Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/7bZ49ldMI2uslQd5-sBiXDp0I5I.roa
File: 7bZ49ldMI2uslQd5-sBiXDp0I5I.roa (raw, json)
Hash identifier: 9kQP0WaHNbJmMZV4L5UCq+/EQLJdErXLNOqirNoDbeY=
Subject key identifier: ED:B6:78:F6:57:4C:23:6B:AC:95:07:79:FA:C0:62:5C:3A:74:23:92
Certificate issuer: /CN=8452b03e1b01709638940d9592983cde77ecab77
Certificate serial: 06CCCFEB
Authority key identifier: 84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/7bZ49ldMI2uslQd5-sBiXDp0I5I.roa
Signing time: Sat 05 Mar 2022 18:09:35 +0000
ROA not before: Sat 05 Mar 2022 18:09:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35297
IP address blocks: 193.238.32.0/22 maxlen: 22
185.249.160.0/22 maxlen: 22
5.53.112.0/21 maxlen: 21
178.251.104.0/21 maxlen: 21
178.251.110.0/24 maxlen: 24
193.239.72.0/22 maxlen: 22
77.75.144.0/21 maxlen: 21
91.204.212.0/22 maxlen: 22
2a02:2000:face::/48 maxlen: 48
2a02:2000:4::/48 maxlen: 48
2a02:2000::/29 maxlen: 48
2a02:2000::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114085867 (0x6cccfeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8452b03e1b01709638940d9592983cde77ecab77
Validity
Not Before: Mar 5 18:09:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edb678f6574c236bac950779fac0625c3a742392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:77:ff:3a:e8:8e:f6:a7:04:de:35:37:f5:00:
ea:3d:40:c0:59:f4:49:4a:0e:97:28:11:9d:d0:d0:
1c:ed:74:62:8b:7e:94:30:89:d6:97:f6:65:bf:35:
92:3a:14:2b:59:4e:1d:dd:1f:1b:1c:64:e8:8a:45:
e9:d1:29:e5:1a:aa:95:9f:33:a5:7d:ce:36:3d:6e:
5d:57:f2:d2:34:16:8f:04:5f:4d:ef:a2:17:9a:cc:
07:fd:70:e8:55:05:28:3d:c1:d1:18:cb:f1:94:7e:
69:61:6e:24:cb:1e:41:ef:76:96:c7:91:b8:e1:77:
23:7d:52:09:3a:6d:2e:8a:40:a8:85:9d:8f:d6:0d:
64:05:47:9f:bc:b1:d1:15:ff:09:e9:64:58:9a:b3:
22:45:1c:2d:d8:ef:06:27:59:c1:a4:ad:88:dc:a8:
e1:87:55:9a:67:78:ad:67:b7:9d:17:b9:fd:d1:c3:
70:fe:8c:42:13:76:a1:0f:d2:5a:c8:6b:a0:db:64:
a6:42:ca:e6:cf:10:1f:cc:c9:2e:35:b4:a5:6a:0d:
b4:6b:2a:e3:9e:7e:5e:e6:d2:c0:d9:30:86:bf:96:
36:a2:78:89:8b:c0:75:77:e3:c5:4b:f0:22:d5:48:
83:fd:9a:b4:e3:b7:a0:a5:c1:8b:52:ca:ba:57:d0:
f9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B6:78:F6:57:4C:23:6B:AC:95:07:79:FA:C0:62:5C:3A:74:23:92
X509v3 Authority Key Identifier:
keyid:84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/7bZ49ldMI2uslQd5-sBiXDp0I5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.112.0/21
77.75.144.0/21
91.204.212.0/22
178.251.104.0/21
185.249.160.0/22
193.238.32.0/22
193.239.72.0/22
IPv6:
2a02:2000::/29
Signature Algorithm: sha256WithRSAEncryption
