Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/tRBpoU04mUfMAXpdvacGfwpWrzk.roa
File: tRBpoU04mUfMAXpdvacGfwpWrzk.roa (raw, json)
Hash identifier: OYZbUGUKUHck0QISIvCaAgqfXcv7+gQVr33Gsax2K1Q=
Subject key identifier: B5:10:69:A1:4D:38:99:47:CC:01:7A:5D:BD:A7:06:7F:0A:56:AF:39
Certificate issuer: /CN=9eefcb1205eb7955471e5c8f5434a92072ad3ddd
Certificate serial: 013539
Authority key identifier: 9E:EF:CB:12:05:EB:79:55:47:1E:5C:8F:54:34:A9:20:72:AD:3D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nu_LEgXreVVHHlyPVDSpIHKtPd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/tRBpoU04mUfMAXpdvacGfwpWrzk.roa
Signing time: Mon 03 Jan 2022 11:54:24 +0000
ROA not before: Mon 03 Jan 2022 11:54:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59790
IP address blocks: 193.124.14.0/24 maxlen: 24
185.227.52.0/22 maxlen: 22
194.135.118.0/24 maxlen: 24
185.182.164.0/22 maxlen: 22
5.154.243.0/24 maxlen: 24
194.135.47.0/24 maxlen: 24
193.93.140.0/23 maxlen: 23
185.109.144.0/22 maxlen: 22
193.124.84.0/24 maxlen: 24
185.65.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79161 (0x13539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eefcb1205eb7955471e5c8f5434a92072ad3ddd
Validity
Not Before: Jan 3 11:54:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b51069a14d389947cc017a5dbda7067f0a56af39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f5:be:39:23:1d:9b:ff:91:0a:f8:6c:cf:73:
10:c0:2d:26:db:a5:95:3b:dc:e1:37:71:d5:7c:60:
0e:2a:7d:24:a0:4b:ae:3d:28:2e:3a:a9:b4:4d:6d:
09:98:51:cf:23:7b:2c:32:d4:04:4a:d7:76:23:1f:
e3:f7:2b:bc:4d:8b:da:52:53:ab:e6:b3:8b:7d:65:
93:63:c6:a2:b1:8d:bd:82:16:26:99:c5:0e:a2:58:
0c:be:ed:cd:04:c5:c2:50:bf:69:99:cb:39:ef:b6:
2a:f9:f1:c3:fd:fa:66:92:b1:c0:cd:92:99:6e:56:
81:a6:b8:c5:b2:ed:a2:d2:a7:d9:b5:7d:d4:59:77:
6d:64:20:2f:a8:b6:6f:74:26:49:b5:c1:94:1f:58:
ac:b3:e0:83:64:89:84:8b:ff:2a:1e:8c:df:10:57:
42:69:2f:0d:4c:f5:3b:3f:a4:27:be:ff:4f:e6:90:
17:d3:98:d5:a4:54:74:2d:af:31:69:34:67:d0:64:
a0:d3:76:53:61:13:08:78:13:20:50:4c:b9:c9:67:
14:0f:93:8b:16:80:27:1c:fa:47:85:62:9e:e4:fe:
18:ab:00:ef:35:1d:22:06:5e:b6:e2:0d:60:9f:45:
3c:1d:b3:8e:82:eb:dd:cc:e6:f8:33:e0:b9:fb:c6:
3e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:10:69:A1:4D:38:99:47:CC:01:7A:5D:BD:A7:06:7F:0A:56:AF:39
X509v3 Authority Key Identifier:
keyid:9E:EF:CB:12:05:EB:79:55:47:1E:5C:8F:54:34:A9:20:72:AD:3D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nu_LEgXreVVHHlyPVDSpIHKtPd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/tRBpoU04mUfMAXpdvacGfwpWrzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/nu_LEgXreVVHHlyPVDSpIHKtPd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.243.0/24
185.65.208.0/22
185.109.144.0/22
185.182.164.0/22
185.227.52.0/22
