Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/4Lt-TT7ouE2RMagAd7mQjq8jZKo.roa
File: 4Lt-TT7ouE2RMagAd7mQjq8jZKo.roa (raw, json)
Hash identifier: t+gCISyQ9XRBLySR8fiYRXdmtgNa1NB5duiES1IqZ5Q=
Subject key identifier: E0:BB:7E:4D:3E:E8:B8:4D:91:31:A8:00:77:B9:90:8E:AF:23:64:AA
Certificate issuer: /CN=5cae7aa1594d89929b111a371f0ff26f202f58e2
Certificate serial: 052F1BAC
Authority key identifier: 5C:AE:7A:A1:59:4D:89:92:9B:11:1A:37:1F:0F:F2:6F:20:2F:58:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/4Lt-TT7ouE2RMagAd7mQjq8jZKo.roa
Signing time: Sat 01 Jan 2022 03:55:51 +0000
ROA not before: Sat 01 Jan 2022 03:55:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50474
IP address blocks: 185.154.136.0/22 maxlen: 22
109.234.164.0/22 maxlen: 22
109.234.161.0/24 maxlen: 24
109.234.162.0/24 maxlen: 24
109.234.163.0/24 maxlen: 24
109.234.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86973356 (0x52f1bac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cae7aa1594d89929b111a371f0ff26f202f58e2
Validity
Not Before: Jan 1 03:55:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0bb7e4d3ee8b84d9131a80077b9908eaf2364aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0d:b7:58:9c:95:63:7f:f6:ba:32:06:f8:11:
55:f8:c6:98:4e:83:3c:41:80:22:4f:d4:85:8c:f5:
d4:ab:42:e7:04:33:4c:8d:83:d3:12:c8:46:3b:45:
c6:c8:42:01:18:a6:46:17:be:d6:dc:8b:38:2d:df:
60:70:d4:af:12:fa:b8:f9:a7:bc:0e:bc:ee:e9:21:
1a:a5:e3:2d:dd:0e:a3:0c:a6:2c:1d:17:b8:05:bf:
15:13:aa:bd:3e:11:a0:f0:d6:0c:4c:67:82:ed:f2:
6e:9e:2f:c1:7e:1f:87:c8:5a:55:a9:17:61:e4:82:
84:d4:6f:90:7b:95:36:d5:56:19:be:c9:0b:dc:95:
95:ef:a1:e4:fb:b5:32:4a:75:5b:40:60:cf:e8:8a:
93:1d:3c:71:68:a4:d4:9e:7c:85:13:9f:c8:80:b2:
e6:a1:7c:34:e1:cc:8d:9d:18:fb:9a:9c:c1:8c:5c:
7b:52:b4:25:a3:b1:b7:d0:c9:b1:f9:9f:b2:5d:a7:
4a:f9:65:63:fe:96:99:d5:0b:31:0c:3a:40:17:f6:
73:90:88:33:1f:3f:1e:0f:be:12:86:6e:62:2d:08:
8c:75:17:b9:a6:fe:33:f9:03:27:a2:fa:ad:3a:78:
df:5e:3e:30:37:a3:d1:e0:08:c2:89:80:48:af:40:
f6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BB:7E:4D:3E:E8:B8:4D:91:31:A8:00:77:B9:90:8E:AF:23:64:AA
X509v3 Authority Key Identifier:
keyid:5C:AE:7A:A1:59:4D:89:92:9B:11:1A:37:1F:0F:F2:6F:20:2F:58:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/4Lt-TT7ouE2RMagAd7mQjq8jZKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/XK56oVlNiZKbERo3Hw_ybyAvWOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.160.0/21
185.154.136.0/22
Signature Algorithm: sha256WithRSAEncryption
