Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/T-nW5INcuFfLYOjcQ4zwD4ztP0s.roa
File: T-nW5INcuFfLYOjcQ4zwD4ztP0s.roa (raw, json)
Hash identifier: FZst0UWbfQRzu6CZj4DMhjFyJD7R1YzM8t+4vNfJCyo=
Subject key identifier: 4F:E9:D6:E4:83:5C:B8:57:CB:60:E8:DC:43:8C:F0:0F:8C:ED:3F:4B
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0925D584
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/T-nW5INcuFfLYOjcQ4zwD4ztP0s.roa
Signing time: Sat 01 Jan 2022 12:58:42 +0000
ROA not before: Sat 01 Jan 2022 12:58:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9049
IP address blocks: 5.3.85.0/24 maxlen: 24
188.234.152.0/21 maxlen: 24
2a02:2698:a100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153474436 (0x925d584)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fe9d6e4835cb857cb60e8dc438cf00f8ced3f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:98:46:4b:00:73:61:b2:94:0d:af:c1:ba:4b:
ad:8c:10:12:f8:f1:e0:d3:c7:60:2c:5a:1f:68:8b:
09:d1:9d:6c:4a:a6:e5:91:d1:7a:41:79:b0:ff:b6:
74:35:07:30:e3:30:95:2e:21:6d:1e:b6:f0:c7:f5:
43:1a:ec:4e:5e:df:5c:54:d5:09:bd:37:56:55:5a:
8f:da:2a:5f:19:e7:42:e1:cc:8e:14:86:e0:0e:19:
0e:8b:ec:7f:22:e9:56:4f:9f:22:59:f0:83:6b:90:
73:6b:24:b7:b9:f0:4b:5b:c6:d8:ca:aa:4f:75:85:
15:28:e8:c6:0a:96:7e:f5:09:99:c9:11:23:86:d0:
ee:4d:95:d1:04:14:5e:7c:94:37:d4:0b:f2:ac:ae:
e5:da:a8:85:11:96:a7:c3:94:3b:ad:66:b0:ce:67:
4e:fa:84:d8:2b:63:f9:d4:b2:7a:97:98:bc:83:30:
63:50:7e:0f:40:9a:45:12:59:89:41:39:60:75:36:
23:21:66:4b:58:fa:41:5a:d4:39:e7:55:8f:fd:33:
e9:44:2f:85:71:11:f4:5d:b6:da:31:0b:22:cd:92:
a8:00:68:64:35:47:ba:1f:a4:6f:ae:cb:c3:e1:c4:
77:6a:f1:6a:a4:ff:c3:6f:67:c4:c2:7d:7f:9c:8c:
c8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E9:D6:E4:83:5C:B8:57:CB:60:E8:DC:43:8C:F0:0F:8C:ED:3F:4B
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/T-nW5INcuFfLYOjcQ4zwD4ztP0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.3.85.0/24
188.234.152.0/21
IPv6:
2a02:2698:a100::/40
Signature Algorithm: sha256WithRSAEncryption
56:d4:a1:1c:b8:9f:aa:a2:a7:83:4b:8d:d2:67:1d:ad:65:11:
93:e7:cf:88:eb:c2:06:c2:bc:35:57:8f:d7:07:b9:2c:16:67:
0e:04:d7:99:58:c4:a9:ef:71:9d:2c:9c:c1:fd:52:28:e1:bf:
1b:95:1a:be:e1:1a:2a:7b:60:08:ca:84:72:49:b8:0a:7c:57:
c5:06:07:7c:9f:fb:d5:11:e8:b7:2b:a7:49:42:87:3d:d6:39:
c7:96:fc:62:0c:24:ad:41:a2:2f:09:0e:6a:55:78:d7:f5:77:
41:36:77:de:e9:ce:78:d8:da:f7:0d:de:f4:71:a3:4e:a1:81:
fd:70:d6:ec:35:54:73:6d:b4:6b:59:be:b6:6e:e2:39:d9:3d:
88:05:66:83:bb:52:9f:16:db:02:1b:b5:f7:86:2f:cc:6e:fe:
02:26:bc:07:dc:d4:a6:ca:e1:e7:3d:ff:32:80:6d:cb:96:e4:
05:e9:36:ae:d5:60:58:20:d7:ce:f7:31:af:1e:aa:a7:bc:b5:
af:7c:a7:ae:ab:da:3f:69:9b:28:63:cd:db:b8:94:11:c5:39:
8d:3a:1b:ae:89:3f:a8:ad:84:13:3d:16:de:9d:a8:7b:d9:c9:
cc:a1:5a:44:5f:93:d8:95:7e:66:95:9c:64:eb:83:0b:6b:0b:
86:64:77:4a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECSXVhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZlOWQ2ZTQ4MzVj
Yjg1N2NiNjBlOGRjNDM4Y2YwMGY4Y2VkM2Y0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2YRksAc2GylA2vwbpLrYwQEvjx4NPHYCxaH2iLCdGdbEqm
5ZHRekF5sP+2dDUHMOMwlS4hbR628Mf1QxrsTl7fXFTVCb03VlVaj9oqXxnnQuHM
jhSG4A4ZDovsfyLpVk+fIlnwg2uQc2skt7nwS1vG2MqqT3WFFSjoxgqWfvUJmckR
I4bQ7k2V0QQUXnyUN9QL8qyu5dqohRGWp8OUO61msM5nTvqE2Ctj+dSyepeYvIMw
Y1B+D0CaRRJZiUE5YHU2IyFmS1j6QVrUOedVj/0z6UQvhXER9F222jELIs2SqABo
ZDVHuh+kb67Lw+HEd2rxaqT/w29nxMJ9f5yMyL0CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRP6dbkg1y4V8tg6NxDjPAPjO0/SzAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L1Qtblc1SU5jdUZmTFlPamNRNHp3RDR6dFAwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEAAUDVQMEA7zqmDAOBAIAAjAIAwYA
KgImmKEwDQYJKoZIhvcNAQELBQADggEBAFbUoRy4n6qip4NLjdJnHa1lEZPnz4jr
wgbCvDVXj9cHuSwWZw4E15lYxKnvcZ0snMH9UijhvxuVGr7hGip7YAjKhHJJuAp8
V8UGB3yf+9UR6Lcrp0lChz3WOceW/GIMJK1Boi8JDmpVeNf1d0E2d97pznjY2vcN
3vRxo06hgf1w1uw1VHNttGtZvrZu4jnZPYgFZoO7Up8W2wIbtfeGL8xu/gImvAfc
1KbK4ec9/zKAbcuW5AXpNq7VYFgg1873Ma8eqqe8ta98p66r2j9pmyhjzdu4lBHF
OY06G66JP6ithBM9Ft6dqHvZycyhWkRfk9iVfmaVnGTrgwtrC4Zkd0o=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:49 2025 by rpki-client