Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/Cn_ZLkBm5cOuZlXhvzL963UtNVY.roa
File: Cn_ZLkBm5cOuZlXhvzL963UtNVY.roa (raw, json)
Hash identifier: 5RIwUU2xy57KBOy6WkIajGhOM0wRWVTiV3kbJX3WSwo=
Subject key identifier: 0A:7F:D9:2E:40:66:E5:C3:AE:66:55:E1:BF:32:FD:EB:75:2D:35:56
Certificate issuer: /CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Certificate serial: 0185BF421E44C5F2D3D5EB1A921E8D221049
Authority key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/Cn_ZLkBm5cOuZlXhvzL963UtNVY.roa
Signing time: Tue 17 Jan 2023 10:24:19 +0000
ROA not before: Tue 17 Jan 2023 10:24:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210756
IP address blocks: 5.101.68.0/24 maxlen: 24
5.101.69.0/24 maxlen: 24
5.101.70.0/24 maxlen: 24
5.188.176.0/24 maxlen: 24
5.188.177.0/24 maxlen: 24
5.188.178.0/24 maxlen: 24
5.188.179.0/24 maxlen: 24
37.9.37.0/24 maxlen: 24
37.9.38.0/24 maxlen: 24
37.9.36.0/24 maxlen: 24
37.9.39.0/24 maxlen: 24
146.185.197.0/24 maxlen: 24
146.185.198.0/24 maxlen: 24
146.185.199.0/24 maxlen: 24
146.185.196.0/24 maxlen: 24
2a11:27c0:150::/44 maxlen: 44
2a11:27c0:130::/44 maxlen: 44
2a11:27c0:120::/44 maxlen: 44
2a11:27c0:110::/44 maxlen: 44
2a11:27c0:140::/44 maxlen: 44
2a11:27c0:160::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:42:1e:44:c5:f2:d3:d5:eb:1a:92:1e:8d:22:10:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Validity
Not Before: Jan 17 10:24:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a7fd92e4066e5c3ae6655e1bf32fdeb752d3556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e0:ad:b3:3d:72:94:48:8a:c7:b5:73:24:43:
6f:8e:0a:2d:ac:3e:be:62:55:fa:98:d4:22:7d:e4:
22:e5:c3:99:79:bc:bb:32:e0:3c:6e:85:0c:e4:83:
16:57:76:da:d4:22:d4:ad:68:e2:d1:3b:cd:94:0c:
77:59:7e:3d:56:79:85:77:bc:69:8b:91:4c:98:ff:
6c:64:5f:84:02:f4:57:b3:76:91:17:91:82:c2:41:
03:4e:f4:4f:ec:b4:25:41:28:28:f8:a8:ac:ac:9b:
2e:0e:a0:aa:b5:91:db:5e:ca:8c:4e:a3:32:21:49:
b0:a5:47:e8:8e:c2:7f:ea:4d:31:41:f8:89:ff:2b:
a3:aa:cc:b3:9a:b8:c8:90:89:fe:ee:56:5d:fb:ea:
3f:85:10:7a:de:fe:ce:ba:82:1b:65:4e:c0:5d:a5:
db:8d:22:6e:fa:77:d4:c6:b5:4c:da:7a:dd:2c:32:
86:fd:69:ed:d7:6f:4b:67:0e:29:49:79:e6:1b:c2:
44:17:71:12:50:14:d4:bb:e9:1b:0f:aa:29:26:c8:
09:ed:c9:4e:52:65:fe:b0:d1:ba:7e:b7:9d:0f:d0:
60:61:fe:72:5d:e2:41:02:42:4a:19:2e:b1:63:c0:
f4:3f:c4:80:a1:4b:8b:a9:b1:c8:4a:54:10:74:c6:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:7F:D9:2E:40:66:E5:C3:AE:66:55:E1:BF:32:FD:EB:75:2D:35:56
X509v3 Authority Key Identifier:
keyid:7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/Cn_ZLkBm5cOuZlXhvzL963UtNVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.68.0-5.101.70.255
