Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/152pB4eV9l68oy4IXBAAW1O0CMQ.roa
File: 152pB4eV9l68oy4IXBAAW1O0CMQ.roa (raw, json)
Hash identifier: pQiAEjmbtXKDAyc5iAhnRvOoE/Lyt7RTBNxo5hQRSZA=
Subject key identifier: D7:9D:A9:07:87:95:F6:5E:BC:A3:2E:08:5C:10:00:5B:53:B4:08:C4
Certificate issuer: /CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Certificate serial: 1F47537B
Authority key identifier: AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/152pB4eV9l68oy4IXBAAW1O0CMQ.roa
Signing time: Tue 26 Apr 2022 05:44:43 +0000
ROA not before: Tue 26 Apr 2022 05:44:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44507
IP address blocks: 185.16.56.0/22 maxlen: 22
146.247.32.0/21 maxlen: 21
46.42.32.0/21 maxlen: 21
46.42.40.0/21 maxlen: 21
46.228.96.0/20 maxlen: 20
5.175.88.0/21 maxlen: 21
178.57.32.0/21 maxlen: 21
46.42.0.0/18 maxlen: 18
178.57.40.0/21 maxlen: 21
178.57.48.0/21 maxlen: 21
46.42.24.0/21 maxlen: 21
134.90.152.0/21 maxlen: 21
194.58.160.0/21 maxlen: 21
194.58.176.0/21 maxlen: 21
188.120.48.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 524768123 (0x1f47537b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Validity
Not Before: Apr 26 05:44:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d79da9078795f65ebca32e085c10005b53b408c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c5:38:35:0e:a5:c2:33:74:e5:50:34:87:c9:
45:a0:aa:f1:0e:09:8e:d5:bf:11:27:c1:eb:00:52:
83:7b:73:55:51:f9:d7:59:8c:9e:66:c3:eb:75:da:
ad:2e:72:96:5d:83:5c:1e:06:1d:e0:ff:bd:35:4f:
47:95:2f:bc:39:36:41:96:8e:9d:ba:1c:b4:a4:c0:
be:4f:2e:10:ac:fc:4c:65:52:0f:f4:41:d9:b8:fa:
20:1b:7c:6d:fd:b2:02:71:e9:ec:0f:bb:d2:be:62:
00:31:97:36:55:3e:ea:ed:de:41:c8:2d:24:45:01:
d2:e9:24:83:e2:64:2f:04:ac:47:16:65:ee:85:90:
8b:c6:e7:70:87:8d:05:40:84:2b:f8:f5:2d:2c:3c:
20:9c:97:53:33:c7:6d:2a:10:a6:56:64:9b:9e:aa:
98:aa:35:6d:d2:e8:80:61:22:7e:50:7c:d8:50:de:
d5:97:10:d6:8b:40:3c:35:dc:d7:c1:a8:93:e9:ca:
20:d3:d0:e0:c2:8e:1f:b9:e0:52:7e:f6:53:51:56:
fb:c9:10:e0:9b:9d:96:95:f6:0b:55:e7:99:ca:af:
ff:4f:5b:c1:76:2e:96:c2:79:d4:d1:ef:e2:5f:c3:
68:c9:66:0e:b5:7d:96:2a:b8:b1:88:3c:ea:76:04:
61:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9D:A9:07:87:95:F6:5E:BC:A3:2E:08:5C:10:00:5B:53:B4:08:C4
X509v3 Authority Key Identifier:
keyid:AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/152pB4eV9l68oy4IXBAAW1O0CMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/qipYxpehRJl2sNEdbxJgJeFAicY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.88.0/21
46.42.0.0/18
46.228.96.0/20
134.90.152.0/21
146.247.32.0/21
178.57.32.0-178.57.55.255
185.16.56.0/22
188.120.48.0/20
194.58.160.0/21
194.58.176.0/21
