Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/4C5E5jZm5P2Zbkht45g_hbE-s4k.roa
File: 4C5E5jZm5P2Zbkht45g_hbE-s4k.roa (raw, json)
Hash identifier: dbmGNNy083wKXHs7Dz0X+3ta0FOBuXgL8+m0DfHOurU=
Subject key identifier: E0:2E:44:E6:36:66:E4:FD:99:6E:48:6D:E3:98:3F:85:B1:3E:B3:89
Certificate issuer: /CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Certificate serial: 01879E4A9813B70F753D3B8CBA943FF26451
Authority key identifier: EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/4C5E5jZm5P2Zbkht45g_hbE-s4k.roa
Signing time: Thu 20 Apr 2023 10:51:41 +0000
ROA not before: Thu 20 Apr 2023 10:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43529
IP address blocks: 94.248.192.0/19 maxlen: 19
79.121.64.0/21 maxlen: 21
94.248.128.0/19 maxlen: 19
79.121.88.0/21 maxlen: 21
46.251.16.0/20 maxlen: 20
94.248.240.0/21 maxlen: 21
2a03:bf00:200::/40 maxlen: 40
2a03:bf01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:4a:98:13:b7:0f:75:3d:3b:8c:ba:94:3f:f2:64:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Validity
Not Before: Apr 20 10:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e02e44e63666e4fd996e486de3983f85b13eb389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:94:b7:84:b4:a7:4f:eb:35:84:a4:0e:13:01:
d4:09:77:04:40:81:2a:aa:62:1b:9e:bd:99:97:b4:
17:17:e1:38:80:59:a0:91:44:b4:af:e3:2d:06:8e:
4c:db:24:85:38:b0:de:91:cb:73:5d:3b:82:cc:ce:
4f:00:eb:2c:9d:3a:b0:e7:9d:50:8b:85:97:c9:b6:
66:02:81:c9:e3:d5:63:e8:4b:46:30:47:d1:0c:fa:
67:b4:a9:1b:3a:f0:bc:e8:1c:c7:9a:b1:6d:e5:5f:
07:1b:1b:be:3d:15:df:ee:39:cd:7c:c0:c8:6f:d4:
a2:38:c7:ad:00:d0:45:14:ec:58:d6:df:9f:33:a7:
85:7d:a8:ab:1c:08:1a:09:a4:8f:d6:34:f9:69:40:
c2:3f:25:1f:0b:a2:02:df:f4:02:2c:18:b6:bc:4d:
d4:c9:b9:23:6d:be:e1:52:ff:5d:49:a2:1e:f5:2b:
b7:eb:45:c6:ab:e8:6e:d5:46:c2:c8:4a:5d:a8:03:
41:e7:30:3f:96:ee:bd:2b:8b:54:7a:98:0c:32:ba:
8e:d0:04:03:de:e7:0b:63:79:1e:96:2f:cc:05:df:
d2:00:51:b6:01:44:cf:6c:e4:65:8c:de:52:2a:bc:
e8:a8:f1:ad:cb:88:50:c8:8e:e5:8a:80:34:90:59:
c2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2E:44:E6:36:66:E4:FD:99:6E:48:6D:E3:98:3F:85:B1:3E:B3:89
X509v3 Authority Key Identifier:
keyid:EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/4C5E5jZm5P2Zbkht45g_hbE-s4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.16.0/20
79.121.64.0/21
79.121.88.0/21
94.248.128.0/19
94.248.192.0/19
94.248.240.0/21
IPv6:
2a03:bf00:200::/40
2a03:bf01::/32
