Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/_R02VP5sxHP4WwM_GkVfD8a1OLQ.roa
File: _R02VP5sxHP4WwM_GkVfD8a1OLQ.roa (raw, json)
Hash identifier: GkvdUHKX9JDOHQmWq+c+WK/hKN6IqvnAM7PNvm6IBRY=
Subject key identifier: FD:1D:36:54:FE:6C:C4:73:F8:5B:03:3F:1A:45:5F:0F:C6:B5:38:B4
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 32F463
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/_R02VP5sxHP4WwM_GkVfD8a1OLQ.roa
Signing time: Wed 13 Apr 2022 10:34:18 +0000
ROA not before: Wed 13 Apr 2022 10:34:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16371
IP address blocks: 109.70.32.0/21 maxlen: 21
109.70.32.0/24 maxlen: 24
109.70.32.0/22 maxlen: 22
109.70.36.0/22 maxlen: 22
45.6.48.0/22 maxlen: 23
93.90.28.0/22 maxlen: 22
93.90.28.0/23 maxlen: 23
93.90.30.0/23 maxlen: 23
87.238.88.0/21 maxlen: 22
86.109.97.0/24 maxlen: 24
86.109.96.0/19 maxlen: 19
86.109.96.0/20 maxlen: 20
86.109.112.0/20 maxlen: 20
79.139.120.0/22 maxlen: 22
79.139.124.0/22 maxlen: 22
79.139.120.0/21 maxlen: 21
85.187.58.0/23 maxlen: 23
85.187.56.0/23 maxlen: 23
85.187.56.0/22 maxlen: 22
86.109.124.0/22 maxlen: 22
86.109.124.0/23 maxlen: 23
86.109.126.0/23 maxlen: 23
93.90.16.0/20 maxlen: 20
93.90.16.0/21 maxlen: 21
89.37.224.0/23 maxlen: 23
89.37.224.0/24 maxlen: 24
89.37.225.0/24 maxlen: 24
93.90.24.0/21 maxlen: 21
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
185.78.24.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3339363 (0x32f463)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Apr 13 10:34:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd1d3654fe6cc473f85b033f1a455f0fc6b538b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:e2:2f:8b:8c:05:80:00:14:ca:b2:c4:ad:
e5:ea:29:be:b1:ec:9e:7e:cf:12:72:1a:9d:2e:cc:
97:55:9c:25:32:f2:11:f3:2d:8f:53:be:ca:44:3e:
c1:17:a9:bc:fb:0e:1a:d1:7c:0f:cf:02:8f:e2:2a:
59:3a:e1:64:42:41:b5:1f:d1:04:85:ed:b3:e0:dd:
06:66:13:29:26:ff:64:e9:5d:c3:dc:5a:50:13:0a:
a0:59:cc:1c:17:7b:4e:69:4d:bc:d9:89:be:a3:53:
ba:8b:f1:a4:33:9a:6c:73:55:1f:e2:50:b2:55:2f:
7d:57:10:b3:0d:f4:53:bf:84:97:fd:ab:e2:34:27:
c3:c5:e1:54:71:39:a8:78:f2:b7:c3:37:8b:2e:21:
79:90:d8:19:c6:c9:89:f4:57:df:ea:3d:94:ee:12:
1d:29:25:68:cd:61:5b:2e:75:2e:13:a2:14:c1:63:
5e:f6:32:24:94:57:5e:17:8c:55:c6:52:38:92:e4:
d3:d4:94:bb:96:3b:25:db:04:43:57:8e:84:86:78:
fc:53:89:d4:fe:87:04:31:55:fb:97:b3:0a:29:d8:
16:f6:b2:84:3f:7a:44:e3:90:e8:33:61:bb:a5:44:
58:fe:23:03:ec:2c:cb:17:5a:20:2e:f6:76:d0:60:
00:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1D:36:54:FE:6C:C4:73:F8:5B:03:3F:1A:45:5F:0F:C6:B5:38:B4
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/_R02VP5sxHP4WwM_GkVfD8a1OLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