Signature Algorithm: sha256WithRSAEncryption
99:d0:8d:03:98:de:0d:c6:57:fa:dd:9d:be:c2:e5:55:a4:7d:
be:96:dc:86:33:c2:22:d9:24:31:73:9d:80:f3:cb:d2:d8:47:
96:16:0a:24:81:cd:15:9f:c5:66:db:4d:21:9e:a0:2b:32:a3:
f6:71:30:8d:e9:26:9f:b6:2c:47:db:b8:c3:2b:f5:2d:c2:bc:
76:7c:39:f7:45:d7:28:43:3c:31:d2:9a:03:4b:6f:03:e4:28:
7a:8a:fe:ff:61:0e:f8:82:5a:1c:48:d3:f0:8b:a7:92:81:19:
2c:af:9d:cc:7a:a5:a3:d2:84:a5:b1:a7:ce:f6:77:24:f9:d0:
94:6a:20:01:e4:85:2c:c7:f8:f9:87:65:19:b5:c3:aa:14:75:
6e:99:10:8e:d3:ce:a9:11:94:41:c8:fa:06:ff:f5:30:69:a0:
43:1f:93:e6:e1:7c:91:10:f2:11:81:03:87:a4:0c:52:1a:10:
c6:d7:8f:4e:dc:58:00:56:2a:b9:d9:07:ea:83:bb:da:13:57:
e9:84:46:7b:20:bf:57:0b:3c:ee:8e:88:65:8d:9b:12:81:de:
c3:49:e8:9c:69:92:35:e0:63:df:a0:47:fc:e7:33:ac:21:cf:
02:aa:d3:a3:81:ed:7f:ac:d3:76:89:d1:bf:22:f4:f6:5c:d6:
00:48:d5:73
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEH0dTezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTJhNThjNjk3YTE0NDk5NzZiMGQxMWQ2ZjEyNjAyNWUxNDA4OWM2MB4XDTIyMDQy
NjA1NDQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc5ZGE5MDc4Nzk1
ZjY1ZWJjYTMyZTA4NWMxMDAwNWI1M2I0MDhjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbFODUOpcIzdOVQNIfJRaCq8Q4JjtW/ESfB6wBSg3tzVVH5
11mMnmbD63XarS5yll2DXB4GHeD/vTVPR5UvvDk2QZaOnboctKTAvk8uEKz8TGVS
D/RB2bj6IBt8bf2yAnHp7A+70r5iADGXNlU+6u3eQcgtJEUB0ukkg+JkLwSsRxZl
7oWQi8bncIeNBUCEK/j1LSw8IJyXUzPHbSoQplZkm56qmKo1bdLogGEiflB82FDe
1ZcQ1otAPDXc18Gok+nKINPQ4MKOH7ngUn72U1FW+8kQ4JudlpX2C1Xnmcqv/09b
wXYulsJ51NHv4l/DaMlmDrV9liq4sYg86nYEYacCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBTXnakHh5X2XryjLghcEABbU7QIxDAfBgNVHSMEGDAWgBSqKljGl6FEmXaw
0R1vEmAl4UCJxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FpcFl4cGVoUkpsMnNORWRieEpnSmVGQWljWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvMzE0MmE1LWQ5MmQtNGQwNi04MjI4LWJlNjIyYzMxMzJkZi8x
LzE1MnBCNGVWOWw2OG95NElYQkFBVzFPMENNUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
MzE0MmE1LWQ5MmQtNGQwNi04MjI4LWJlNjIyYzMxMzJkZi8xL3FpcFl4cGVoUkps
MnNORWRieEpnSmVGQWljWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAwWvWAMEBi4qAAMEBC7kYAMEA4Za
mAMEA5L3IDAMAwQFsjkgAwQDsjkwAwQCuRA4AwQEvHgwAwQDwjqgAwQDwjqwMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ0I0DmN4Nxlf63Z2+wuVVpH2+ltyGM8Ii2SQxc52A
88vS2EeWFgokgc0Vn8Vm200hnqArMqP2cTCN6SaftixH27jDK/Utwrx2fDn3Rdco
Qzwx0poDS28D5Ch6iv7/YQ74glocSNPwi6eSgRksr53MeqWj0oSlsafO9nck+dCU
aiAB5IUsx/j5h2UZtcOqFHVumRCO086pEZRByPoG//UwaaBDH5Pm4XyREPIRgQOH
pAxSGhDG149O3FgAViq52Qfqg7vaE1fphEZ7IL9XCzzujohljZsSgd7DSeicaZI1
4GPfoEf85zOsIc8CqtOjge1/rNN2idG/IvT2XNYASNVz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:09 2025 by rpki-client