193.93.140.0/23
193.124.14.0/24
193.124.84.0/24
194.135.47.0/24
194.135.118.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:0b:30:a3:7b:54:4a:5d:84:e3:0b:7c:6a:aa:69:62:65:9f:
d0:fb:c6:4a:0f:98:8b:12:f5:b4:a4:68:6f:1d:fd:c8:00:5d:
84:6d:dc:65:fe:1f:4c:5b:2c:3a:0d:c6:44:8e:46:fa:6a:0b:
34:93:55:ff:71:ec:f4:ac:43:09:93:8f:78:94:51:33:09:d0:
c5:0d:ce:5c:15:5d:12:d2:6d:9c:45:38:e9:b9:8c:a5:93:5a:
fc:74:89:45:af:a0:e4:c1:3d:cf:5f:eb:05:96:3d:39:09:e1:
2a:aa:4b:06:8b:3c:12:33:76:ec:2b:bf:d8:52:13:b2:a8:28:
73:3d:8b:3c:b6:45:20:76:97:0f:77:99:f5:1d:b5:5a:0c:cb:
73:05:17:6b:c6:9f:0c:af:a6:cd:7e:1c:e6:fb:e3:a8:2b:67:
47:b2:df:50:1f:73:74:bf:4b:03:39:16:3b:de:e5:33:60:7e:
5b:25:31:12:94:01:ff:e6:8c:30:be:9d:a8:38:d4:4d:36:dc:
72:fe:39:4e:04:49:ad:1f:0a:c3:08:0f:26:ff:66:85:7f:f2:
ed:94:4c:b1:82:19:28:5c:0c:bb:37:b2:49:24:7a:03:7b:42:
93:10:19:8e:0c:4d:02:e8:d9:71:c9:f0:a7:e9:14:e0:81:4a:
73:d5:c8:cf
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIDATU5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
ZWZjYjEyMDVlYjc5NTU0NzFlNWM4ZjU0MzRhOTIwNzJhZDNkZGQwHhcNMjIwMTAz
MTE1NDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNTEwNjlhMTRkMzg5
OTQ3Y2MwMTdhNWRiZGE3MDY3ZjBhNTZhZjM5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjvW+OSMdm/+RCvhsz3MQwC0m26WVO9zhN3HVfGAOKn0koEuu
PSguOqm0TW0JmFHPI3ssMtQEStd2Ix/j9yu8TYvaUlOr5rOLfWWTY8aisY29ghYm
mcUOolgMvu3NBMXCUL9pmcs577Yq+fHD/fpmkrHAzZKZblaBprjFsu2i0qfZtX3U
WXdtZCAvqLZvdCZJtcGUH1iss+CDZImEi/8qHozfEFdCaS8NTPU7P6Qnvv9P5pAX
05jVpFR0La8xaTRn0GSg03ZTYRMIeBMgUEy5yWcUD5OLFoAnHPpHhWKe5P4YqwDv
NR0iBl624g1gn0U8HbOOguvdzOb4M+C5+8Y+uQIDAQABo4ICPzCCAjswHQYDVR0O
BBYEFLUQaaFNOJlHzAF6Xb2nBn8KVq85MB8GA1UdIwQYMBaAFJ7vyxIF63lVRx5c
j1Q0qSByrT3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bnVfTEVnWHJlVlZISGx5UFZEU3BJSEt0UGQwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wOS85MjE2MDktNThhNS00MzA2LWI4MmItNGI3ZGNkODc3N2RlLzEv
dFJCcG9VMDRtVWZNQVhwZHZhY0dmd3BXcnprLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85
MjE2MDktNThhNS00MzA2LWI4MmItNGI3ZGNkODc3N2RlLzEvbnVfTEVnWHJlVlZI
SGx5UFZEU3BJSEt0UGQwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFUG
CCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABZrzAwQCuUHQAwQCuW2QAwQCubak
AwQCueM0AwQBwV2MAwQAwXwOAwQAwXxUAwQAwocvAwQAwod2MA0GCSqGSIb3DQEB
CwUAA4IBAQCxCzCje1RKXYTjC3xqqmliZZ/Q+8ZKD5iLEvW0pGhvHf3IAF2Ebdxl
/h9MWyw6DcZEjkb6ags0k1X/cez0rEMJk494lFEzCdDFDc5cFV0S0m2cRTjpuYyl
k1r8dIlFr6DkwT3PX+sFlj05CeEqqksGizwSM3bsK7/YUhOyqChzPYs8tkUgdpcP
d5n1HbVaDMtzBRdrxp8Mr6bNfhzm++OoK2dHst9QH3N0v0sDORY73uUzYH5bJTES
lAH/5owwvp2oONRNNtxy/jlOBEmtHwrDCA8m/2aFf/LtlEyxghkoXAy7N7JJJHoD
e0KTEBmODE0C6NlxyfCn6RTggUpz1cjP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:21 2025 by rpki-client