79.139.120.0/21
85.187.56.0/22
86.109.96.0/19
87.238.88.0/21
89.37.224.0/23
93.90.16.0/20
109.70.32.0/21
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
Signature Algorithm: sha256WithRSAEncryption
05:fd:cf:ed:83:b5:95:a4:34:f1:f9:ea:28:15:65:55:62:56:
4d:e1:7f:9a:2f:d9:14:06:fa:f9:6b:93:d5:75:10:dd:5b:72:
19:e5:b4:de:76:0d:bd:98:64:c9:0a:47:a7:03:bb:45:2c:54:
f0:0f:40:fa:70:ad:ad:31:ee:54:e6:63:95:3d:46:f2:be:a4:
ea:c0:8f:07:4b:c4:b3:c1:f3:cd:3a:cd:f2:97:98:fb:61:7e:
30:36:31:e9:be:79:44:ca:f3:71:e9:ed:b3:7a:7e:9e:15:83:
9a:10:73:ff:0a:fa:17:69:86:57:2b:f8:b3:dc:a2:91:9b:b2:
9b:ff:2d:33:86:c7:e2:8a:2d:28:53:53:03:7a:72:88:53:1e:
b5:4f:6d:32:af:88:95:7a:30:36:de:ca:04:a6:e3:4d:f8:54:
42:60:4c:49:10:f9:b5:a1:17:fa:9f:5d:c3:a1:a5:66:6b:35:
b4:db:5a:82:c8:49:2a:00:c2:95:40:c2:fe:5a:96:2f:84:dc:
e1:f8:e7:23:bb:16:3e:01:70:fc:2f:8b:03:ac:05:9e:11:5d:
92:d0:53:9c:25:aa:83:da:56:82:dd:07:5a:de:e4:5c:bf:ed:
00:e7:77:96:24:af:79:35:37:93:57:6f:69:70:a1:70:c3:b7:
a8:62:9c:b6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIDMvRjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjliNjlkZGMwHhcNMjIwNDEz
MTAzNDE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmZDFkMzY1NGZlNmNj
NDczZjg1YjAzM2YxYTQ1NWYwZmM2YjUzOGI0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAruTiL4uMBYAAFMqyxK3l6im+seyefs8SchqdLsyXVZwlMvIR
8y2PU77KRD7BF6m8+w4a0XwPzwKP4ipZOuFkQkG1H9EEhe2z4N0GZhMpJv9k6V3D
3FpQEwqgWcwcF3tOaU282Ym+o1O6i/GkM5psc1Uf4lCyVS99VxCzDfRTv4SX/avi
NCfDxeFUcTmoePK3wzeLLiF5kNgZxsmJ9Fff6j2U7hIdKSVozWFbLnUuE6IUwWNe
9jIklFdeF4xVxlI4kuTT1JS7ljsl2wRDV46Ehnj8U4nU/ocEMVX7l7MKKdgW9rKE
P3pE45DoM2G7pURY/iMD7CzLF1ogLvZ20GAANwIDAQABo4ICRTCCAkEwHQYDVR0O
BBYEFP0dNlT+bMRz+FsDPxpFXw/GtTi0MB8GA1UdIwQYMBaAFNj/cfKxqNYq9Eap
K6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEv
X1IwMlZQNXN4SFA0V3dNX0drVmZEOGExT0xRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
YTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEvMlA5eDhyR28xaXIw
UnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsG
CCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLQYwAwQDT4t4AwQCVbs4AwQFVm1g
AwQDV+5YAwQBWSXgAwQEXVoQAwQDbUYgAwQCuQJEAwQCuU4YAwQBwnS4MA0GCSqG
SIb3DQEBCwUAA4IBAQAF/c/tg7WVpDTx+eooFWVVYlZN4X+aL9kUBvr5a5PVdRDd
W3IZ5bTedg29mGTJCkenA7tFLFTwD0D6cK2tMe5U5mOVPUbyvqTqwI8HS8SzwfPN
Os3yl5j7YX4wNjHpvnlEyvNx6e2zen6eFYOaEHP/CvoXaYZXK/iz3KKRm7Kb/y0z
hsfiii0oU1MDenKIUx61T20yr4iVejA23soEpuNN+FRCYExJEPm1oRf6n13DoaVm
azW021qCyEkqAMKVQML+WpYvhNzh+OcjuxY+AXD8L4sDrAWeEV2S0FOcJaqD2laC
3Qda3uRcv+0A53eWJK95NTeTV29pcKFww7eoYpy2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:01 2025 by rpki-client