Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/5JmzVvZcJ-Ufq2521kYV6zJV_os.roa
File: 5JmzVvZcJ-Ufq2521kYV6zJV_os.roa (raw, json)
Hash identifier: Ry4GPmNSaN775qw2jl4TEmRjc9TaZHk7QyZ2v1w6mdI=
Subject key identifier: E4:99:B3:56:F6:5C:27:E5:1F:AB:6E:76:D6:46:15:EB:32:55:FE:8B
Certificate issuer: /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial: 0D285F77
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/5JmzVvZcJ-Ufq2521kYV6zJV_os.roa
Signing time: Tue 03 May 2022 08:51:08 +0000
ROA not before: Tue 03 May 2022 08:51:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49028
IP address blocks: 193.203.52.0/22 maxlen: 22
185.252.236.0/22 maxlen: 22
185.252.236.0/24 maxlen: 24
185.252.237.0/24 maxlen: 24
185.252.238.0/24 maxlen: 24
45.151.9.0/24 maxlen: 24
185.252.239.0/24 maxlen: 24
45.151.10.0/24 maxlen: 24
2.59.188.0/22 maxlen: 22
2a0c:2dc0::/29 maxlen: 29
2a09:f7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220749687 (0xd285f77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
Validity
Not Before: May 3 08:51:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e499b356f65c27e51fab6e76d64615eb3255fe8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cb:a7:4a:39:b6:65:37:74:f7:a3:e6:0b:c3:
b4:91:69:ef:0e:70:4e:04:ec:7f:d7:de:ff:02:f3:
9f:c0:5b:67:5e:82:a9:2b:bd:b7:4b:ed:2a:0e:c5:
43:0a:d5:31:78:de:f2:70:49:57:6d:e8:31:b8:90:
2f:a6:c1:8a:57:56:9b:3f:f8:69:39:38:ee:ec:4b:
07:6b:c8:ed:85:dc:5a:5d:e9:cc:98:70:64:e8:82:
d8:8c:5c:a1:7e:67:9b:1b:24:ac:7a:eb:4f:5f:fc:
c2:0d:82:61:b1:67:af:99:20:be:1a:69:f8:0a:0c:
1c:51:b8:26:4b:6d:50:bc:13:78:ea:32:12:f7:b5:
cb:db:0d:7d:b9:21:6d:9f:35:ec:d7:c2:b9:33:42:
22:0a:29:08:95:15:ef:aa:0e:f0:94:1a:d2:02:3b:
d8:c4:cc:33:ac:7c:59:db:a7:82:b2:7a:ba:1d:f1:
fc:96:f9:d2:89:23:b5:bb:51:b0:e8:28:ac:b3:e5:
86:c3:ac:cd:54:6f:9f:0b:4c:77:a3:a1:04:1c:99:
2e:28:93:e3:ed:62:a7:5b:5d:d4:21:2a:a1:34:e0:
97:6e:b7:14:da:6a:e8:15:31:15:0c:3f:d1:7b:a8:
12:61:21:4a:b5:4f:9e:b3:d3:73:57:f4:e5:86:be:
94:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:99:B3:56:F6:5C:27:E5:1F:AB:6E:76:D6:46:15:EB:32:55:FE:8B
X509v3 Authority Key Identifier:
keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/5JmzVvZcJ-Ufq2521kYV6zJV_os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.188.0/22
45.151.9.0-45.151.10.255
185.252.236.0/22
193.203.52.0/22
IPv6:
2a09:f7c0::/29
2a0c:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:45:e5:a1:d8:b4:3f:2e:b2:77:2d:d1:e2:d3:50:fa:9c:4b:
e8:c2:18:38:02:77:c8:a1:2b:c5:56:d5:fa:d2:94:1e:e4:c3:
9d:58:8f:1f:b7:1f:65:b8:15:8f:ef:89:cb:fd:6c:34:24:e1:
6a:e8:28:f3:75:f5:64:89:27:47:90:3b:1b:89:3a:ac:ad:93:
16:36:74:c5:ea:86:4e:fd:69:d7:4e:57:68:8a:c8:2f:22:d0:
03:80:72:2d:26:9d:18:f1:7a:72:1a:1f:b3:66:19:8e:34:26:
71:0d:fb:7f:10:93:d5:21:a7:91:fb:7f:7f:64:9a:b7:05:85:
1e:b4:a8:5b:a7:a8:66:62:10:62:3a:65:86:8e:05:0d:74:88:
ba:cb:3e:6c:63:f1:54:e9:c3:b7:9d:b9:7c:78:d4:41:12:ac:
52:91:b8:76:e0:66:13:21:7c:4a:81:27:3c:a5:02:9e:3a:e5:
53:58:1f:72:3b:c9:0b:e7:20:03:a6:4d:f7:ae:fe:c3:98:b1:
62:44:5b:cb:31:53:5b:cc:ae:0f:ed:25:98:fe:c3:7a:6a:0b:
a1:ef:f9:54:6d:9e:9b:4b:c2:3c:30:04:38:72:f3:81:76:14:
59:43:8b:33:b2:0b:4b:ff:c3:df:4f:c9:08:aa:30:c0:15:ac:
63:4b:a1:19
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEDShfdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NDVjZWIyOTIwODllMGRmNzU3MTlkYjNlOTZjNTA5NzU0Zjk0ODM3MB4XDTIyMDUw
MzA4NTEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ5OWIzNTZmNjVj
MjdlNTFmYWI2ZTc2ZDY0NjE1ZWIzMjU1ZmU4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3Lp0o5tmU3dPej5gvDtJFp7w5wTgTsf9fe/wLzn8BbZ16C
qSu9t0vtKg7FQwrVMXje8nBJV23oMbiQL6bBildWmz/4aTk47uxLB2vI7YXcWl3p
zJhwZOiC2IxcoX5nmxskrHrrT1/8wg2CYbFnr5kgvhpp+AoMHFG4JkttULwTeOoy
Eve1y9sNfbkhbZ817NfCuTNCIgopCJUV76oO8JQa0gI72MTMM6x8WdungrJ6uh3x
/Jb50okjtbtRsOgorLPlhsOszVRvnwtMd6OhBByZLiiT4+1ip1td1CEqoTTgl263
FNpq6BUxFQw/0XuoEmEhSrVPnrPTc1f05Ya+lKsCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTkmbNW9lwn5R+rbnbWRhXrMlX+izAfBgNVHSMEGDAWgBQUXOspIIng33Vx
nbPpbFCXVPlINzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZGenJLU0NKNE45MWNaMno2V3hRbDFUNVNEYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvYzcxZmRlLTNlZjItNGJmNy04NjQxLTEyNzE5YzI2MWNjMC8x
LzVKbXpWdlpjSi1VZnEyNTIxa1lWNnpKVl9vcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
YzcxZmRlLTNlZjItNGJmNy04NjQxLTEyNzE5YzI2MWNjMC8xL0ZGenJLU0NKNE45
MWNaMno2V3hRbDFUNVNEYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wJgQCAAEwIAMEAgI7vDAMAwQALZcJAwQALZcKAwQC
ufzsAwQCwcs0MBQEAgACMA4DBQMqCffAAwUDKgwtwDANBgkqhkiG9w0BAQsFAAOC
AQEAikXlodi0Py6ydy3R4tNQ+pxL6MIYOAJ3yKErxVbV+tKUHuTDnViPH7cfZbgV
j++Jy/1sNCThaugo83X1ZIknR5A7G4k6rK2TFjZ0xeqGTv1p105XaIrILyLQA4By
LSadGPF6chofs2YZjjQmcQ37fxCT1SGnkft/f2SatwWFHrSoW6eoZmIQYjplho4F
DXSIuss+bGPxVOnDt525fHjUQRKsUpG4duBmEyF8SoEnPKUCnjrlU1gfcjvJC+cg
A6ZN967+w5ixYkRbyzFTW8yuD+0lmP7DemoLoe/5VG2em0vCPDAEOHLzgXYUWUOL
M7ILS//D30/JCKowwBWsY0uhGQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:07 2025 by rpki-client