Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5D2AKLDs5-PxaEy5jjBdNgU29RU.roa
File: 5D2AKLDs5-PxaEy5jjBdNgU29RU.roa (raw, json)
Hash identifier: SWI9kzGRvzEmDDQ8KxuCsQaOGDpAe6bIBfJKxtrW3dw=
Subject key identifier: E4:3D:80:28:B0:EC:E7:E3:F1:68:4C:B9:8E:30:5D:36:05:36:F5:15
Certificate issuer: /CN=e5c9fff2f8ed0d65aad0b94f8036f2ee1aeeea0a
Certificate serial: 04EFE325
Authority key identifier: E5:C9:FF:F2:F8:ED:0D:65:AA:D0:B9:4F:80:36:F2:EE:1A:EE:EA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5D2AKLDs5-PxaEy5jjBdNgU29RU.roa
Signing time: Fri 28 Jan 2022 12:51:11 +0000
ROA not before: Fri 28 Jan 2022 12:51:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51095
IP address blocks: 185.40.106.0/24 maxlen: 24
213.170.143.0/24 maxlen: 24
89.35.237.0/24 maxlen: 24
2a0c:e080::/29 maxlen: 32
2a0c:e082:10::/44 maxlen: 44
2a0c:e082::/44 maxlen: 44
2a0c:e080::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82830117 (0x4efe325)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c9fff2f8ed0d65aad0b94f8036f2ee1aeeea0a
Validity
Not Before: Jan 28 12:51:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e43d8028b0ece7e3f1684cb98e305d360536f515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:36:57:e4:df:52:8a:eb:4c:44:9f:21:b4:0b:
6b:29:c9:29:4b:dd:87:de:fc:11:61:e6:6d:83:df:
2d:79:06:41:32:97:17:12:e5:65:1d:49:a7:6b:18:
dd:ac:ad:22:9d:6a:5e:31:fe:e9:6b:cf:96:4e:5b:
11:ae:6b:58:a4:c9:f1:55:fb:45:fb:a4:ab:19:d6:
83:96:35:69:19:5f:96:31:b3:f8:42:14:ae:2c:4b:
c4:95:3f:11:d7:bb:77:7d:7b:5e:17:57:9c:46:1c:
6f:5c:b0:48:a9:4f:13:f1:95:f7:ee:35:c5:a1:48:
c9:eb:d3:ba:b4:22:ef:4e:00:05:a4:fc:bd:3c:69:
c6:39:22:73:c9:7e:8c:23:48:ae:7b:3d:be:f4:59:
15:38:48:9e:56:fc:74:94:4d:d7:f0:16:92:61:92:
b8:72:f9:cf:d2:ff:d3:76:cb:d3:bd:98:96:11:c3:
3a:dc:f3:da:70:77:c4:82:60:51:05:0a:14:81:ba:
9d:ec:50:c1:ef:73:54:f0:d2:83:d9:06:8a:71:fd:
f1:0c:75:3e:b7:fa:47:87:98:53:b4:49:cc:6f:f8:
7b:64:4f:d6:12:c0:9d:02:46:ca:21:52:b3:77:a0:
2a:a4:16:80:c5:c5:1d:d8:5a:eb:ce:4e:8b:90:ad:
15:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3D:80:28:B0:EC:E7:E3:F1:68:4C:B9:8E:30:5D:36:05:36:F5:15
X509v3 Authority Key Identifier:
keyid:E5:C9:FF:F2:F8:ED:0D:65:AA:D0:B9:4F:80:36:F2:EE:1A:EE:EA:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5D2AKLDs5-PxaEy5jjBdNgU29RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5cn_8vjtDWWq0LlPgDby7hru6go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.237.0/24
185.40.106.0/24
213.170.143.0/24
IPv6:
2a0c:e080::/29
Signature Algorithm: sha256WithRSAEncryption
