Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/rE2ed01ID6cJKRyo1DWryIu_cZI.roa
File: rE2ed01ID6cJKRyo1DWryIu_cZI.roa (raw, json)
Hash identifier: VDNsiCXgaAeXJ5+4xduihSUqjFzHZ7qOHVmeDBRUo7U=
Subject key identifier: AC:4D:9E:77:4D:48:0F:A7:09:29:1C:A8:D4:35:AB:C8:8B:BF:71:92
Certificate issuer: /CN=1d828b781b079fb43ddb0ca75dc026e75d7f25e4
Certificate serial: 0755A503
Authority key identifier: 1D:82:8B:78:1B:07:9F:B4:3D:DB:0C:A7:5D:C0:26:E7:5D:7F:25:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYKLeBsHn7Q92wynXcAm511_JeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/rE2ed01ID6cJKRyo1DWryIu_cZI.roa
Signing time: Sat 01 Jan 2022 05:58:37 +0000
ROA not before: Sat 01 Jan 2022 05:58:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31370
IP address blocks: 193.27.41.0/24 maxlen: 24
89.249.240.0/20 maxlen: 20
109.72.224.0/20 maxlen: 20
193.39.160.0/22 maxlen: 22
185.215.60.0/22 maxlen: 22
2a0c:dc40::/29 maxlen: 29
2a01:94c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123053315 (0x755a503)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d828b781b079fb43ddb0ca75dc026e75d7f25e4
Validity
Not Before: Jan 1 05:58:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac4d9e774d480fa709291ca8d435abc88bbf7192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5d:48:01:fd:e6:dd:db:3d:43:42:af:90:f4:
db:47:a3:9d:d9:84:8b:1d:bc:e8:5c:c6:58:4b:58:
af:55:cc:e0:30:16:ad:86:b6:10:38:d7:3c:5b:d2:
8d:17:65:34:c9:71:a5:f1:28:53:9c:ed:2c:34:fe:
a9:26:90:2a:ec:c6:d1:47:83:a2:d8:bf:fa:12:97:
8b:72:32:37:02:b0:57:b2:a5:70:b4:5a:7a:b4:f2:
c3:36:b8:a9:c1:87:5a:37:d5:76:25:5e:18:4f:7f:
88:1c:3a:72:ee:d9:f5:15:7a:3c:56:ea:12:52:6e:
87:f2:10:9f:79:e2:7f:6c:d1:4b:52:94:21:52:86:
f6:59:5d:4f:34:49:b5:da:e2:b7:58:3d:29:65:48:
8d:4c:99:3c:bf:68:f1:ed:d2:1c:a8:29:07:17:2c:
86:96:2c:4c:71:22:5b:fa:8c:69:f0:32:b7:8d:eb:
20:dc:f1:ec:c6:93:34:f6:92:62:90:7b:64:94:c5:
08:eb:fc:7d:f8:5c:b8:5f:20:f4:ba:87:2a:2f:b1:
a4:7b:34:16:80:83:e4:e3:1f:58:ef:48:8d:65:f6:
41:0b:a3:ca:9f:c4:66:28:ad:90:bf:49:56:eb:ff:
31:ea:94:a8:2c:2c:78:a7:10:3d:0d:2e:47:f6:3a:
63:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4D:9E:77:4D:48:0F:A7:09:29:1C:A8:D4:35:AB:C8:8B:BF:71:92
X509v3 Authority Key Identifier:
keyid:1D:82:8B:78:1B:07:9F:B4:3D:DB:0C:A7:5D:C0:26:E7:5D:7F:25:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYKLeBsHn7Q92wynXcAm511_JeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/rE2ed01ID6cJKRyo1DWryIu_cZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/HYKLeBsHn7Q92wynXcAm511_JeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.240.0/20
109.72.224.0/20
185.215.60.0/22
193.27.41.0/24