5.188.176.0/22
37.9.36.0/22
146.185.196.0/22
IPv6:
2a11:27c0:110::-2a11:27c0:16f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:a3:60:7d:3c:f2:1c:7b:40:f5:47:02:3f:01:9d:b8:19:89:
0e:9d:d9:c2:a8:c9:18:fe:0f:72:2a:96:3f:4e:ab:da:44:ab:
6b:59:f7:72:ad:aa:a5:78:e4:36:48:3c:eb:b4:d1:3a:46:21:
a7:61:0d:52:53:d4:fb:d4:09:a0:1f:c2:e3:3e:2b:58:e6:77:
90:d2:cc:d1:7a:84:3b:f4:a9:79:bf:09:30:23:4c:3a:41:e7:
ab:bf:7a:67:b5:5c:bf:be:64:5b:21:8e:b5:43:7f:b1:9d:72:
96:81:b6:33:e4:e0:70:96:d2:3d:93:9b:6a:2c:f2:ef:17:8e:
5a:f4:42:e9:97:eb:53:14:68:66:dd:ac:9c:b1:f5:bd:95:c7:
c7:65:74:9f:65:1e:14:57:25:a9:21:54:02:9d:2b:05:df:92:
da:6e:c4:38:e7:73:21:15:f1:f3:6d:f6:53:96:8e:f0:35:5d:
dd:e1:ee:ed:ac:67:40:a2:1d:16:e9:a8:e6:f5:e3:3e:6f:3d:
81:6e:dc:14:20:ba:ce:d9:b8:8c:b7:15:64:61:fd:43:45:0a:
95:09:7c:81:bf:39:ec:a9:8a:ac:1c:e2:f6:3e:e7:e3:6c:eb:
e0:0c:af:40:2a:bb:4d:f5:1e:6d:55:5a:74:0f:72:6c:5e:28:
4d:47:d6:3d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYW/Qh5ExfLT1esakh6NIhBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2U1ODVhNTliNTIzYmI4NmQ2NjBhNzE2OGUxYzFlYmEw
OTRkYTAwHhcNMjMwMTE3MTAyNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTdmZDkyZTQwNjZlNWMzYWU2NjU1ZTFiZjMyZmRlYjc1MmQzNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOCtsz1ylEiKx7VzJENvjgotrD6+
YlX6mNQifeQi5cOZeby7MuA8boUM5IMWV3ba1CLUrWji0TvNlAx3WX49VnmFd7xp
i5FMmP9sZF+EAvRXs3aRF5GCwkEDTvRP7LQlQSgo+KisrJsuDqCqtZHbXsqMTqMy
IUmwpUfojsJ/6k0xQfiJ/yujqsyzmrjIkIn+7lZd++o/hRB63v7OuoIbZU7AXaXb
jSJu+nfUxrVM2nrdLDKG/Wnt129LZw4pSXnmG8JEF3ESUBTUu+kbD6opJsgJ7clO
UmX+sNG6fredD9BgYf5yXeJBAkJKGS6xY8D0P8SAoUuLqbHISlQQdMbZuQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAp/2S5AZuXDrmZV4b8y/et1LTVWMB8GA1UdIwQY
MBaAFHw+WFpZtSO7htZgpxaOHB66CU2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUt
NmRjMWY1NjAzMWViLzEvQ25fWkxrQm01Y091WmxYaHZ6TDk2M1V0TlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUtNmRjMWY1NjAzMWVi
LzEvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAmBAIAATAgMAwDBAIFZUQD
BAAFZUYDBAIFvLADBAIlCSQDBAKSucQwGgQCAAIwFDASAwcEKhEnwAEQAwcEKhEn
wAFgMA0GCSqGSIb3DQEBCwUAA4IBAQBco2B9PPIce0D1RwI/AZ24GYkOndnCqMkY
/g9yKpY/TqvaRKtrWfdyraqleOQ2SDzrtNE6RiGnYQ1SU9T71AmgH8LjPitY5neQ
0szReoQ79Kl5vwkwI0w6Qeerv3pntVy/vmRbIY61Q3+xnXKWgbYz5OBwltI9k5tq
LPLvF45a9ELpl+tTFGhm3aycsfW9lcfHZXSfZR4UVyWpIVQCnSsF35LabsQ453Mh
FfHzbfZTlo7wNV3d4e7trGdAoh0W6ajm9eM+bz2BbtwUILrO2biMtxVkYf1DRQqV
CXyBvznsqYqsHOL2PufjbOvgDK9AKrtN9R5tVVp0D3JsXihNR9Y9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:04 2025 by rpki-client