Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/5e1380-9dc6-4691-86b5-5b1b5d9940c1/1/lqFGWNdPs9P4T-Su9wIti_AoJZw.roa
File: lqFGWNdPs9P4T-Su9wIti_AoJZw.roa (raw, json)
Hash identifier: xUq8L+i6L2tKomAXPpWZbGY1ndQuO1dsjXR/AP3tg5g=
Subject key identifier: 96:A1:46:58:D7:4F:B3:D3:F8:4F:E4:AE:F7:02:2D:8B:F0:28:25:9C
Certificate issuer: /CN=4735e807d349d31564f9fd546138e3598e2007ce
Certificate serial: 9FFE8B
Authority key identifier: 47:35:E8:07:D3:49:D3:15:64:F9:FD:54:61:38:E3:59:8E:20:07:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzXoB9NJ0xVk-f1UYTjjWY4gB84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/5e1380-9dc6-4691-86b5-5b1b5d9940c1/1/lqFGWNdPs9P4T-Su9wIti_AoJZw.roa
Signing time: Sat 01 Jan 2022 02:51:09 +0000
ROA not before: Sat 01 Jan 2022 02:51:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8767
IP address blocks: 185.110.32.0/22 maxlen: 22
45.84.24.0/22 maxlen: 22
213.170.216.0/22 maxlen: 22
45.66.28.0/22 maxlen: 22
5.182.88.0/22 maxlen: 22
93.88.16.0/22 maxlen: 22
193.168.248.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10485387 (0x9ffe8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4735e807d349d31564f9fd546138e3598e2007ce
Validity
Not Before: Jan 1 02:51:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96a14658d74fb3d3f84fe4aef7022d8bf028259c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:47:de:51:6a:58:52:eb:7a:be:0f:05:51:
27:e4:86:00:4b:20:73:3a:48:92:77:2e:e6:bb:5c:
60:61:ba:a1:a7:b5:2d:04:c2:8f:4a:f4:cc:d0:8a:
c0:87:fb:a9:1b:52:1c:26:f6:e0:f0:b9:af:98:b5:
8d:f1:03:7a:b5:40:73:12:5b:26:03:5e:64:93:cf:
e8:71:c3:46:63:b0:c8:0e:b6:c7:72:68:4f:ba:3f:
9b:a8:ea:c7:4b:c9:97:b4:d3:a4:0d:f0:46:c2:02:
f9:d5:eb:eb:11:a8:8b:cd:da:84:c5:9d:5e:7f:fc:
9a:1b:ab:63:20:19:3f:ef:85:c0:8a:fd:92:da:07:
90:92:c0:48:1d:a2:d6:a6:95:78:a8:69:9e:70:12:
31:cb:af:78:57:44:bd:3f:52:d9:a5:eb:e1:a7:0e:
11:95:90:bc:2b:52:bd:fd:9d:43:be:ca:e6:e6:8c:
65:d0:32:94:9a:55:3c:ae:f9:a7:f6:92:13:eb:e9:
27:6f:3e:d7:41:4f:f4:61:b3:34:5a:7e:f6:a5:b5:
b6:c4:40:7d:65:e3:83:cc:26:88:92:55:cc:cc:23:
9e:9b:88:67:c3:d1:2a:3e:3d:13:10:da:9e:25:5a:
11:99:5b:66:bc:07:c8:98:75:9c:83:42:32:e7:a6:
c5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A1:46:58:D7:4F:B3:D3:F8:4F:E4:AE:F7:02:2D:8B:F0:28:25:9C
X509v3 Authority Key Identifier:
keyid:47:35:E8:07:D3:49:D3:15:64:F9:FD:54:61:38:E3:59:8E:20:07:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzXoB9NJ0xVk-f1UYTjjWY4gB84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5e1380-9dc6-4691-86b5-5b1b5d9940c1/1/lqFGWNdPs9P4T-Su9wIti_AoJZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5e1380-9dc6-4691-86b5-5b1b5d9940c1/1/RzXoB9NJ0xVk-f1UYTjjWY4gB84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.88.0/22