42:bc:0c:d5:3d:58:6a:e4:04:c6:5d:40:71:b7:85:12:0e:28:
1f:4e:38:f6:7c:9e:bd:b2:23:cb:6f:40:96:87:e5:38:7f:b8:
b5:8a:34:b6:12:66:e8:20:5e:57:f7:8c:6e:9e:28:9a:80:65:
4e:1a:a8:d8:2e:dc:30:9b:f6:da:5e:b6:f0:e7:d6:fe:5b:52:
39:b4:24:23:78:26:22:73:81:e2:d9:b9:2a:5e:07:fe:d7:0d:
77:09:d5:28:a9:18:36:ba:c5:95:fb:8b:0e:10:ec:b8:fd:f8:
49:9d:fa:f8:19:9f:25:5f:6a:69:27:7c:7e:cb:31:0d:cd:db:
f4:e1:41:52:4e:96:7f:92:a2:b4:84:d9:53:b3:cb:09:f1:54:
f5:11:e7:88:8b:08:49:3f:d6:47:b3:3b:30:81:08:32:ad:ae:
b9:ae:c3:b9:35:af:c1:63:d2:9f:2d:1a:a9:ca:f3:27:2d:aa:
36:bc:d9:a7:25:a8:42:db:2c:4e:d9:5f:c2:e0:d7:55:ad:41:
ef:67:37:e8:d7:fd:de:ba:4c:ea:d4:39:5c:df:99:46:79:97:
a4:d5:44:5e:9d:65:63:52:75:88:54:8c:7c:95:fd:37:4d:34:
ed:6f:d3:1c:3e:1c:0a:67:3b:a1:1f:a0:49:fe:20:62:1b:ab:
93:3f:bf:81
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBS8brDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2FlN2FhMTU5NGQ4OTkyOWIxMTFhMzcxZjBmZjI2ZjIwMmY1OGUyMB4XDTIyMDEw
MTAzNTU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBiYjdlNGQzZWU4
Yjg0ZDkxMzFhODAwNzdiOTkwOGVhZjIzNjRhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYNt1iclWN/9royBvgRVfjGmE6DPEGAIk/UhYz11KtC5wQz
TI2D0xLIRjtFxshCARimRhe+1tyLOC3fYHDUrxL6uPmnvA687ukhGqXjLd0Oowym
LB0XuAW/FROqvT4RoPDWDExngu3ybp4vwX4fh8haVakXYeSChNRvkHuVNtVWGb7J
C9yVle+h5Pu1Mkp1W0Bgz+iKkx08cWik1J58hROfyICy5qF8NOHMjZ0Y+5qcwYxc
e1K0JaOxt9DJsfmfsl2nSvllY/6WmdULMQw6QBf2c5CIMx8/Hg++EoZuYi0IjHUX
uab+M/kDJ6L6rTp4314+MDej0eAIwomASK9A9v0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTgu35NPui4TZExqAB3uZCOryNkqjAfBgNVHSMEGDAWgBRcrnqhWU2JkpsR
GjcfD/JvIC9Y4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hLNTZvVmxOaVpLYkVSbzNId195YnlBdldPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNWU2YmFlLTk2MmYtNDA1Ny04ZWM1LTI3OWY1OTRiM2EyZi8x
LzRMdC1UVDdvdUUyUk1hZ0FkN21RanE4alpLby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NWU2YmFlLTk2MmYtNDA1Ny04ZWM1LTI3OWY1OTRiM2EyZi8xL1hLNTZvVmxOaVpL
YkVSbzNId195YnlBdldPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA23qoAMEArmaiDANBgkqhkiG9w0B
AQsFAAOCAQEAQrwM1T1YauQExl1AcbeFEg4oH0449nyevbIjy29AloflOH+4tYo0
thJm6CBeV/eMbp4omoBlThqo2C7cMJv22l628OfW/ltSObQkI3gmInOB4tm5Kl4H
/tcNdwnVKKkYNrrFlfuLDhDsuP34SZ36+BmfJV9qaSd8fssxDc3b9OFBUk6Wf5Ki
tITZU7PLCfFU9RHniIsIST/WR7M7MIEIMq2uua7DuTWvwWPSny0aqcrzJy2qNrzZ
pyWoQtssTtlfwuDXVa1B72c36Nf93rpM6tQ5XN+ZRnmXpNVEXp1lY1J1iFSMfJX9
N0007W/THD4cCmc7oR+gSf4gYhurkz+/gQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:59 2025 by rpki-client