Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/_sIOV17-ksUh5f54fzOPuG10Nuo.roa
File: _sIOV17-ksUh5f54fzOPuG10Nuo.roa (raw, json)
Hash identifier: R9dycvukMyEoIxdOUawWMY1SbllRo+23sUx+oG47Z0I=
Subject key identifier: FE:C2:0E:57:5E:FE:92:C5:21:E5:FE:78:7F:33:8F:B8:6D:74:36:EA
Certificate issuer: /CN=5ab1996515884434b87882b5b972a6e529ffb00b
Certificate serial: 0449741E
Authority key identifier: 5A:B1:99:65:15:88:44:34:B8:78:82:B5:B9:72:A6:E5:29:FF:B0:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/_sIOV17-ksUh5f54fzOPuG10Nuo.roa
Signing time: Mon 21 Feb 2022 19:06:04 +0000
ROA not before: Mon 21 Feb 2022 19:06:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209103
IP address blocks: 185.159.157.0/24 maxlen: 24
185.159.159.0/24 maxlen: 24
2a07:b941:f00::/44 maxlen: 44
2a07:b941:f10::/44 maxlen: 44
2a07:b941:e20::/44 maxlen: 44
2a07:b941:e10::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71922718 (0x449741e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab1996515884434b87882b5b972a6e529ffb00b
Validity
Not Before: Feb 21 19:06:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fec20e575efe92c521e5fe787f338fb86d7436ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4d:6a:80:a1:ec:a6:62:21:c4:b6:fe:d4:fd:
d9:e5:d0:1a:28:b4:3d:26:3a:2a:66:2b:73:9e:28:
ed:fa:08:bd:26:09:ef:62:4b:8e:52:84:4c:be:9e:
90:e5:51:0d:cd:9a:b2:2a:3d:4b:c2:f0:99:13:20:
21:82:e4:ac:ac:bd:81:5d:aa:ce:b2:08:84:13:83:
93:72:1f:47:c4:be:0f:c2:2f:3e:3f:b1:bc:d5:ad:
5b:95:4a:c7:a2:1a:a1:9e:58:3c:f2:79:95:5d:ec:
f1:49:83:7c:c8:c0:30:c6:8b:21:ab:ee:5d:dd:2b:
44:c7:a3:dc:62:3a:bc:07:24:20:30:d5:b6:2e:12:
9a:fd:ad:5d:c1:72:af:c8:61:2d:33:6a:f3:83:fb:
19:fa:c8:7d:cc:e6:09:62:99:45:a6:df:bb:2e:b2:
8a:61:75:6a:b8:a3:b1:a9:c6:5c:f6:a5:b2:ca:03:
b3:6b:69:3b:36:84:8f:c9:1c:e6:d1:70:a7:19:9b:
41:9b:ef:ad:6d:a4:db:57:65:4c:2d:d5:54:43:bc:
d4:4f:f8:b8:82:89:31:23:99:07:67:85:b8:50:86:
8c:9f:c6:2c:ed:cf:d1:b5:cd:bf:07:a9:2c:11:b1:
28:30:63:ea:d7:e7:8b:dd:28:e1:65:64:a2:45:b0:
c3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C2:0E:57:5E:FE:92:C5:21:E5:FE:78:7F:33:8F:B8:6D:74:36:EA
X509v3 Authority Key Identifier:
keyid:5A:B1:99:65:15:88:44:34:B8:78:82:B5:B9:72:A6:E5:29:FF:B0:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/_sIOV17-ksUh5f54fzOPuG10Nuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.157.0/24
185.159.159.0/24
IPv6:
2a07:b941:e10::-2a07:b941:e2f:ffff:ffff:ffff:ffff:ffff
2a07:b941:f00::/43
Signature Algorithm: sha256WithRSAEncryption
88:e6:77:dc:54:99:d5:c1:d8:c0:55:0c:be:3e:df:a2:27:20:
71:35:61:1b:21:f4:5f:7c:b2:ed:05:20:b6:f3:8e:61:ac:3a:
db:db:29:0e:2b:e5:49:6e:90:40:74:ce:b8:2d:2b:e6:39:b5:
a3:95:93:17:cc:e6:3a:6a:6a:43:f5:ca:35:bc:3c:70:a0:a4:
3d:11:f2:4b:58:f2:af:17:4f:90:22:0d:65:2a:25:16:f1:93:
f6:f8:c1:66:ff:6a:fd:4a:c2:c4:d1:01:c0:9e:17:7c:78:39:
68:a4:66:a6:79:c0:a8:5e:ec:d8:6e:74:e2:65:f4:d6:52:98:
30:18:62:9f:7f:9d:45:8d:ca:98:78:8f:e7:37:dd:e9:7d:0b:
ad:9b:64:dc:24:9c:f5:55:7e:e9:2c:20:4f:44:c0:80:66:eb:
8d:71:c9:78:39:14:5d:c9:4f:ff:9a:01:6a:47:56:26:1f:2d:
b1:d9:fc:9d:59:89:35:5a:44:c1:f8:74:78:35:e4:ed:01:16:
91:cf:f3:a1:67:88:a4:e1:7f:2d:99:d9:05:ed:bd:d1:f5:5e:
c3:84:a3:2b:80:e5:f4:5a:c3:6b:8b:c9:a5:69:74:fc:9e:f5:
54:c2:65:03:90:aa:31:4c:13:5f:50:54:7b:ff:03:15:f4:65:
ad:e0:c2:82
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEBEl0HjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWIxOTk2NTE1ODg0NDM0Yjg3ODgyYjViOTcyYTZlNTI5ZmZiMDBiMB4XDTIyMDIy
MTE5MDYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmVjMjBlNTc1ZWZl
OTJjNTIxZTVmZTc4N2YzMzhmYjg2ZDc0MzZlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhNaoCh7KZiIcS2/tT92eXQGii0PSY6KmYrc54o7foIvSYJ
72JLjlKETL6ekOVRDc2asio9S8LwmRMgIYLkrKy9gV2qzrIIhBODk3IfR8S+D8Iv
Pj+xvNWtW5VKx6IaoZ5YPPJ5lV3s8UmDfMjAMMaLIavuXd0rRMej3GI6vAckIDDV
ti4Smv2tXcFyr8hhLTNq84P7GfrIfczmCWKZRabfuy6yimF1arijsanGXPalssoD
s2tpOzaEj8kc5tFwpxmbQZvvrW2k21dlTC3VVEO81E/4uIKJMSOZB2eFuFCGjJ/G
LO3P0bXNvwepLBGxKDBj6tfni90o4WVkokWww4UCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBT+wg5XXv6SxSHl/nh/M4+4bXQ26jAfBgNVHSMEGDAWgBRasZllFYhENLh4
grW5cqblKf+wCzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dyR1paUldJUkRTNGVJSzF1WEttNVNuX3NBcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvOTRjOTE5LWU2ZWEtNGUxOC1hZjEyLWVkNWIwMWQyNTI4Yy8x
L19zSU9WMTcta3NVaDVmNTRmek9QdUcxME51by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
OTRjOTE5LWU2ZWEtNGUxOC1hZjEyLWVkNWIwMWQyNTI4Yy8xL1dyR1paUldJUkRT
NGVJSzF1WEttNVNuX3NBcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwEgQCAAEwDAMEALmfnQMEALmfnzAjBAIAAjAdMBID
BwQqB7lBDhADBwQqB7lBDiADBwUqB7lBDwAwDQYJKoZIhvcNAQELBQADggEBAIjm
d9xUmdXB2MBVDL4+36InIHE1YRsh9F98su0FILbzjmGsOtvbKQ4r5UlukEB0zrgt
K+Y5taOVkxfM5jpqakP1yjW8PHCgpD0R8ktY8q8XT5AiDWUqJRbxk/b4wWb/av1K
wsTRAcCeF3x4OWikZqZ5wKhe7NhudOJl9NZSmDAYYp9/nUWNyph4j+c33el9C62b
ZNwknPVVfuksIE9EwIBm641xyXg5FF3JT/+aAWpHViYfLbHZ/J1ZiTVaRMH4dHg1
5O0BFpHP86FniKThfy2Z2QXtvdH1XsOEoyuA5fRaw2uLyaVpdPye9VTCZQOQqjFM
E19QVHv/AxX0Za3gwoI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:58 2025 by rpki-client