45.66.28.0/22
45.84.24.0/22
93.88.16.0/22
185.110.32.0/22
193.168.248.0/22
213.170.216.0/22
Signature Algorithm: sha256WithRSAEncryption
22:60:db:ee:fb:f8:e8:57:5e:b6:d2:21:08:72:0b:8f:54:c0:
b1:a8:99:c9:0d:62:63:20:52:5d:b8:09:e9:ec:70:ce:64:ee:
55:72:63:39:b3:1e:5b:6e:08:3a:be:1e:ef:7b:4f:15:3a:96:
c2:95:60:26:b4:cf:44:08:18:db:f4:30:f0:ad:7a:5e:8e:30:
64:12:c2:d5:cc:ea:f4:17:5e:43:f3:72:ba:d1:6a:9e:db:00:
a4:e6:39:1c:42:7d:26:fa:25:fb:59:e4:52:19:85:72:13:c5:
67:d7:d0:a8:48:68:55:65:36:d8:bd:e6:bb:89:38:30:4b:f4:
10:07:d6:5b:41:7e:c2:8f:9b:01:e5:f1:1b:2e:6f:78:b3:41:
a3:e2:6b:8d:5c:f2:65:a0:0f:10:15:0e:43:d1:04:03:d4:de:
5e:25:b9:50:af:6e:71:57:21:55:1f:1e:4c:12:7c:8c:05:47:
20:ad:31:fd:67:ab:cc:0f:84:b2:d4:fd:be:1a:ff:c5:1f:41:
37:b9:55:1c:45:74:ea:99:b4:66:62:eb:fe:cd:32:4b:7a:b7:
e5:47:b6:89:bf:be:04:90:a6:cc:4c:83:e4:f1:66:b5:58:d7:
46:05:b8:d2:2d:5a:f5:60:ab:fc:c7:2c:b8:ff:ff:9c:eb:30:
86:87:1b:3b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEAJ/+izANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NzM1ZTgwN2QzNDlkMzE1NjRmOWZkNTQ2MTM4ZTM1OThlMjAwN2NlMB4XDTIyMDEw
MTAyNTEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZhMTQ2NThkNzRm
YjNkM2Y4NGZlNGFlZjcwMjJkOGJmMDI4MjU5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBfR95RalhS63q+DwVRJ+SGAEsgczpIkncu5rtcYGG6oae1
LQTCj0r0zNCKwIf7qRtSHCb24PC5r5i1jfEDerVAcxJbJgNeZJPP6HHDRmOwyA62
x3JoT7o/m6jqx0vJl7TTpA3wRsIC+dXr6xGoi83ahMWdXn/8mhurYyAZP++FwIr9
ktoHkJLASB2i1qaVeKhpnnASMcuveFdEvT9S2aXr4acOEZWQvCtSvf2dQ77K5uaM
ZdAylJpVPK75p/aSE+vpJ28+10FP9GGzNFp+9qW1tsRAfWXjg8wmiJJVzMwjnpuI
Z8PRKj49ExDaniVaEZlbZrwHyJh1nINCMuemxe0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSWoUZY10+z0/hP5K73Ai2L8CglnDAfBgNVHSMEGDAWgBRHNegH00nTFWT5
/VRhOONZjiAHzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1J6WG9COU5KMHhWay1mMVVZVGpqV1k0Z0I4NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvNWUxMzgwLTlkYzYtNDY5MS04NmI1LTViMWI1ZDk5NDBjMS8x
L2xxRkdXTmRQczlQNFQtU3U5d0l0aV9Bb0pady5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
NWUxMzgwLTlkYzYtNDY5MS04NmI1LTViMWI1ZDk5NDBjMS8xL1J6WG9COU5KMHhW
ay1mMVVZVGpqV1k0Z0I4NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAgW2WAMEAi1CHAMEAi1UGAMEAl1Y
EAMEArluIAMEAsGo+AMEAtWq2DANBgkqhkiG9w0BAQsFAAOCAQEAImDb7vv46Fde
ttIhCHILj1TAsaiZyQ1iYyBSXbgJ6exwzmTuVXJjObMeW24IOr4e73tPFTqWwpVg
JrTPRAgY2/Qw8K16Xo4wZBLC1czq9BdeQ/NyutFqntsApOY5HEJ9Jvol+1nkUhmF
chPFZ9fQqEhoVWU22L3mu4k4MEv0EAfWW0F+wo+bAeXxGy5veLNBo+JrjVzyZaAP
EBUOQ9EEA9TeXiW5UK9ucVchVR8eTBJ8jAVHIK0x/WerzA+EstT9vhr/xR9BN7lV
HEV06pm0ZmLr/s0yS3q35Ue2ib++BJCmzEyD5PFmtVjXRgW40i1a9WCr/McsuP//
nOswhocbOw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:54:19 2025 by rpki-client