Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/5e1380-9dc6-4691-86b5-5b1b5d9940c1/1/pynGPqPVHV2wug9eEkb597U7aeM.roa
File: pynGPqPVHV2wug9eEkb597U7aeM.roa (raw, json)
Hash identifier: 5xXwrlQauPWz8XLPaWSTaRkzz+ua7cjDcUPsmH9tY0s=
Subject key identifier: A7:29:C6:3E:A3:D5:1D:5D:B0:BA:0F:5E:12:46:F9:F7:B5:3B:69:E3
Certificate issuer: /CN=4735e807d349d31564f9fd546138e3598e2007ce
Certificate serial: 01856D81A3CD1EB26C707A51FDE969809BEF
Authority key identifier: 47:35:E8:07:D3:49:D3:15:64:F9:FD:54:61:38:E3:59:8E:20:07:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzXoB9NJ0xVk-f1UYTjjWY4gB84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/5e1380-9dc6-4691-86b5-5b1b5d9940c1/1/pynGPqPVHV2wug9eEkb597U7aeM.roa
Signing time: Sun 01 Jan 2023 13:24:50 +0000
ROA not before: Sun 01 Jan 2023 13:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8767
IP address blocks: 185.110.32.0/22 maxlen: 24
45.84.24.0/22 maxlen: 24
213.170.216.0/22 maxlen: 24
185.68.156.0/22 maxlen: 24
185.47.44.0/22 maxlen: 24
45.66.28.0/22 maxlen: 24
5.182.88.0/22 maxlen: 24
93.88.16.0/22 maxlen: 24
193.168.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:a3:cd:1e:b2:6c:70:7a:51:fd:e9:69:80:9b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4735e807d349d31564f9fd546138e3598e2007ce
Validity
Not Before: Jan 1 13:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a729c63ea3d51d5db0ba0f5e1246f9f7b53b69e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1b:02:10:39:31:a6:5f:ce:12:99:d5:9e:ca:
d1:80:af:9c:0f:de:d5:24:ea:fa:f8:94:67:8c:a3:
7d:01:0d:56:ee:01:9d:89:fd:62:0a:fc:c6:e1:5b:
4a:8c:e9:18:1d:38:e4:36:86:7b:22:a5:61:0b:f8:
ed:95:30:89:56:70:2d:6f:b9:67:43:98:ef:0b:83:
76:5f:1a:01:fc:66:59:09:2b:f5:69:3d:50:e9:9c:
9a:27:2c:e0:fd:ad:2b:d2:12:50:da:1b:85:c2:3e:
b0:5a:30:a2:04:38:ea:5c:30:fe:2e:f9:87:7c:cd:
e3:cc:73:ea:c5:61:b5:44:91:9f:b2:f4:f6:ff:01:
b0:66:79:03:4e:1f:3a:84:8f:ce:d0:1c:58:01:86:
78:e3:91:3e:27:af:94:2c:cf:41:d3:0b:41:a4:4c:
ed:1d:a0:bb:4e:ce:0c:39:e1:c1:5f:87:e1:fc:a2:
61:c7:0c:6d:f4:f2:ed:a0:ee:42:af:92:0d:3c:6f:
e3:fa:9b:18:58:1c:18:a9:79:a6:7c:74:b7:f4:40:
f3:42:c3:ec:e1:52:64:24:b4:dd:b6:eb:99:67:f3:
1e:2f:0e:ff:9e:dc:51:a0:00:1b:93:a9:4c:75:e7:
35:10:93:7e:df:85:68:e9:0c:6d:a2:c9:fb:f4:8b:
e3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:29:C6:3E:A3:D5:1D:5D:B0:BA:0F:5E:12:46:F9:F7:B5:3B:69:E3
X509v3 Authority Key Identifier:
keyid:47:35:E8:07:D3:49:D3:15:64:F9:FD:54:61:38:E3:59:8E:20:07:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzXoB9NJ0xVk-f1UYTjjWY4gB84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5e1380-9dc6-4691-86b5-5b1b5d9940c1/1/pynGPqPVHV2wug9eEkb597U7aeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5e1380-9dc6-4691-86b5-5b1b5d9940c1/1/RzXoB9NJ0xVk-f1UYTjjWY4gB84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.88.0/22