193.39.160.0/22
IPv6:
2a01:94c0::/32
2a0c:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
a7:1e:13:00:f9:52:6e:e1:b7:99:75:5f:74:36:36:6e:56:5d:
f5:48:e3:1d:cd:13:26:0e:bd:da:ec:28:1b:9b:3b:67:de:47:
b7:cc:40:46:d3:28:27:7f:a2:21:e0:a6:c6:61:af:76:cf:14:
9e:d6:b9:5f:92:82:7b:da:77:21:4f:79:16:8d:d7:35:65:b0:
fa:60:6c:ad:f3:60:bb:d5:4a:49:af:db:8e:a5:ca:44:83:40:
1e:e0:86:7e:0c:62:84:26:05:37:dd:0d:69:a8:80:77:d4:25:
f3:ba:4e:40:c2:a9:ed:50:ab:96:1c:6d:49:9b:d6:d2:b5:e0:
47:a3:18:69:b9:05:71:b3:d4:0f:2a:d4:5a:83:97:c4:04:cd:
75:b5:f3:4a:93:79:c7:2f:0c:fb:f5:18:ad:7a:d4:26:c1:ca:
b2:e2:21:5f:f7:a9:91:86:7a:35:90:c7:90:f1:1a:59:dc:f5:
32:a3:e0:1b:4e:26:ef:a3:62:28:e6:5d:74:40:54:62:10:0b:
6b:71:73:cf:2d:90:cf:d5:89:95:77:6d:79:4a:f9:48:c3:14:
15:9a:9a:d9:b2:8f:5f:0d:01:89:05:a3:2e:bf:3d:df:35:27:
cc:f8:e0:f8:26:1b:53:26:9f:20:93:9f:b6:86:50:db:71:4a:
61:ca:ae:f8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEB1WlAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDgyOGI3ODFiMDc5ZmI0M2RkYjBjYTc1ZGMwMjZlNzVkN2YyNWU0MB4XDTIyMDEw
MTA1NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM0ZDllNzc0ZDQ4
MGZhNzA5MjkxY2E4ZDQzNWFiYzg4YmJmNzE5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRdSAH95t3bPUNCr5D020ejndmEix286FzGWEtYr1XM4DAW
rYa2EDjXPFvSjRdlNMlxpfEoU5ztLDT+qSaQKuzG0UeDoti/+hKXi3IyNwKwV7Kl
cLRaerTywza4qcGHWjfVdiVeGE9/iBw6cu7Z9RV6PFbqElJuh/IQn3nif2zRS1KU
IVKG9lldTzRJtdrit1g9KWVIjUyZPL9o8e3SHKgpBxcshpYsTHEiW/qMafAyt43r
INzx7MaTNPaSYpB7ZJTFCOv8ffhcuF8g9LqHKi+xpHs0FoCD5OMfWO9IjWX2QQuj
yp/EZiitkL9JVuv/MeqUqCwseKcQPQ0uR/Y6Y5UCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBSsTZ53TUgPpwkpHKjUNavIi79xkjAfBgNVHSMEGDAWgBQdgot4GweftD3b
DKddwCbnXX8l5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hZS0xlQnNIbjdROTJ3eW5YY0FtNTExX0plUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvN2U3MTlkLTc1YWUtNGZkMS1iMTQ1LWYwNmNlZDUyMTEyYS8x
L3JFMmVkMDFJRDZjSktSeW8xRFdyeUl1X2NaSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
N2U3MTlkLTc1YWUtNGZkMS1iMTQ1LWYwNmNlZDUyMTEyYS8xL0hZS0xlQnNIbjdR
OTJ3eW5YY0FtNTExX0plUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEBFn58AMEBG1I4AMEArnXPAMEAMEb
KQMEAsEnoDAUBAIAAjAOAwUAKgGUwAMFAyoM3EAwDQYJKoZIhvcNAQELBQADggEB
AKceEwD5Um7ht5l1X3Q2Nm5WXfVI4x3NEyYOvdrsKBubO2feR7fMQEbTKCd/oiHg
psZhr3bPFJ7WuV+SgnvadyFPeRaN1zVlsPpgbK3zYLvVSkmv246lykSDQB7ghn4M
YoQmBTfdDWmogHfUJfO6TkDCqe1Qq5YcbUmb1tK14EejGGm5BXGz1A8q1FqDl8QE
zXW180qTeccvDPv1GK161CbByrLiIV/3qZGGejWQx5DxGlnc9TKj4BtOJu+jYijm
XXRAVGIQC2txc88tkM/ViZV3bXlK+UjDFBWamtmyj18NAYkFoy6/Pd81J8z44Pgm
G1MmnyCTn7aGUNtxSmHKrvg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:23 2025 by rpki-client