Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/G3V5TcV4TlOQzU6cYP-cFFxCr-0.roa
File: G3V5TcV4TlOQzU6cYP-cFFxCr-0.roa (raw, json)
Hash identifier: jyi3ceOuYquEjWVTpLxpSYuTyS2fcOpKnGU1qwHbrXM=
Subject key identifier: 1B:75:79:4D:C5:78:4E:53:90:CD:4E:9C:60:FF:9C:14:5C:42:AF:ED
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 0185700280B5B5904BD9C6D302B5027E39F5
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/G3V5TcV4TlOQzU6cYP-cFFxCr-0.roa
Signing time: Mon 02 Jan 2023 01:04:50 +0000
ROA not before: Mon 02 Jan 2023 01:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49645
IP address blocks: 91.213.76.0/24 maxlen: 24
194.36.142.0/24 maxlen: 24
185.234.130.0/24 maxlen: 24
185.234.129.0/24 maxlen: 24
185.234.128.0/24 maxlen: 24
185.234.128.0/22 maxlen: 22
185.234.131.0/24 maxlen: 24
5.183.168.0/24 maxlen: 24
5.183.171.0/24 maxlen: 24
2a0d:c9c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:80:b5:b5:90:4b:d9:c6:d3:02:b5:02:7e:39:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Jan 2 01:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b75794dc5784e5390cd4e9c60ff9c145c42afed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3a:5e:50:e6:a0:1d:f3:a2:0e:7d:e1:78:98:
6d:87:ad:3d:d0:98:44:8a:b1:14:97:12:12:84:50:
5e:8d:30:16:04:91:2a:6f:5e:da:cf:07:24:45:aa:
c8:6f:19:8e:be:5c:a2:9c:56:8e:4b:f1:41:66:0f:
29:14:3b:01:3e:a9:ac:b4:a8:47:ee:08:aa:14:6f:
76:9c:52:27:0b:02:d1:fa:cc:66:3b:cf:b0:76:75:
32:37:27:a5:7f:21:ca:b8:ec:2a:5a:e5:07:72:a6:
d3:bd:1d:63:a4:ac:4a:5f:1a:be:d3:05:23:70:b4:
21:61:07:52:19:52:e5:cd:63:d0:63:1f:0b:13:14:
df:14:80:18:6d:bf:82:bc:6d:27:a2:0b:53:10:b3:
02:80:b6:cc:4b:d7:67:5c:01:33:79:0c:ab:c7:17:
c9:da:cc:a7:35:fd:43:3a:ee:b8:de:df:d7:aa:1a:
65:86:d9:eb:0d:4e:79:1f:a6:7a:03:91:2a:86:91:
4d:32:13:28:fd:82:ab:fd:75:11:96:30:bb:c8:8c:
0b:0a:95:e0:36:24:5c:de:5c:43:03:e6:b6:e8:49:
5b:6e:33:91:ad:58:b0:40:a1:9a:78:03:12:8b:be:
ee:e2:5e:5f:a2:8f:01:6a:69:b3:e8:31:5b:e4:ed:
7e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:75:79:4D:C5:78:4E:53:90:CD:4E:9C:60:FF:9C:14:5C:42:AF:ED
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/G3V5TcV4TlOQzU6cYP-cFFxCr-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.168.0/24
5.183.171.0/24
91.213.76.0/24
185.234.128.0/22
194.36.142.0/24
IPv6:
2a0d:c9c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
08:be:8b:fb:1f:ac:5d:4b:f1:b5:6f:31:be:28:71:bc:b6:ba:
31:5a:dd:10:5c:33:36:2f:ea:94:44:57:42:69:dd:4e:48:57:
5c:62:3d:46:ad:f7:dc:56:32:05:8d:47:b1:1e:4d:0d:6c:82:
e8:30:f9:fa:1e:a2:57:20:47:4b:c1:e2:18:1d:5b:b6:43:5e:
50:45:4b:0f:26:47:04:5a:e9:58:d5:f2:09:4b:de:65:4d:84:
b1:f9:5b:ca:3a:e3:d6:53:a0:a8:d2:52:e3:c6:c9:d9:53:85:
ad:88:81:f4:0d:24:a0:44:da:7b:8e:e8:4b:46:0f:ca:f1:0e:
f0:54:84:b4:d2:3c:6f:30:e3:d1:86:7a:74:b6:7e:ad:70:c3:
be:9d:68:5a:d6:84:18:80:ed:39:35:17:16:5d:02:5b:7e:be:
9b:fa:ba:ba:99:4e:e3:7f:70:41:93:ab:f5:b5:ba:4f:82:c8:
b8:5c:14:9a:ac:46:98:3e:35:65:28:ce:b0:3c:43:46:39:9b:
41:88:69:03:be:59:c2:55:ad:89:2a:2f:fb:35:23:51:66:99:
3e:ab:ae:8c:0a:a8:e2:c4:05:86:d5:e2:b9:42:82:9a:56:a7:
fc:b8:fa:1c:4c:40:cf:76:cd:12:2c:1b:44:81:65:d2:25:29:
b8:62:64:32
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVwAoC1tZBL2cbTArUCfjn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjMwMTAyMDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjc1Nzk0ZGM1Nzg0ZTUzOTBjZDRlOWM2MGZmOWMxNDVjNDJhZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzpeUOagHfOiDn3heJhth6090JhE
irEUlxIShFBejTAWBJEqb17azwckRarIbxmOvlyinFaOS/FBZg8pFDsBPqmstKhH
7giqFG92nFInCwLR+sxmO8+wdnUyNyelfyHKuOwqWuUHcqbTvR1jpKxKXxq+0wUj
cLQhYQdSGVLlzWPQYx8LExTfFIAYbb+CvG0nogtTELMCgLbMS9dnXAEzeQyrxxfJ
2synNf1DOu643t/XqhplhtnrDU55H6Z6A5EqhpFNMhMo/YKr/XURljC7yIwLCpXg
NiRc3lxDA+a26ElbbjORrViwQKGaeAMSi77u4l5foo8Bammz6DFb5O1+UwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBt1eU3FeE5TkM1OnGD/nBRcQq/tMB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvRzNWNVRjVjRUbE9RelU2Y1lQLWNGRnhDci0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQABbeoAwQA
BberAwQAW9VMAwQCueqAAwQAwiSOMA8EAgACMAkDBwAqDcnAAAEwDQYJKoZIhvcN
AQELBQADggEBAAi+i/sfrF1L8bVvMb4ocby2ujFa3RBcMzYv6pREV0Jp3U5IV1xi
PUat99xWMgWNR7EeTQ1sgugw+foeolcgR0vB4hgdW7ZDXlBFSw8mRwRa6VjV8glL
3mVNhLH5W8o649ZToKjSUuPGydlTha2IgfQNJKBE2nuO6EtGD8rxDvBUhLTSPG8w
49GGenS2fq1ww76daFrWhBiA7Tk1FxZdAlt+vpv6urqZTuN/cEGTq/W1uk+CyLhc
FJqsRpg+NWUozrA8Q0Y5m0GIaQO+WcJVrYkqL/s1I1FmmT6rrowKqOLEBYbV4rlC
gppWp/y4+hxMQM92zRIsG0SBZdIlKbhiZDI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:11:40 2025 by rpki-client