Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/u1ZPSiFNr12brrgWVhVzgmv2UV0.roa
File: u1ZPSiFNr12brrgWVhVzgmv2UV0.roa (raw, json)
Hash identifier: mK40LkFxm2AjkwtTX07rK8OA7YGYfiW779zlxW84ANU=
Subject key identifier: BB:56:4F:4A:21:4D:AF:5D:9B:AE:B8:16:56:15:73:82:6B:F6:51:5D
Certificate issuer: /CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Certificate serial: 01856FDDDB0EC229F02D1F4C4F201B791FA1
Authority key identifier: 42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/u1ZPSiFNr12brrgWVhVzgmv2UV0.roa
Signing time: Mon 02 Jan 2023 00:24:48 +0000
ROA not before: Mon 02 Jan 2023 00:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 150.252.224.0/20 maxlen: 24
77.239.128.0/19 maxlen: 24
95.142.176.0/20 maxlen: 24
178.236.160.0/20 maxlen: 24
81.21.16.0/20 maxlen: 24
185.25.72.0/22 maxlen: 24
82.134.192.0/18 maxlen: 18
185.3.108.0/22 maxlen: 24
82.113.192.0/19 maxlen: 24
217.61.160.0/20 maxlen: 24
176.57.112.0/20 maxlen: 24
45.33.224.0/20 maxlen: 24
82.97.224.0/20 maxlen: 24
37.148.224.0/21 maxlen: 24
80.210.96.0/19 maxlen: 24
82.180.32.0/19 maxlen: 24
5.8.96.0/19 maxlen: 24
5.63.168.0/21 maxlen: 24
2a00:7ca0::/32 maxlen: 32
2a02:1630::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:db:0e:c2:29:f0:2d:1f:4c:4f:20:1b:79:1f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Validity
Not Before: Jan 2 00:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb564f4a214daf5d9baeb816561573826bf6515d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7a:b6:4e:27:bd:41:60:84:46:be:4d:6f:4a:
d4:d6:ac:b6:52:97:9b:f9:9b:7e:46:90:83:b3:49:
ab:2b:b5:57:56:04:b8:38:cb:86:39:95:1b:1d:5e:
63:04:05:67:a5:46:a3:13:54:f8:6f:fd:97:ab:a7:
22:b0:ed:4b:7d:a1:e4:2e:10:4d:79:21:c6:d7:0f:
09:68:61:24:1b:96:f1:c0:d2:01:ef:54:06:f5:37:
fe:45:04:c9:6f:84:26:13:fc:bf:e3:30:9a:dd:ca:
11:6a:0c:bd:91:fc:3a:dd:a3:39:43:da:ed:74:bd:
6b:a4:f7:b8:3c:83:39:f7:bc:f9:d0:9a:22:c4:73:
0d:47:a3:e9:45:a6:7c:4a:c9:a2:24:dc:65:d4:2e:
e3:06:9e:6c:34:98:be:26:ad:91:72:8d:73:e5:8d:
31:dd:c8:a9:76:5f:74:2b:a2:85:0e:57:1b:7c:06:
86:ad:e4:aa:44:05:9d:b7:79:c5:85:5c:a0:5c:dc:
fe:c8:9f:f7:e5:b5:f8:46:af:2f:b9:6f:b8:fc:bb:
1b:9d:97:be:47:19:ef:8f:7e:b0:7b:dd:c6:d6:ff:
b0:3b:c2:9e:9b:f0:8c:a1:33:7b:37:78:6a:60:df:
f8:e9:d0:63:c2:b6:a1:7d:92:e3:95:20:5d:9a:56:
b1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:56:4F:4A:21:4D:AF:5D:9B:AE:B8:16:56:15:73:82:6B:F6:51:5D
X509v3 Authority Key Identifier:
keyid:42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/u1ZPSiFNr12brrgWVhVzgmv2UV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.96.0/19
5.63.168.0/21
37.148.224.0/21
45.33.224.0/20
77.239.128.0/19
80.210.96.0/19
81.21.16.0/20
82.97.224.0/20
82.113.192.0/19
