Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/7OPRP6HIt1MpTUjnRMO0H_onZnY.roa
File: 7OPRP6HIt1MpTUjnRMO0H_onZnY.roa (raw, json)
Hash identifier: KfHjcWH7xoiMgbw7/KYzc/E6K3R6ioYH+fsEF5sCkHY=
Subject key identifier: EC:E3:D1:3F:A1:C8:B7:53:29:4D:48:E7:44:C3:B4:1F:FA:27:66:76
Certificate issuer: /CN=916f80c35f202eb02766419bfb7d282125ffe158
Certificate serial: 0185AB5F0097E41299720DC41ED4456BA1C2
Authority key identifier: 91:6F:80:C3:5F:20:2E:B0:27:66:41:9B:FB:7D:28:21:25:FF:E1:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kW-Aw18gLrAnZkGb-30oISX_4Vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/7OPRP6HIt1MpTUjnRMO0H_onZnY.roa
Signing time: Fri 13 Jan 2023 13:43:27 +0000
ROA not before: Fri 13 Jan 2023 13:43:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58273
IP address blocks: 148.252.16.0/20 maxlen: 24
185.201.32.0/22 maxlen: 24
185.89.32.0/22 maxlen: 24
194.113.44.0/22 maxlen: 24
5.83.8.0/21 maxlen: 24
2a01:6240::/29 maxlen: 48
2a10:cb80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ab:5f:00:97:e4:12:99:72:0d:c4:1e:d4:45:6b:a1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=916f80c35f202eb02766419bfb7d282125ffe158
Validity
Not Before: Jan 13 13:43:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece3d13fa1c8b753294d48e744c3b41ffa276676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a4:f1:3c:c4:b5:80:c3:f3:a8:09:e1:e5:6d:
11:8a:a9:b4:b9:cf:eb:86:b2:c6:43:6f:e4:c7:64:
8d:1f:24:e7:b4:60:ff:04:96:e0:95:b6:66:90:0b:
5f:ee:5f:0f:b0:82:13:ba:dc:05:b8:f4:ed:6e:37:
84:11:b6:b5:91:37:2d:58:69:44:6a:62:ef:3d:0a:
1c:de:eb:de:69:b8:fe:21:6f:e7:03:46:2f:98:19:
0a:aa:69:92:07:6b:5c:e7:97:57:9b:8b:57:07:e7:
bd:a1:3e:0b:4a:dc:04:66:e0:f4:d1:ba:8c:18:62:
e2:f0:4b:80:16:9e:e9:5c:7d:e9:f5:38:03:35:86:
cf:10:3c:52:e4:91:fe:73:2b:e0:d0:5f:86:74:b6:
01:55:87:59:e9:aa:ee:7a:d1:5b:53:21:fe:9c:5b:
1b:61:eb:b3:c4:57:78:3c:01:fb:2d:7d:98:49:a4:
c8:b9:6d:42:65:19:ae:a7:b1:f5:7f:4a:17:bf:b6:
b2:84:63:cf:7e:be:6f:01:54:a7:70:5e:15:2c:8b:
36:8d:bb:33:e8:77:ca:6e:cf:b8:0a:9b:0f:f8:4c:
35:d9:93:47:19:7b:28:b9:b7:c7:55:8d:c0:39:00:
d7:e7:65:b5:d5:51:6f:07:f9:8e:a0:3f:ae:10:31:
ba:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E3:D1:3F:A1:C8:B7:53:29:4D:48:E7:44:C3:B4:1F:FA:27:66:76
X509v3 Authority Key Identifier:
keyid:91:6F:80:C3:5F:20:2E:B0:27:66:41:9B:FB:7D:28:21:25:FF:E1:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kW-Aw18gLrAnZkGb-30oISX_4Vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/7OPRP6HIt1MpTUjnRMO0H_onZnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8d9ac1-d35d-4e32-b83f-c10cc953bd1b/1/kW-Aw18gLrAnZkGb-30oISX_4Vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.8.0/21