45.66.28.0/22
45.84.24.0/22
93.88.16.0/22
185.47.44.0/22
185.68.156.0/22
185.110.32.0/22
193.168.248.0/22
213.170.216.0/22
Signature Algorithm: sha256WithRSAEncryption
62:d0:ec:ed:08:3b:68:c8:77:43:1c:7b:d2:21:b7:ab:f7:44:
c2:4c:ce:71:c5:41:65:19:f0:95:37:c0:40:ca:8b:9e:03:a8:
5f:bf:72:66:06:ac:ec:8f:4c:45:6f:38:3d:b2:90:5c:d1:78:
b1:03:3d:66:b9:e0:10:11:09:e9:ec:de:68:f2:24:06:e7:ed:
8b:31:2d:99:e4:7a:87:2d:4d:09:88:4e:2a:0f:4c:d3:ec:59:
1d:ac:02:7b:78:dd:66:dd:fe:4f:6c:a3:48:b3:66:a3:c1:12:
08:b0:b1:04:30:09:8b:4c:01:6b:85:d1:58:b3:d0:5c:21:1a:
7c:52:ea:6b:61:51:20:6c:55:9f:16:ee:f7:ff:74:45:d1:3a:
1a:36:5d:bd:9e:53:a6:e1:92:4f:21:d3:a4:4d:8b:ec:fb:95:
22:d7:c4:c5:dd:bb:4a:ed:3e:1c:14:32:f3:b8:27:b2:69:33:
5c:7d:ec:bf:94:87:7b:f1:73:e0:3a:20:d2:62:11:3d:09:0d:
d4:d1:0c:5c:aa:c3:7d:dd:04:e6:b1:c5:5b:12:06:0e:34:9f:
0f:c0:b2:03:5b:d7:81:4a:0a:26:3e:ba:ea:3a:74:0f:ca:aa:
ec:3c:a4:07:7c:1c:10:18:d0:73:bb:54:71:73:97:8e:3a:a3:
e4:16:69:a3
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVtgaPNHrJscHpR/elpgJvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzVlODA3ZDM0OWQzMTU2NGY5ZmQ1NDYxMzhlMzU5OGUy
MDA3Y2UwHhcNMjMwMTAxMTMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI5YzYzZWEzZDUxZDVkYjBiYTBmNWUxMjQ2ZjlmN2I1M2I2OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghsCEDkxpl/OEpnVnsrRgK+cD97V
JOr6+JRnjKN9AQ1W7gGdif1iCvzG4VtKjOkYHTjkNoZ7IqVhC/jtlTCJVnAtb7ln
Q5jvC4N2XxoB/GZZCSv1aT1Q6ZyaJyzg/a0r0hJQ2huFwj6wWjCiBDjqXDD+LvmH
fM3jzHPqxWG1RJGfsvT2/wGwZnkDTh86hI/O0BxYAYZ445E+J6+ULM9B0wtBpEzt
HaC7Ts4MOeHBX4fh/KJhxwxt9PLtoO5Cr5INPG/j+psYWBwYqXmmfHS39EDzQsPs
4VJkJLTdtuuZZ/MeLw7/ntxRoAAbk6lMdec1EJN+34Vo6Qxtosn79IvjzwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKcpxj6j1R1dsLoPXhJG+fe1O2njMB8GA1UdIwQY
MBaAFEc16AfTSdMVZPn9VGE441mOIAfOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpYb0I5TkoweFZrLWYxVVlUampXWTRnQjg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS81ZTEzODAtOWRjNi00NjkxLTg2YjUt
NWIxYjVkOTk0MGMxLzEvcHluR1BxUFZIVjJ3dWc5ZUVrYjU5N1U3YWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS81ZTEzODAtOWRjNi00NjkxLTg2YjUtNWIxYjVkOTk0MGMx
LzEvUnpYb0I5TkoweFZrLWYxVVlUampXWTRnQjg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCBbZYAwQC
LUIcAwQCLVQYAwQCXVgQAwQCuS8sAwQCuUScAwQCuW4gAwQCwaj4AwQC1arYMA0G
CSqGSIb3DQEBCwUAA4IBAQBi0OztCDtoyHdDHHvSIber90TCTM5xxUFlGfCVN8BA
youeA6hfv3JmBqzsj0xFbzg9spBc0XixAz1mueAQEQnp7N5o8iQG5+2LMS2Z5HqH
LU0JiE4qD0zT7FkdrAJ7eN1m3f5PbKNIs2ajwRIIsLEEMAmLTAFrhdFYs9BcIRp8
UuprYVEgbFWfFu73/3RF0ToaNl29nlOm4ZJPIdOkTYvs+5Ui18TF3btK7T4cFDLz
uCeyaTNcfey/lId78XPgOiDSYhE9CQ3U0QxcqsN93QTmscVbEgYONJ8PwLIDW9eB
SgomPrrqOnQPyqrsPKQHfBwQGNBzu1Rxc5eOOqPkFmmj
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:30:02 2025 by rpki-client