Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9Z1rWb3ylr27mcHOhLIWIkrGu7Y.roa
File: 9Z1rWb3ylr27mcHOhLIWIkrGu7Y.roa (raw, json)
Hash identifier: uyQ+7slGOzo+vt4qBGvf+HK16w89E15uye7BvGlfrms=
Subject key identifier: F5:9D:6B:59:BD:F2:96:BD:BB:99:C1:CE:84:B2:16:22:4A:C6:BB:B6
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01886CBCC2AA8A9D49BFDF60202C9A411016
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9Z1rWb3ylr27mcHOhLIWIkrGu7Y.roa
Signing time: Tue 30 May 2023 12:58:09 +0000
ROA not before: Tue 30 May 2023 12:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 78.135.104.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.35.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6c:bc:c2:aa:8a:9d:49:bf:df:60:20:2c:9a:41:10:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: May 30 12:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f59d6b59bdf296bdbb99c1ce84b216224ac6bbb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f2:1c:64:2d:94:f8:ba:f0:80:7a:7b:c5:d3:
0a:33:0d:1e:80:9a:1f:05:ab:75:ea:aa:f0:b9:83:
09:24:f5:50:63:7f:bd:4f:b8:4a:56:32:24:6d:71:
b7:8e:33:5c:60:da:60:d5:de:3c:44:16:1e:71:e3:
c8:72:1b:7b:e7:7e:f5:26:47:76:11:c3:cd:d6:80:
ce:77:26:0a:85:6b:7f:ce:6d:61:6f:5a:4b:c7:0f:
f7:62:12:de:6d:6c:05:9b:87:0b:7a:61:9d:82:c7:
42:68:9f:26:d5:a8:38:32:f4:a8:df:9e:58:22:90:
b8:49:13:33:e1:46:7c:69:44:e1:e5:69:a0:f6:67:
72:11:79:56:dd:df:41:7d:25:a2:98:b7:aa:2b:bf:
df:f4:dc:48:4b:a3:f7:22:9e:4e:0f:1d:6a:df:ac:
53:fe:7c:90:71:9e:28:9b:59:ab:c2:d9:46:8e:3b:
90:25:f6:7d:e3:c3:c3:50:73:92:ce:47:28:a3:f8:
ad:59:74:d6:36:01:cf:08:a0:fa:12:7a:2c:83:e5:
41:db:94:29:de:0a:6b:ad:1b:b2:6e:6c:79:1b:36:
14:bc:49:a5:cd:af:2b:b1:a9:6e:a1:2c:69:45:af:
3e:b6:70:72:0b:9a:37:a7:22:4a:14:86:ca:0b:de:
c7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9D:6B:59:BD:F2:96:BD:BB:99:C1:CE:84:B2:16:22:4A:C6:BB:B6
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9Z1rWb3ylr27mcHOhLIWIkrGu7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.104.0/24
188.132.189.0/24
188.132.191.0/24
188.132.193.0/24
188.132.236.0/24
188.132.249.0/24
212.68.35.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
5d:74:85:a6:82:d5:cc:7a:80:97:79:39:28:bf:c1:dd:8b:0e:
28:7e:22:66:3a:40:f8:24:77:f0:ab:5b:90:09:5f:39:a0:bf:
3c:53:83:a6:93:cb:e9:ea:34:11:3f:f1:af:74:ae:a8:29:d7:
dc:ba:47:79:20:4c:05:78:4c:7d:68:c8:55:f3:9d:7c:b0:99:
25:ee:54:78:09:fa:c9:39:9f:f4:a0:2f:1f:e9:37:b4:eb:a1:
a1:00:cc:9d:5f:9a:5b:eb:d4:1f:10:09:34:b6:b0:5f:07:75:
9a:bf:98:25:c8:35:ca:67:f1:c3:4f:a7:f6:5b:e2:fa:96:62:
e8:09:fa:65:91:94:e4:e4:fc:cf:12:3f:83:d9:5e:77:3f:58:
43:7e:42:41:20:9a:4f:7b:cf:da:08:d2:f9:dd:85:27:14:ad:
7e:0b:40:e8:77:8c:37:8f:05:67:a4:62:81:5c:32:25:d4:9a:
7b:b9:7c:b9:d7:ca:50:f5:32:9d:b5:97:6f:13:d8:7d:04:ac:
47:31:7b:14:d2:05:d6:c3:38:0c:69:83:ff:19:eb:c5:f2:30:
e2:8a:e4:98:ed:10:ab:4b:6b:08:6c:69:a9:7c:79:95:9d:5f:
1a:fe:f7:06:34:f7:9a:00:c4:8e:65:dc:93:4b:22:ff:99:c3:
b6:6f:84:13
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYhsvMKqip1Jv99gICyaQRAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwNTMwMTI1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTlkNmI1OWJkZjI5NmJkYmI5OWMxY2U4NGIyMTYyMjRhYzZiYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/IcZC2U+LrwgHp7xdMKMw0egJof
Bat16qrwuYMJJPVQY3+9T7hKVjIkbXG3jjNcYNpg1d48RBYecePIcht75371Jkd2
EcPN1oDOdyYKhWt/zm1hb1pLxw/3YhLebWwFm4cLemGdgsdCaJ8m1ag4MvSo355Y
IpC4SRMz4UZ8aUTh5Wmg9mdyEXlW3d9BfSWimLeqK7/f9NxIS6P3Ip5ODx1q36xT
/nyQcZ4om1mrwtlGjjuQJfZ948PDUHOSzkcoo/itWXTWNgHPCKD6Enosg+VB25Qp
3gprrRuybmx5GzYUvEmlza8rsaluoSxpRa8+tnByC5o3pyJKFIbKC97H4wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPWda1m98pa9u5nBzoSyFiJKxru2MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvOVoxcldiM3lscjI3bWNIT2hMSVdJa3JHdTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQATodJAwQA
TodoAwQAvIS9AwQAvIS/AwQAvITBAwQAvITsAwQAvIT5AwQA1EQjMAwDBADURDsD
BADURDwwDQYJKoZIhvcNAQELBQADggEBAF10haaC1cx6gJd5OSi/wd2LDih+ImY6
QPgkd/CrW5AJXzmgvzxTg6aTy+nqNBE/8a90rqgp19y6R3kgTAV4TH1oyFXznXyw
mSXuVHgJ+sk5n/SgLx/pN7TroaEAzJ1fmlvr1B8QCTS2sF8HdZq/mCXINcpn8cNP
p/Zb4vqWYugJ+mWRlOTk/M8SP4PZXnc/WEN+QkEgmk97z9oI0vndhScUrX4LQOh3
jDePBWekYoFcMiXUmnu5fLnXylD1Mp21l28T2H0ErEcxexTSBdbDOAxpg/8Z68Xy
MOKK5JjtEKtLawhsaal8eZWdXxr+9wY095oAxI5l3JNLIv+Zw7ZvhBM=
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:08:41 2025 by rpki-client