:ce:66:ce:ac:74:8b:61:a5:d7:45:c8:29:52:15:
a3:44:49:78:70:1a:83:18:7a:52:44:40:77:9c:d3:1e:ab:a7:
a7:a2:de:fe:4d:6a:85:f5:65:cf:4a:94:2c:1e:a6:29:27:ee:
4f:c4:ae:c3:ab:d6:99:cc:ab:17:d4:dd:11:7d:91:2b:00:82:
72:09:93:94
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxacpvZ8A+7zNTZhPUjHiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjUzNDQzNzUwMzY2ODgxNWFkZDkzY2QxN2QwYWQzZTFi
MWE4NzcwHhcNMjMwMTAyMDczNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjEzYzYwZTYwMDY5YjMxODhkY2EyNzY4OWZlMmIyMGJhYWFiMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou9/MQgTH+p9rCZ6YGg37YweWIsa
mVVKM8OQ1rFxnd8LtjmzLOy5xmOIHDNzV2krbPsc6kKhjvY8TYe1MNFWUcgvtAjc
0/zwZOSWHS0KrlrVGQsH6QqoXTGR2fPgsOtIWLzemVkZyVE6Zm9NjZyUDek/oK82
kuk7O1bXhKNPaqOb0Zg0s4ZfGZDY+AVYuE5PuipB5A03fgH11TbUeReCrgrGRVva
yf44eX4RMZAyUiilQV6/iHN3MU4BLrOn31iULKrrvSOu02vC4P8xZ5gUf1U6HUtV
4H2crdZP5nj+2QrviCN7bLz0FUFORDOAMuqKzjJWS43L2usW8hw9f6N4nwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOITxg5gBpsxiNyidon+KyC6qrNWMB8GA1UdIwQY
MBaAFGG1NEN1A2aIFa3ZPNF9CtPhsah3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYt
ZjU1NWUyZTY4YTEwLzEvNGhQR0RtQUdtekdJM0tKMmlmNHJJTHFxczFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYtZjU1NWUyZTY4YTEw
LzEvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwQGVPHAAwQH
Wc2AAwQHW42AAwMBX2IDAwOy4AMDArxYMA0GCSqGSIb3DQEBCwUAA4IBAQBVqrHB
uxtZWEuaLTmvt3qWDe3h2IETb9+ym5e/yXPIvQPcZQAjIuUx2PBxg41IxjtHdP3f
Eoay9xmd3LdVrN8s3LRmc0/ccsR/4sJpBcFJN279arjWbAEbQ1EoT/0+vTZU7eO4
mYH8qdhyIHlU1A2voWluS/lyKk3lj+dtaEkyH0nP6PwBKwp3Qgv0U0jnO0SmyX5q
f3QHYgBSt7sIT6VSj5k0eDO32wqZqJ1qpZ83reudCEZmh975zmbOrHSLYaXXRcgp
UhWjREl4cBqDGHpSREB3nNMeq6enot7+TWqF9WXPSpQsHqYpJ+5PxK7Dq9aZzKsX
1N0RfZErAIJyCZOU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:06 2025 by rpki-client