82.134.192.0/18
82.180.32.0/19
95.142.176.0/20
150.252.224.0/20
176.57.112.0/20
178.236.160.0/20
185.3.108.0/22
185.25.72.0/22
217.61.160.0/20
IPv6:
2a00:7ca0::/32
2a02:1630::/32
Signature Algorithm: sha256WithRSAEncryption
27:2d:23:7e:e6:22:18:c6:88:10:82:a5:d8:89:b2:22:8c:0f:
4b:40:1a:cb:e5:a3:55:2e:0a:d7:82:34:35:e4:c3:10:00:df:
01:63:f4:83:8d:8a:38:43:3c:51:d2:ac:c7:ca:5e:76:66:1d:
1d:88:fd:73:6b:8b:6b:42:40:c1:a0:40:f6:fe:8f:af:06:cb:
54:ff:2e:9e:95:66:31:19:e2:1f:fb:3f:c3:34:b2:90:7c:c5:
6c:10:e2:88:87:a9:47:cd:f1:ca:af:2e:f4:4a:37:87:39:0e:
00:09:6d:e0:7d:d3:24:aa:6f:c5:10:91:89:f5:c8:58:ff:db:
cf:bd:3b:ff:45:6a:73:ad:3b:44:c2:da:a3:4d:46:c7:44:b8:
9e:66:48:a5:d8:8a:dc:4b:46:a6:0c:22:df:ee:4d:00:4a:2b:
3e:45:30:87:df:3b:32:e8:35:59:6f:7b:15:e4:cc:c7:6c:00:
87:a9:bb:75:32:00:8b:c6:d2:ee:15:24:2d:46:95:d4:98:8e:
6c:f8:f8:b0:fa:d7:75:cb:d3:d9:9d:ab:4d:2a:e6:44:ef:ab:
7b:1b:5a:3c:ed:df:2d:74:59:c1:1c:01:5a:fa:6e:0d:fa:d0:
ac:ed:cb:ab:3d:be:a4:27:32:49:85:ca:c1:36:e4:98:0c:54:
61:23:4d:4a
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYVv3dsOwinwLR9MTyAbeR+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2RlMzY1ZDdkMmI1ODUwNmU0ZDRhYmYwYzJlZjdjZDVl
M2I0NjIwHhcNMjMwMTAyMDAyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjU2NGY0YTIxNGRhZjVkOWJhZWI4MTY1NjE1NzM4MjZiZjY1MTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXq2Tie9QWCERr5Nb0rU1qy2Upeb
+Zt+RpCDs0mrK7VXVgS4OMuGOZUbHV5jBAVnpUajE1T4b/2Xq6cisO1LfaHkLhBN
eSHG1w8JaGEkG5bxwNIB71QG9Tf+RQTJb4QmE/y/4zCa3coRagy9kfw63aM5Q9rt
dL1rpPe4PIM597z50JoixHMNR6PpRaZ8SsmiJNxl1C7jBp5sNJi+Jq2Rco1z5Y0x
3cipdl90K6KFDlcbfAaGreSqRAWdt3nFhVygXNz+yJ/35bX4Rq8vuW+4/LsbnZe+
Rxnvj36we93G1v+wO8Kem/CMoTN7N3hqYN/46dBjwrahfZLjlSBdmlaxTwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFLtWT0ohTa9dm664FlYVc4Jr9lFdMB8GA1UdIwQY
MBaAFELN42XX0rWFBuTUq/DC73zV47RiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEt
MDJlMWJkNjA1MGU1LzEvdTFaUFNpRk5yMTJicnJnV1ZoVnpnbXYyVVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEtMDJlMWJkNjA1MGU1
LzEvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQFBQhg
AwQDBT+oAwQDJZTgAwQELSHgAwQFTe+AAwQFUNJgAwQEURUQAwQEUmHgAwQFUnHA
AwQGUobAAwQFUrQgAwQEX46wAwQElvzgAwQEsDlwAwQEsuygAwQCuQNsAwQCuRlI
AwQE2T2gMBQEAgACMA4DBQAqAHygAwUAKgIWMDANBgkqhkiG9w0BAQsFAAOCAQEA
Jy0jfuYiGMaIEIKl2ImyIowPS0Aay+WjVS4K14I0NeTDEADfAWP0g42KOEM8UdKs
x8pedmYdHYj9c2uLa0JAwaBA9v6PrwbLVP8unpVmMRniH/s/wzSykHzFbBDiiIep
R83xyq8u9Eo3hzkOAAlt4H3TJKpvxRCRifXIWP/bz707/0Vqc607RMLao01Gx0S4
nmZIpdiK3EtGpgwi3+5NAEorPkUwh987Mug1WW97FeTMx2wAh6m7dTIAi8bS7hUk
LUaV1JiObPj4sPrXdcvT2Z2rTSrmRO+rextaPO3fLXRZwRwBWvpuDfrQrO3Lqz2+
pCcySYXKwTbkmAxUYSNNSg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:13:22 2025 by rpki-client