Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/U73rBbR4mxE29PPDyJ7OVUEqZNs.roa
File: U73rBbR4mxE29PPDyJ7OVUEqZNs.roa (raw, json)
Hash identifier: bIcZQScwxlp7ARg+Nb0aJwjJN1hUNhfuIJ0KVo4yKaU=
Subject key identifier: 53:BD:EB:05:B4:78:9B:11:36:F4:F3:C3:C8:9E:CE:55:41:2A:64:DB
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 42064A26
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/U73rBbR4mxE29PPDyJ7OVUEqZNs.roa
Signing time: Sat 01 Jan 2022 16:11:22 +0000
ROA not before: Sat 01 Jan 2022 16:11:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57739
IP address blocks: 195.5.120.0/23 maxlen: 23
91.203.212.0/22 maxlen: 22
195.82.152.0/23 maxlen: 23
81.88.28.0/22 maxlen: 22
178.250.169.0/24 maxlen: 24
93.90.183.0/24 maxlen: 24
188.64.46.0/23 maxlen: 23
5.44.102.0/23 maxlen: 23
2a02:a60::/32 maxlen: 64
2a00:fa40:2000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1107708454 (0x42064a26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 16:11:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53bdeb05b4789b1136f4f3c3c89ece55412a64db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:88:f5:f2:b6:19:50:56:66:d6:de:5f:1c:b1:
27:b1:66:b0:ec:0d:76:9f:8a:08:12:86:48:65:bd:
09:96:42:76:45:b6:c0:de:9d:59:88:06:70:48:72:
ea:e8:16:86:ea:59:9a:a6:ad:17:03:b1:f5:c1:0b:
b7:33:77:44:86:fc:00:73:e6:59:44:63:3f:ba:81:
c6:cc:5e:b3:a8:aa:79:c1:ca:71:4a:3d:a4:99:07:
1f:53:8c:36:76:1a:81:b0:e2:1a:eb:37:19:c4:fa:
d0:47:1c:25:63:70:7c:e6:19:ee:1b:c5:c3:ce:96:
aa:2d:5e:4a:28:55:0a:02:77:9e:2e:fe:9b:b3:0c:
5f:7b:5c:85:3b:f9:b5:60:fe:be:3e:c2:86:0d:36:
36:46:ca:6e:62:5a:a7:37:0e:74:05:f4:56:b1:43:
ad:e8:c0:25:30:b7:e1:de:f0:65:0a:87:fe:e7:81:
d0:9d:f2:d2:0c:5e:20:90:4f:cd:e4:17:82:e1:6f:
36:60:ed:c0:3e:f8:25:cd:fc:97:9b:03:7e:dd:ea:
cb:61:84:52:ad:22:c5:5b:0e:6b:16:3c:2d:9d:a5:
c3:9e:fe:08:26:4a:18:82:d6:b6:f1:62:d8:e2:93:
1d:4b:bd:62:6b:c2:08:8c:bc:ce:d0:ad:d6:38:48:
76:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BD:EB:05:B4:78:9B:11:36:F4:F3:C3:C8:9E:CE:55:41:2A:64:DB
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/U73rBbR4mxE29PPDyJ7OVUEqZNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.102.0/23
81.88.28.0/22
91.203.212.0/22
93.90.183.0/24
178.250.169.0/24
188.64.46.0/23
195.5.120.0/23
195.82.152.0/23
IPv6:
2a00:fa40:2000::/36
2a02:a60::/32
Signature Algorithm: sha256WithRSAEncryption
27:fb:e8:1b:34:2f:43:b4:06:b5:1e:f1:5d:e0:c9:3d:aa:1d:
62:ad:43:08:d9:4e:07:b8:08:d0:a6:d1:22:9b:2b:b0:cf:34:
8c:01:87:1c:ae:ec:0b:1b:ab:35:1a:22:e1:c8:42:22:97:33:
f1:3e:4e:0a:67:6d:38:a1:bb:0c:6a:98:40:78:29:2e:c8:ed:
6a:bb:16:00:7d:28:6f:9f:9d:e4:0f:88:3e:09:63:ce:60:f9:
89:a5:1d:10:86:81:6e:9e:89:0a:8a:4f:85:40:c5:e8:ea:5a:
54:cc:b4:8c:4f:d9:de:5f:0f:ca:cd:d8:fc:5e:b3:ea:72:4d:
75:94:66:24:fa:ad:fb:4c:cb:80:75:cc:bb:c8:e0:b3:d9:70:
30:51:6c:af:5d:1e:49:7b:cd:08:90:b3:2f:30:fa:43:d3:a7:
58:b7:ad:42:ec:47:61:0e:23:b2:48:7d:8f:19:60:e6:df:dd:
47:53:bf:e3:df:2e:93:20:c2:1b:cb:a0:25:ce:30:9a:3d:cf:
ae:2f:f9:32:f9:c0:40:33:7a:b3:a0:81:30:99:c2:9e:c1:d3:
e1:9e:1c:31:0b:fd:ec:25:ba:ae:ba:59:37:c4:b2:a7:1d:70:
be:51:8c:66:6a:2c:98:7d:66:b2:33:97:c7:7e:69:d3:ff:de:
83:40:fb:04
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIEQgZKJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDI3MDhkZjkzOTU0YWFjNjAxYWVmMTgzNWJkNWQ2OTI0NWZiMDJmMB4XDTIyMDEw
MTE2MTEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNiZGViMDViNDc4
OWIxMTM2ZjRmM2MzYzg5ZWNlNTU0MTJhNjRkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaI9fK2GVBWZtbeXxyxJ7FmsOwNdp+KCBKGSGW9CZZCdkW2
wN6dWYgGcEhy6ugWhupZmqatFwOx9cELtzN3RIb8AHPmWURjP7qBxsxes6iqecHK
cUo9pJkHH1OMNnYagbDiGus3GcT60EccJWNwfOYZ7hvFw86Wqi1eSihVCgJ3ni7+
m7MMX3tchTv5tWD+vj7Chg02NkbKbmJapzcOdAX0VrFDrejAJTC34d7wZQqH/ueB
0J3y0gxeIJBPzeQXguFvNmDtwD74Jc38l5sDft3qy2GEUq0ixVsOaxY8LZ2lw57+
CCZKGILWtvFi2OKTHUu9YmvCCIy8ztCt1jhIdt8CAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBRTvesFtHibETb088PIns5VQSpk2zAfBgNVHSMEGDAWgBTEJwjfk5VKrGAa
7xg1vV1pJF+wLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hDY0kzNU9WU3F4Z0d1OFlOYjFkYVNSZnNDOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8x
L1U3M3JCYlI0bXhFMjlQUER5SjdPVlVFcVpOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
ZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8xL3hDY0kzNU9WU3F4
Z0d1OFlOYjFkYVNSZnNDOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wNgQCAAEwMAMEAQUsZgMEAlFYHAMEAlvL1AMEAF1a
twMEALL6qQMEAbxALgMEAcMFeAMEAcNSmDAVBAIAAjAPAwYEKgD6QCADBQAqAgpg
MA0GCSqGSIb3DQEBCwUAA4IBAQAn++gbNC9DtAa1HvFd4Mk9qh1irUMI2U4HuAjQ
ptEimyuwzzSMAYccruwLG6s1GiLhyEIilzPxPk4KZ204obsMaphAeCkuyO1quxYA
fShvn53kD4g+CWPOYPmJpR0QhoFunokKik+FQMXo6lpUzLSMT9neXw/Kzdj8XrPq
ck11lGYk+q37TMuAdcy7yOCz2XAwUWyvXR5Je80IkLMvMPpD06dYt61C7EdhDiOy
SH2PGWDm391HU7/j3y6TIMIby6AlzjCaPc+uL/ky+cBAM3qzoIEwmcKewdPhnhwx
C/3sJbquulk3xLKnHXC+UYxmaiyYfWayM5fHfmnT/96DQPsE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org