Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/A7Yt3xVFJED1vyLulXLDQQnlfy0.roa
File: A7Yt3xVFJED1vyLulXLDQQnlfy0.roa (raw, json)
Hash identifier: 9MOeOajrWPS2oLoe1VsJjcoMpuTOWDZzV1knmn2c2DA=
Subject key identifier: 03:B6:2D:DF:15:45:24:40:F5:BF:22:EE:95:72:C3:41:09:E5:7F:2D
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871089EB084CD82AD6E6454836594C7C83
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/A7Yt3xVFJED1vyLulXLDQQnlfy0.roa
Signing time: Thu 23 Mar 2023 22:14:46 +0000
ROA not before: Thu 23 Mar 2023 22:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 45.140.7.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
193.228.48.0/22 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:89:eb:08:4c:d8:2a:d6:e6:45:48:36:59:4c:7c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 23 22:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03b62ddf15452440f5bf22ee9572c34109e57f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:42:e4:f8:83:87:ac:21:41:2b:4f:e8:05:4b:
a1:27:cd:aa:96:3e:3b:52:9d:19:29:8c:67:39:56:
ff:69:bb:2d:18:9c:52:8d:1f:59:8a:2e:b4:98:55:
dd:66:45:a9:3a:93:aa:70:26:40:27:9c:20:d1:42:
02:a0:b5:17:b4:fe:a2:63:64:da:59:bc:c2:2e:12:
f6:55:f4:a0:be:89:d7:7a:ac:fb:a1:cf:ae:25:a7:
a1:37:9e:14:04:00:a2:44:60:80:f2:77:0b:55:38:
38:aa:93:01:e5:ac:dc:4d:70:2d:03:82:27:f5:a3:
f5:b0:58:23:ac:15:44:14:35:fc:a1:22:b5:b3:0e:
1d:4b:d5:cb:0a:3f:3b:86:e5:d9:00:01:5c:57:71:
82:e0:95:da:6f:e0:92:5a:89:6e:ec:fa:bd:56:a9:
43:b9:98:26:66:9b:66:26:d2:a2:a0:33:20:c9:9f:
82:b8:23:15:25:d7:da:01:92:a7:91:a8:c2:fc:ea:
16:00:0f:d4:c0:12:cc:57:c7:e9:c6:a1:90:c5:c6:
f4:33:72:c1:f2:39:c8:ba:26:e7:e9:39:fa:0f:d5:
76:ed:fc:e9:67:05:8c:e7:21:a0:2a:46:7e:c6:88:
bd:80:3f:f0:20:b1:fa:9f:09:3e:de:70:50:74:bb:
22:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B6:2D:DF:15:45:24:40:F5:BF:22:EE:95:72:C3:41:09:E5:7F:2D
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/A7Yt3xVFJED1vyLulXLDQQnlfy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.75.0/24
45.140.7.0/24
88.218.239.0/24
91.245.239.0/24
95.214.92.0/23
95.214.95.0/24
193.160.72.0/24
193.228.48.0/22
194.28.157.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:92:84:7a:0b:52:ce:07:26:4a:d3:3d:ef:4a:05:01:5f:87:
78:8b:51:c9:c8:5d:1c:52:d8:96:30:3b:94:32:cb:3c:e8:6e:
dc:9d:ba:7c:c1:61:52:3c:00:ec:94:77:67:6b:f5:42:d3:6b:
1b:ed:52:a6:8e:4b:69:e3:52:25:15:b6:d7:a0:46:d0:84:ff:
9a:ef:2e:79:20:ab:b0:9d:f9:f2:0b:91:18:31:1d:4a:40:2c:
f4:5f:4c:87:b3:fe:ed:d6:d5:3f:48:ec:54:52:4e:06:79:b5:
f6:a8:ad:22:1e:1a:dd:f0:b0:fe:74:74:29:59:81:6b:2d:a7:
c6:0a:da:2a:1e:7e:61:d8:f1:2c:69:da:32:d4:61:71:eb:c3:
9a:93:69:10:3d:c4:e7:e2:0f:f2:d9:2c:5b:70:4c:51:5b:88:
16:f5:cc:65:ad:68:fe:2e:54:1f:fe:a3:70:f0:07:1f:70:ea:
1a:1f:7b:a8:49:ee:4a:80:74:c1:6c:4b:c0:1e:dc:e4:fb:56:
fd:5f:7a:c7:aa:51:19:46:bc:7c:7d:b2:f2:22:57:55:11:5a:
9d:15:3a:97:66:c6:35:4a:18:d6:fe:04:c9:9a:d3:e6:04:07:
87:37:e5:78:f2:b0:7d:b4:91:bc:96:74:83:04:c1:0a:53:cf:
ad:2a:35:43
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYcQiesITNgq1uZFSDZZTHyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMjIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2I2MmRkZjE1NDUyNDQwZjViZjIyZWU5NTcyYzM0MTA5ZTU3ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApULk+IOHrCFBK0/oBUuhJ82qlj47
Up0ZKYxnOVb/abstGJxSjR9Zii60mFXdZkWpOpOqcCZAJ5wg0UICoLUXtP6iY2Ta
WbzCLhL2VfSgvonXeqz7oc+uJaehN54UBACiRGCA8ncLVTg4qpMB5azcTXAtA4In
9aP1sFgjrBVEFDX8oSK1sw4dS9XLCj87huXZAAFcV3GC4JXab+CSWolu7Pq9VqlD
uZgmZptmJtKioDMgyZ+CuCMVJdfaAZKnkajC/OoWAA/UwBLMV8fpxqGQxcb0M3LB
8jnIuibn6Tn6D9V27fzpZwWM5yGgKkZ+xoi9gD/wILH6nwk+3nBQdLsiJwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAO2Ld8VRSRA9b8i7pVyw0EJ5X8tMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvQTdZdDN4VkZKRUQxdnlMdWxYTERRUW5sZnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABWhIAwQA
BWhLAwQALYwHAwQAWNrvAwQAW/XvAwQBX9ZcAwQAX9ZfAwQAwaBIAwQCweQwAwQA
whydAwQA1EWHMA0GCSqGSIb3DQEBCwUAA4IBAQBskoR6C1LOByZK0z3vSgUBX4d4
i1HJyF0cUtiWMDuUMss86G7cnbp8wWFSPADslHdna/VC02sb7VKmjktp41IlFbbX
oEbQhP+a7y55IKuwnfnyC5EYMR1KQCz0X0yHs/7t1tU/SOxUUk4GebX2qK0iHhrd
8LD+dHQpWYFrLafGCtoqHn5h2PEsadoy1GFx68Oak2kQPcTn4g/y2SxbcExRW4gW
9cxlrWj+LlQf/qNw8AcfcOoaH3uoSe5KgHTBbEvAHtzk+1b9X3rHqlEZRrx8fbLy
IldVEVqdFTqXZsY1ShjW/gTJmtPmBAeHN+V48rB9tJG8lnSDBMEKU8+tKjVD
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:56:54 2025 by rpki-client