Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/C-5N3IlnXvmsspN8r5atKYiKdOY.roa
File: C-5N3IlnXvmsspN8r5atKYiKdOY.roa (raw, json)
Hash identifier: qZkEou+myTXvL16v3n1b5AAUdicjxbtZxO1fk7grLMY=
Subject key identifier: 0B:EE:4D:DC:89:67:5E:F9:AC:B2:93:7C:AF:96:AD:29:88:8A:74:E6
Certificate issuer: /CN=898825d2f064989b38c781f2a8535189a26928c3
Certificate serial: 04BE58A0
Authority key identifier: 89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/C-5N3IlnXvmsspN8r5atKYiKdOY.roa
Signing time: Sat 01 Jan 2022 05:01:52 +0000
ROA not before: Sat 01 Jan 2022 05:01:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28831
IP address blocks: 185.107.148.0/23 maxlen: 23
185.107.150.0/23 maxlen: 23
62.169.32.0/21 maxlen: 21
62.169.42.0/24 maxlen: 24
62.169.40.0/21 maxlen: 21
62.169.48.0/21 maxlen: 21
62.169.49.0/24 maxlen: 24
62.169.56.0/21 maxlen: 21
62.169.63.0/24 maxlen: 24
62.169.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79583392 (0x4be58a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898825d2f064989b38c781f2a8535189a26928c3
Validity
Not Before: Jan 1 05:01:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bee4ddc89675ef9acb2937caf96ad29888a74e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ea:e0:db:b4:40:94:ec:2c:1b:a2:f8:66:97:
94:c3:80:3c:3b:3d:ec:38:35:aa:f9:8e:dd:56:44:
67:45:34:0c:b5:1c:4c:93:17:e4:d1:29:3e:b6:57:
38:ef:8c:f9:2f:f8:fd:c8:42:0d:6b:cc:73:08:67:
0d:ee:ae:a9:14:e3:c7:c1:6e:47:cb:d4:91:a7:1d:
bd:1f:ed:ad:7f:e2:3c:5c:a2:6e:34:3b:08:af:46:
c9:77:7d:85:ae:bf:c9:6c:7e:62:ed:c8:dc:7c:51:
de:61:e6:e1:d0:3d:22:8c:31:f5:7d:74:56:c6:3b:
9c:2c:06:2f:f4:61:c6:16:bf:2a:58:fe:6b:01:4a:
8a:f2:51:c6:ac:0c:07:e0:72:70:0e:f6:21:39:24:
10:32:fc:a2:4b:14:82:9b:58:ec:b7:cb:2b:23:da:
32:e5:ad:68:02:bc:92:28:b2:f9:4a:11:c4:80:15:
a5:8d:38:ec:55:16:eb:29:1d:a0:bf:b9:10:a4:35:
71:61:cc:d9:05:96:4c:f0:39:75:a9:e9:86:ec:c7:
28:b1:47:1e:21:99:07:9a:ec:e0:fd:06:25:86:f5:
c6:0a:f9:19:5a:25:52:e3:93:7c:64:70:cb:26:49:
2c:cc:af:dd:ab:fe:79:45:8f:b4:8a:82:0c:50:cd:
37:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:EE:4D:DC:89:67:5E:F9:AC:B2:93:7C:AF:96:AD:29:88:8A:74:E6
X509v3 Authority Key Identifier:
keyid:89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/C-5N3IlnXvmsspN8r5atKYiKdOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.32.0/19
185.107.148.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:d4:16:3e:58:24:0d:00:bb:60:75:bb:6b:29:a7:2b:91:c9:
09:65:20:18:d0:40:cb:e4:a5:34:c1:dc:cf:b9:48:ad:48:10:
be:2b:13:ed:78:41:9b:8a:84:f1:32:1d:5e:b2:f5:ae:0c:f1:
03:f3:a6:0a:a5:8b:83:70:21:cd:89:fd:f4:d6:bf:de:d7:94:
bf:0e:e7:bb:6f:ea:32:da:f3:c9:f6:90:29:0b:37:16:83:8f:
7b:07:fb:39:e8:e2:76:52:ce:ec:8a:f7:35:ad:b8:c1:22:3b:
6d:f0:14:d3:1a:3f:08:0e:eb:31:0e:e4:c2:7d:67:04:03:99:
80:7b:76:0a:20:b4:ce:be:de:f7:32:f6:34:2e:fd:19:07:9c:
06:16:1f:10:4d:28:a0:57:28:31:ce:c0:ff:3b:fd:79:57:c9:
44:03:09:d9:2a:ee:50:8b:f6:8a:31:5c:3b:48:6a:ec:1a:62:
80:2b:2f:8d:8d:4d:2a:24:21:5e:39:80:33:66:ab:7c:ce:3a:
c1:45:1e:3e:1e:b2:e1:0a:fa:6c:6c:23:88:dd:a4:62:6f:5f:
01:ba:23:3b:02:a2:73:b5:38:4a:fb:32:b2:ad:47:32:c0:8e:
2b:ab:b5:37:28:8a:5c:17:bd:cb:96:e2:3c:bd:68:08:e3:0a:
6a:0f:eb:75
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBL5YoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTg4MjVkMmYwNjQ5ODliMzhjNzgxZjJhODUzNTE4OWEyNjkyOGMzMB4XDTIyMDEw
MTA1MDE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJlZTRkZGM4OTY3
NWVmOWFjYjI5MzdjYWY5NmFkMjk4ODhhNzRlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfq4Nu0QJTsLBui+GaXlMOAPDs97Dg1qvmO3VZEZ0U0DLUc
TJMX5NEpPrZXOO+M+S/4/chCDWvMcwhnDe6uqRTjx8FuR8vUkacdvR/trX/iPFyi
bjQ7CK9GyXd9ha6/yWx+Yu3I3HxR3mHm4dA9Iowx9X10VsY7nCwGL/Rhxha/Klj+
awFKivJRxqwMB+BycA72ITkkEDL8oksUgptY7LfLKyPaMuWtaAK8kiiy+UoRxIAV
pY047FUW6ykdoL+5EKQ1cWHM2QWWTPA5danphuzHKLFHHiGZB5rs4P0GJYb1xgr5
GVolUuOTfGRwyyZJLMyv3av+eUWPtIqCDFDNN30CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQL7k3ciWde+ayyk3yvlq0piIp05jAfBgNVHSMEGDAWgBSJiCXS8GSYmzjH
gfKoU1GJomkowzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lZZ2wwdkJrbUpzNHg0SHlxRk5SaWFKcEtNTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvMGFhNGQwLTA1ZTQtNDgwMi05OWQ4LWVjYWU0MTQ0NmI3Ny8x
L0MtNU4zSWxuWHZtc3NwTjhyNWF0S1lpS2RPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
MGFhNGQwLTA1ZTQtNDgwMi05OWQ4LWVjYWU0MTQ0NmI3Ny8xL2lZZ2wwdkJrbUpz
NHg0SHlxRk5SaWFKcEtNTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBT6pIAMEArlrlDANBgkqhkiG9w0B
AQsFAAOCAQEAttQWPlgkDQC7YHW7aymnK5HJCWUgGNBAy+SlNMHcz7lIrUgQvisT
7XhBm4qE8TIdXrL1rgzxA/OmCqWLg3AhzYn99Na/3teUvw7nu2/qMtrzyfaQKQs3
FoOPewf7OejidlLO7Ir3Na24wSI7bfAU0xo/CA7rMQ7kwn1nBAOZgHt2CiC0zr7e
9zL2NC79GQecBhYfEE0ooFcoMc7A/zv9eVfJRAMJ2SruUIv2ijFcO0hq7BpigCsv
jY1NKiQhXjmAM2arfM46wUUePh6y4Qr6bGwjiN2kYm9fAbojOwKic7U4Svsysq1H
MsCOK6u1NyiKXBe9y5biPL1oCOMKag/rdQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:24 2025 by rpki-client