Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/xKqeYFLnlXROf4CTXjSk6U5TCCQ.roa
File: xKqeYFLnlXROf4CTXjSk6U5TCCQ.roa (raw, json)
Hash identifier: NBQCijH3YCjxXp/i7e7CuuLCRB6YdpOGn2PNwDK+izk=
Subject key identifier: C4:AA:9E:60:52:E7:95:74:4E:7F:80:93:5E:34:A4:E9:4E:53:08:24
Certificate issuer: /CN=ef401a52e3fde699486e99678dbf48875329c33d
Certificate serial: 01856E1433A96F2F37F7FF3E8B3190919223
Authority key identifier: EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/xKqeYFLnlXROf4CTXjSk6U5TCCQ.roa
Signing time: Sun 01 Jan 2023 16:04:55 +0000
ROA not before: Sun 01 Jan 2023 16:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50923
IP address blocks: 37.60.16.0/22 maxlen: 22
37.60.16.0/23 maxlen: 23
37.60.16.0/21 maxlen: 21
37.60.22.0/23 maxlen: 23
37.60.20.0/22 maxlen: 22
37.60.20.0/23 maxlen: 23
37.60.18.0/23 maxlen: 23
5.53.16.0/21 maxlen: 21
5.53.16.0/20 maxlen: 20
5.53.16.0/22 maxlen: 22
5.53.20.0/22 maxlen: 22
5.53.24.0/21 maxlen: 21
5.53.24.0/22 maxlen: 22
5.53.28.0/22 maxlen: 22
185.3.68.0/23 maxlen: 23
185.3.68.0/22 maxlen: 22
185.3.68.0/24 maxlen: 24
185.3.71.0/24 maxlen: 24
185.3.69.0/24 maxlen: 24
185.3.70.0/24 maxlen: 24
185.3.70.0/23 maxlen: 23
37.143.96.0/21 maxlen: 21
37.143.96.0/20 maxlen: 20
37.143.96.0/22 maxlen: 22
37.143.104.0/22 maxlen: 22
37.143.104.0/21 maxlen: 21
37.143.100.0/22 maxlen: 22
37.143.108.0/22 maxlen: 22
178.208.224.0/19 maxlen: 19
178.208.224.0/20 maxlen: 20
178.208.224.0/21 maxlen: 21
178.208.232.0/21 maxlen: 21
178.208.240.0/21 maxlen: 21
178.208.240.0/20 maxlen: 20
178.208.248.0/21 maxlen: 21
2a00:ae40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:33:a9:6f:2f:37:f7:ff:3e:8b:31:90:91:92:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef401a52e3fde699486e99678dbf48875329c33d
Validity
Not Before: Jan 1 16:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4aa9e6052e795744e7f80935e34a4e94e530824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fd:20:fb:92:d4:d5:16:04:1c:50:89:02:f2:
73:94:3f:92:20:1e:28:3c:97:ee:4b:a7:af:6d:ed:
87:c1:4b:4d:e8:ff:f3:7d:12:ff:2f:96:75:cc:fd:
f0:d1:1b:3b:c8:11:c6:5f:7e:52:73:b6:b2:04:a7:
09:08:7d:b9:f6:f8:3d:13:a7:9c:ed:2b:4e:14:27:
79:99:e2:5d:a5:bf:b3:32:54:a8:e6:8f:20:4e:b7:
6d:ce:d2:27:be:31:ff:05:93:42:ca:4b:81:99:39:
6c:6e:cc:0d:da:2f:4c:e1:59:98:5a:44:75:c7:24:
95:12:f6:88:e8:67:dd:01:c4:f3:47:2d:09:8a:99:
22:ca:c3:ca:f3:37:d4:e4:71:63:af:b7:14:2e:1f:
0b:d3:8f:2f:d0:9a:be:fa:69:94:10:92:3f:c2:b7:
7d:2f:cf:ea:28:48:4b:eb:04:4e:21:d0:05:a6:38:
ef:17:fb:35:46:af:a4:4c:d2:28:2b:1e:59:ca:c2:
9c:97:46:8b:58:c4:c2:55:25:d9:7e:79:ae:07:c9:
cd:84:9f:c5:d2:1b:c1:03:f9:ab:e1:9f:fe:dd:e3:
22:ef:db:50:4d:f5:b8:27:07:43:2c:f9:54:7a:5e:
8c:d8:b5:4a:a1:ef:27:a6:e6:d7:a0:49:68:e8:c8:
a1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AA:9E:60:52:E7:95:74:4E:7F:80:93:5E:34:A4:E9:4E:53:08:24
X509v3 Authority Key Identifier:
keyid:EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/xKqeYFLnlXROf4CTXjSk6U5TCCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.16.0/20
37.60.16.0/21
37.143.96.0/20
178.208.224.0/19
185.3.68.0/22
IPv6:
2a00:ae40::/32
Signature Algorithm: sha256WithRSAEncryption
ce:09:1b:03:dd:4c:d2:b8:d9:38:73:b6:a2:49:59:85:3b:34:
68:5d:8d:f4:73:85:1d:0b:f9:4e:89:7d:41:da:8f:d0:24:53:
80:44:c7:f8:6e:2b:92:a1:b6:55:9c:1f:a5:a1:e2:11:e1:77:
69:bf:19:6d:e7:59:8d:1e:2d:e9:8e:d1:02:7c:ea:d2:a7:0e:
8e:58:96:ac:44:54:7b:ae:49:60:50:39:d9:8b:9c:e4:6d:f9:
ea:28:17:a2:b2:f6:9e:be:a5:be:4a:4a:12:14:af:3e:a5:ed:
44:28:23:4f:0a:e8:99:97:15:a2:3d:92:68:cf:97:39:2b:23:
50:45:a4:84:70:ac:76:34:89:e5:5a:07:50:cd:a1:ae:60:b3:
33:9b:bd:e0:c2:c1:be:db:9d:a0:3b:c5:48:66:9e:15:a3:1e:
c2:32:42:f4:cb:df:38:e1:16:58:e1:d8:71:34:6a:9c:4c:13:
c8:3f:52:df:b3:19:eb:26:a0:ed:46:ed:d9:8f:39:12:29:0c:
3d:3b:53:af:ac:24:ea:94:be:20:d2:1b:77:39:98:39:37:c6:
09:e5:a9:c4:dc:bf:d2:30:73:29:2f:05:b6:ab:52:df:d0:81:
03:dd:76:ca:f7:22:4a:2c:8f:a7:ef:a9:b1:b8:97:b7:b0:0f:
1b:7d:31:bd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVuFDOpby839/8+izGQkZIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDAxYTUyZTNmZGU2OTk0ODZlOTk2NzhkYmY0ODg3NTMy
OWMzM2QwHhcNMjMwMTAxMTYwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGFhOWU2MDUyZTc5NTc0NGU3ZjgwOTM1ZTM0YTRlOTRlNTMwODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv0g+5LU1RYEHFCJAvJzlD+SIB4o
PJfuS6evbe2HwUtN6P/zfRL/L5Z1zP3w0Rs7yBHGX35Sc7ayBKcJCH259vg9E6ec
7StOFCd5meJdpb+zMlSo5o8gTrdtztInvjH/BZNCykuBmTlsbswN2i9M4VmYWkR1
xySVEvaI6GfdAcTzRy0JipkiysPK8zfU5HFjr7cULh8L048v0Jq++mmUEJI/wrd9
L8/qKEhL6wROIdAFpjjvF/s1Rq+kTNIoKx5ZysKcl0aLWMTCVSXZfnmuB8nNhJ/F
0hvBA/mr4Z/+3eMi79tQTfW4JwdDLPlUel6M2LVKoe8npubXoElo6MihCQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMSqnmBS55V0Tn+Ak140pOlOUwgkMB8GA1UdIwQY
MBaAFO9AGlLj/eaZSG6ZZ42/SIdTKcM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQt
OWNhOTQ3YWE2NjVhLzEveEtxZVlGTG5sWFJPZjRDVFhqU2s2VTVUQ0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQtOWNhOTQ3YWE2NjVh
LzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEBTUQAwQD
JTwQAwQEJY9gAwQFstDgAwQCuQNEMA0EAgACMAcDBQAqAK5AMA0GCSqGSIb3DQEB
CwUAA4IBAQDOCRsD3UzSuNk4c7aiSVmFOzRoXY30c4UdC/lOiX1B2o/QJFOARMf4
biuSobZVnB+loeIR4Xdpvxlt51mNHi3pjtECfOrSpw6OWJasRFR7rklgUDnZi5zk
bfnqKBeisvaevqW+SkoSFK8+pe1EKCNPCuiZlxWiPZJoz5c5KyNQRaSEcKx2NInl
WgdQzaGuYLMzm73gwsG+252gO8VIZp4Vox7CMkL0y9844RZY4dhxNGqcTBPIP1Lf
sxnrJqDtRu3ZjzkSKQw9O1OvrCTqlL4g0ht3OZg5N8YJ5anE3L/SMHMpLwW2q1Lf
0IED3XbK9yJKLI+n76mxuJe3sA8bfTG9
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:48:45 2025 by rpki-client