7e:4d:b8:93:67:37:9f:d3:4a:d3:20:01:1c:da:41:36:a1:40:
12:8f:ad:94:1c:ce:6b:c5:2a:65:96:0d:62:e7:d7:04:e6:4b:
e2:1c:7b:14:40:f8:a2:64:d7:48:8b:da:5f:c3:ae:7d:88:19:
fb:0a:bc:7a:ca:ea:bb:fb:74:99:6a:0c:81:d2:f0:2e:35:8f:
67:88:f6:00:01:0a:0f:7c:e2:60:58:39:d4:16:02:f6:7b:27:
16:46:09:28:3e:05:89:ab:36:7d:e7:54:bc:40:63:7f:ec:e2:
22:61:9c:24:d3:4e:b2:bd:4c:a8:66:a1:01:9c:f3:d3:7f:00:
1d:5a:fc:8f:07:b9:b1:48:f0:ac:72:3f:81:cb:bb:57:fe:83:
22:e8:e2:81:e6:f0:33:a1:1f:1b:5c:1c:39:b8:51:61:f1:eb:
af:9d:39:df:ae:c7:60:78:8e:bf:31:cd:6e:64:f3:ed:55:c8:
65:2c:4a:cb:43:1b:a6:26:8d:87:75:64:ea:55:85:c2:32:c1:
9d:45:1a:8a:4a:4e:18:0f:71:3f:87:39:04:71:fc:a7:28:f8:
91:57:95:dd:fc:b6:40:88:3f:b4:08:b2:1c:de:62:b6:0f:19:
20:1d:15:de:5b:42:73:10:9a:62:dd:f8:28:90:c4:f3:b2:b2:
a1:39:f5:76
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEBszP6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDUyYjAzZTFiMDE3MDk2Mzg5NDBkOTU5Mjk4M2NkZTc3ZWNhYjc3MB4XDTIyMDMw
NTE4MDkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRiNjc4ZjY1NzRj
MjM2YmFjOTUwNzc5ZmFjMDYyNWMzYTc0MjM5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJ3/zrojvanBN41N/UA6j1AwFn0SUoOlygRndDQHO10Yot+
lDCJ1pf2Zb81kjoUK1lOHd0fGxxk6IpF6dEp5RqqlZ8zpX3ONj1uXVfy0jQWjwRf
Te+iF5rMB/1w6FUFKD3B0RjL8ZR+aWFuJMseQe92lseRuOF3I31SCTptLopAqIWd
j9YNZAVHn7yx0RX/CelkWJqzIkUcLdjvBidZwaStiNyo4YdVmmd4rWe3nRe5/dHD
cP6MQhN2oQ/SWshroNtkpkLK5s8QH8zJLjW0pWoNtGsq455+XubSwNkwhr+WNqJ4
iYvAdXfjxUvwItVIg/2atOO3oKXBi1LKulfQ+a8CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTttnj2V0wja6yVB3n6wGJcOnQjkjAfBgNVHSMEGDAWgBSEUrA+GwFwljiU
DZWSmDzed+yrdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hGS3dQaHNCY0pZNGxBMlZrcGc4M25mc3EzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvMDExZjZlLWU5MjgtNGYyYi1hYTI0LTIwMGZjMjc0Y2IwMS8x
LzdiWjQ5bGRNSTJ1c2xRZDUtc0JpWERwMEk1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
MDExZjZlLWU5MjgtNGYyYi1hYTI0LTIwMGZjMjc0Y2IwMS8xL2hGS3dQaHNCY0pZ
NGxBMlZrcGc4M25mc3EzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAwU1cAMEA01LkAMEAlvM1AMEA7L7
aAMEArn5oAMEAsHuIAMEAsHvSDANBAIAAjAHAwUDKgIgADANBgkqhkiG9w0BAQsF
AAOCAQEAfk24k2c3n9NK0yABHNpBNqFAEo+tlBzOa8UqZZYNYufXBOZL4hx7FED4
omTXSIvaX8OufYgZ+wq8esrqu/t0mWoMgdLwLjWPZ4j2AAEKD3ziYFg51BYC9nsn
FkYJKD4Fias2fedUvEBjf+ziImGcJNNOsr1MqGahAZzz038AHVr8jwe5sUjwrHI/
gcu7V/6DIujigebwM6EfG1wcObhRYfHrr505367HYHiOvzHNbmTz7VXIZSxKy0Mb
piaNh3Vk6lWFwjLBnUUaikpOGA9xP4c5BHH8pyj4kVeV3fy2QIg/tAiyHN5itg8Z
IB0V3ltCcxCaYt34KJDE87KyoTn1dg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:44 2023 by rpki-client on console.sobornost.net