Signature Algorithm: sha256WithRSAEncryption
90:e5:64:4a:aa:aa:87:60:ab:22:82:ab:9f:40:57:33:dd:a3:
6e:00:bc:51:28:b3:99:0a:6e:d4:fa:41:81:03:c4:dc:0a:5e:
c8:17:60:07:04:e1:0e:8a:34:15:a1:cb:83:2d:24:a0:b0:78:
72:a5:e4:99:46:f6:6d:bc:72:6e:3a:dc:bc:72:2d:a3:c1:5c:
ed:ce:42:06:89:76:fd:19:9e:7c:fb:6d:17:1d:65:61:82:0d:
d8:ab:c8:f0:31:1e:03:ea:bc:86:d8:1f:9b:48:a5:4c:e2:ff:
ce:d6:f1:fb:cc:f1:09:48:58:c1:21:a3:64:11:03:76:b3:6f:
4d:41:4b:50:c1:2a:81:74:6f:fb:f3:c4:f7:5a:fe:38:a8:c8:
ad:a3:b7:e0:cc:8d:4a:2b:ef:91:ff:72:50:ad:48:c7:27:80:
7a:dd:c7:1e:3c:55:35:e1:6d:10:7b:e3:eb:98:fb:47:07:52:
82:e0:7f:ec:39:41:ed:40:ea:d2:59:67:54:dd:64:73:f9:25:
ce:df:a2:1e:a0:ea:a6:2b:13:58:38:97:58:cb:9e:91:a9:b3:
dc:89:4d:8e:2c:59:40:af:1a:ac:0c:09:c0:b5:02:b9:0c:2f:
f2:c4:d8:49:4b:99:c0:bc:43:f8:e3:95:05:b6:03:f8:24:db:
a4:5b:39:0a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYeeSpgTtw91PTuMupQ/8mRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMGVmZDVkZTc4ZjkzYmNhZWFkMTVlMTRjMDA2ZWRiYmQx
YjU5NTUwHhcNMjMwNDIwMTA1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJlNDRlNjM2NjZlNGZkOTk2ZTQ4NmRlMzk4M2Y4NWIxM2ViMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppS3hLSnT+s1hKQOEwHUCXcEQIEq
qmIbnr2Zl7QXF+E4gFmgkUS0r+MtBo5M2ySFOLDekctzXTuCzM5PAOssnTqw551Q
i4WXybZmAoHJ49Vj6EtGMEfRDPpntKkbOvC86BzHmrFt5V8HGxu+PRXf7jnNfMDI
b9SiOMetANBFFOxY1t+fM6eFfairHAgaCaSP1jT5aUDCPyUfC6IC3/QCLBi2vE3U
ybkjbb7hUv9dSaIe9Su360XGq+hu1UbCyEpdqANB5zA/lu69K4tUepgMMrqO0AQD
3ucLY3keli/MBd/SAFG2AUTPbORljN5SKrzoqPGty4hQyI7lioA0kFnCaQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFOAuROY2ZuT9mW5IbeOYP4WxPrOJMB8GA1UdIwQY
MBaAFO8O/V3nj5O8rq0V4UwAbtu9G1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDkt
ZWE4NjUwOWMzYjMwLzEvNEM1RTVqWm01UDJaYmtodDQ1Z19oYkUtczRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDktZWE4NjUwOWMzYjMw
LzEvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAqBAIAATAkAwQELvsQAwQD
T3lAAwQDT3lYAwQFXviAAwQFXvjAAwQDXvjwMBUEAgACMA8DBgAqA78AAgMFACoD
vwEwDQYJKoZIhvcNAQELBQADggEBAJDlZEqqqodgqyKCq59AVzPdo24AvFEos5kK
btT6QYEDxNwKXsgXYAcE4Q6KNBWhy4MtJKCweHKl5JlG9m28cm463LxyLaPBXO3O
QgaJdv0Znnz7bRcdZWGCDdiryPAxHgPqvIbYH5tIpUzi/87W8fvM8QlIWMEho2QR
A3azb01BS1DBKoF0b/vzxPda/jioyK2jt+DMjUor75H/clCtSMcngHrdxx48VTXh
bRB74+uY+0cHUoLgf+w5Qe1A6tJZZ1TdZHP5Jc7foh6g6qYrE1g4l1jLnpGps9yJ
TY4sWUCvGqwMCcC1ArkML/LE2ElLmcC8Q/jjlQW2A/gk26RbOQo=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:04:55 2025 by rpki-client