148.252.16.0/20
185.89.32.0/22
185.201.32.0/22
194.113.44.0/22
IPv6:
2a01:6240::/29
2a10:cb80::/29
Signature Algorithm: sha256WithRSAEncryption
0f:be:76:25:63:58:2c:f7:6f:50:f5:33:44:be:7d:71:4b:f6:
21:43:67:77:35:71:99:e5:82:9a:e1:75:94:08:03:40:00:5f:
99:11:61:4c:9e:e3:cc:f5:a1:0c:fc:b0:f4:57:85:8d:cd:30:
4e:87:dc:3f:8b:de:f2:29:5d:67:0f:05:4a:24:49:1f:26:96:
a6:19:3d:7e:39:79:bf:c2:ed:42:b4:ef:ba:2d:03:56:ee:41:
c4:19:cf:16:f3:a5:e8:8a:c5:82:6f:3d:ec:12:e2:67:f7:8b:
45:48:45:da:fe:03:12:8b:dd:9b:11:ff:15:99:87:7e:07:77:
92:22:c1:f9:87:ad:4b:64:9e:9c:e6:24:15:06:f9:36:60:36:
e8:7f:fc:c9:8d:44:b7:d7:26:75:dc:71:18:e8:df:18:ca:7d:
da:75:68:1e:89:f8:98:69:09:51:8a:b9:ca:98:27:a9:83:37:
bd:cb:98:61:cd:94:c4:15:17:83:b4:be:d7:0e:c4:7f:67:6f:
0f:5c:15:a0:ec:ff:ce:75:ee:31:ad:72:72:7b:8e:d9:81:3b:
0a:3a:22:46:57:b4:45:6f:e7:c3:a2:8d:3c:24:e1:bd:1a:ff:
7f:6a:e6:d3:6d:6e:9b:71:bf:3d:b2:8a:11:9c:c7:c4:09:19:
b4:9b:bc:29
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYWrXwCX5BKZcg3EHtRFa6HCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNmY4MGMzNWYyMDJlYjAyNzY2NDE5YmZiN2QyODIxMjVm
ZmUxNTgwHhcNMjMwMTEzMTM0MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2UzZDEzZmExYzhiNzUzMjk0ZDQ4ZTc0NGMzYjQxZmZhMjc2Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKTxPMS1gMPzqAnh5W0Riqm0uc/r
hrLGQ2/kx2SNHyTntGD/BJbglbZmkAtf7l8PsIITutwFuPTtbjeEEba1kTctWGlE
amLvPQoc3uveabj+IW/nA0YvmBkKqmmSB2tc55dXm4tXB+e9oT4LStwEZuD00bqM
GGLi8EuAFp7pXH3p9TgDNYbPEDxS5JH+cyvg0F+GdLYBVYdZ6aruetFbUyH+nFsb
YeuzxFd4PAH7LX2YSaTIuW1CZRmup7H1f0oXv7ayhGPPfr5vAVSncF4VLIs2jbsz
6HfKbs+4CpsP+Ew12ZNHGXsoubfHVY3AOQDX52W11VFvB/mOoD+uEDG6gwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOzj0T+hyLdTKU1I50TDtB/6J2Z2MB8GA1UdIwQY
MBaAFJFvgMNfIC6wJ2ZBm/t9KCEl/+FYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1ctQXcxOGdMckFuWmtHYi0zMG9JU1hfNFZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84ZDlhYzEtZDM1ZC00ZTMyLWI4M2Yt
YzEwY2M5NTNiZDFiLzEvN09QUlA2SEl0MU1wVFVqblJNTzBIX29uWm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84ZDlhYzEtZDM1ZC00ZTMyLWI4M2YtYzEwY2M5NTNiZDFi
LzEva1ctQXcxOGdMckFuWmtHYi0zMG9JU1hfNFZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDBVMIAwQE
lPwQAwQCuVkgAwQCuckgAwQCwnEsMBQEAgACMA4DBQMqAWJAAwUDKhDLgDANBgkq
hkiG9w0BAQsFAAOCAQEAD752JWNYLPdvUPUzRL59cUv2IUNndzVxmeWCmuF1lAgD
QABfmRFhTJ7jzPWhDPyw9FeFjc0wTofcP4ve8ildZw8FSiRJHyaWphk9fjl5v8Lt
QrTvui0DVu5BxBnPFvOl6IrFgm897BLiZ/eLRUhF2v4DEovdmxH/FZmHfgd3kiLB
+YetS2SenOYkFQb5NmA26H/8yY1Et9cmddxxGOjfGMp92nVoHon4mGkJUYq5ypgn
qYM3vcuYYc2UxBUXg7S+1w7Ef2dvD1wVoOz/znXuMa1ycnuO2YE7CjoiRle0RW/n
w6KNPCThvRr/f2rm021um3G/PbKKEZzHxAkZtJu8KQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:43:55 2025 by rpki-client