3c:48:62:01:fa:01:f8:16:34:ad:70:2c:72:7d:c1:58:d9:3d:
47:16:f1:31:0e:ec:78:d7:ea:50:ff:4f:45:c4:1b:6f:c6:f2:
40:65:fe:f4:50:e8:e0:c2:c2:35:8d:3f:a0:66:a6:f3:b9:e8:
7c:b1:fb:c6:ac:4d:6a:c7:65:fa:49:6f:9f:2b:6f:65:99:3f:
93:12:67:04:c4:55:40:72:41:e9:d1:da:0f:3d:3b:17:85:33:
ba:5d:e4:0b:5f:e3:2f:74:17:f5:fb:87:a2:86:73:37:ea:aa:
a4:6e:08:5d:f4:52:2b:73:ea:97:1d:d2:4c:dc:27:e3:71:97:
81:26:d2:d6:1d:66:21:a6:6c:d8:9e:5d:56:15:8f:5c:8a:2b:
57:b9:2f:b3:3d:21:6d:a4:aa:e6:2a:8e:0c:24:88:b0:30:3b:
25:65:2b:62:db:34:1f:2d:89:a3:71:27:7b:6b:54:10:72:11:
98:84:41:c6:a5:e9:7d:5b:35:4b:30:32:b9:69:09:13:32:bb:
1b:38:d4:68:92:cd:99:e8:b5:3f:48:29:c4:23:aa:f4:d4:8a:
24:8a:b5:1b:e2:2f:92:f8:0f:87:21:af:3b:c5:23:23:39:f4:
d8:e8:1f:77:d1:86:76:d7:85:44:17:70:24:61:bf:af:a9:0b:
be:9c:58:0b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBO/jJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWM5ZmZmMmY4ZWQwZDY1YWFkMGI5NGY4MDM2ZjJlZTFhZWVlYTBhMB4XDTIyMDEy
ODEyNTExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQzZDgwMjhiMGVj
ZTdlM2YxNjg0Y2I5OGUzMDVkMzYwNTM2ZjUxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL02V+TfUorrTESfIbQLaynJKUvdh978EWHmbYPfLXkGQTKX
FxLlZR1Jp2sY3aytIp1qXjH+6WvPlk5bEa5rWKTJ8VX7RfukqxnWg5Y1aRlfljGz
+EIUrixLxJU/Ede7d317XhdXnEYcb1ywSKlPE/GV9+41xaFIyevTurQi704ABaT8
vTxpxjkic8l+jCNIrns9vvRZFThInlb8dJRN1/AWkmGSuHL5z9L/03bL072YlhHD
Otzz2nB3xIJgUQUKFIG6nexQwe9zVPDSg9kGinH98Qx1Prf6R4eYU7RJzG/4e2RP
1hLAnQJGyiFSs3egKqQWgMXFHdha685Oi5CtFbECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTkPYAosOzn4/FoTLmOMF02BTb1FTAfBgNVHSMEGDAWgBTlyf/y+O0NZarQ
uU+ANvLuGu7qCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVjbl84dmp0RFdXcTBMbFBnRGJ5N2hydTZnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvYWYyM2M2LWVmZWMtNDkxYi04N2NkLTlmYWE2MmExZjE3OC8x
LzVEMkFLTERzNS1QeGFFeTVqakJkTmdVMjlSVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
YWYyM2M2LWVmZWMtNDkxYi04N2NkLTlmYWE2MmExZjE3OC8xLzVjbl84dmp0RFdX
cTBMbFBnRGJ5N2hydTZnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFkj7QMEALkoagMEANWqjzANBAIA
AjAHAwUDKgzggDANBgkqhkiG9w0BAQsFAAOCAQEAPEhiAfoB+BY0rXAscn3BWNk9
RxbxMQ7seNfqUP9PRcQbb8byQGX+9FDo4MLCNY0/oGam87nofLH7xqxNasdl+klv
nytvZZk/kxJnBMRVQHJB6dHaDz07F4Uzul3kC1/jL3QX9fuHooZzN+qqpG4IXfRS
K3Pqlx3STNwn43GXgSbS1h1mIaZs2J5dVhWPXIorV7kvsz0hbaSq5iqODCSIsDA7
JWUrYts0Hy2Jo3Ene2tUEHIRmIRBxqXpfVs1SzAyuWkJEzK7GzjUaJLNmei1P0gp
xCOq9NSKJIq1G+IvkvgPhyGvO8UjIzn02Ogfd9GGdteFRBdwJGG/r6kLvpxYCw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:18:43 2025 by rpki-client