Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/R9Udc1S_iSH5Z3EtsJzgFQKO4P0.roa
File: R9Udc1S_iSH5Z3EtsJzgFQKO4P0.roa (raw, json)
Hash identifier: M4ddxXJBejn1WNSXNZX82LbrLUt+kKnHb9MRa1oAFCI=
Subject key identifier: 47:D5:1D:73:54:BF:89:21:F9:67:71:2D:B0:9C:E0:15:02:8E:E0:FD
Certificate issuer: /CN=b46320188098520c366277f749a4f77a1d444439
Certificate serial: 133E24A9
Authority key identifier: B4:63:20:18:80:98:52:0C:36:62:77:F7:49:A4:F7:7A:1D:44:44:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGMgGICYUgw2Ynf3SaT3eh1ERDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/R9Udc1S_iSH5Z3EtsJzgFQKO4P0.roa
Signing time: Sat 01 Jan 2022 01:52:41 +0000
ROA not before: Sat 01 Jan 2022 01:52:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50957
IP address blocks: 78.31.104.0/21 maxlen: 21
185.98.196.0/22 maxlen: 22
5.153.248.0/21 maxlen: 21
213.170.0.0/19 maxlen: 19
31.25.184.0/21 maxlen: 21
37.128.128.0/21 maxlen: 21
89.200.136.0/21 maxlen: 21
77.73.0.0/21 maxlen: 21
2a02:24e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 322839721 (0x133e24a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b46320188098520c366277f749a4f77a1d444439
Validity
Not Before: Jan 1 01:52:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47d51d7354bf8921f967712db09ce015028ee0fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:76:0d:67:92:2a:53:e0:97:3f:d4:4d:7f:85:
6d:ff:52:94:b5:5e:ce:30:95:9f:56:61:0f:2b:dc:
92:fc:bc:ed:a7:7e:dd:d4:a6:d1:3f:86:ab:53:90:
bc:a6:91:2b:e1:d5:60:8a:cc:16:10:75:ef:83:4d:
49:f8:7c:18:93:f6:00:24:d3:b2:7d:0f:2c:87:c6:
fc:5e:21:8c:e3:bc:db:74:45:10:23:a4:04:f2:23:
f3:7a:0a:44:0e:62:4b:1f:83:aa:08:1b:34:d6:75:
63:a7:86:6e:0b:9f:c7:90:b0:63:fb:ec:61:09:c9:
ae:4c:6f:54:d1:bf:07:5e:4d:75:a1:9f:1c:b4:a7:
15:e5:a5:86:93:e6:c6:41:2d:a0:2e:38:b8:84:33:
60:f6:a5:f8:da:73:04:64:c9:40:c7:0a:14:1c:98:
c4:6d:d4:97:c3:94:0d:5d:19:f6:56:4e:25:d3:49:
34:f6:c7:93:de:07:dc:56:0b:82:87:5b:6b:6c:14:
21:06:d6:c8:87:55:bb:6f:69:05:41:54:bc:2b:22:
f5:d6:43:83:d1:0c:56:d2:66:bf:38:6e:19:8d:a4:
57:3a:07:3f:12:1e:c5:00:12:7b:41:7b:f7:9f:86:
8e:ad:a1:30:1b:82:d5:56:68:80:33:c3:b6:e9:34:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D5:1D:73:54:BF:89:21:F9:67:71:2D:B0:9C:E0:15:02:8E:E0:FD
X509v3 Authority Key Identifier:
keyid:B4:63:20:18:80:98:52:0C:36:62:77:F7:49:A4:F7:7A:1D:44:44:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGMgGICYUgw2Ynf3SaT3eh1ERDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/R9Udc1S_iSH5Z3EtsJzgFQKO4P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.248.0/21
31.25.184.0/21
37.128.128.0/21
77.73.0.0/21
78.31.104.0/21
89.200.136.0/21
185.98.196.0/22
213.170.0.0/19
IPv6:
2a02:24e0::/32
Signature Algorithm: sha256WithRSAEncryption
90:f3:f8:c0:83:36:57:6c:43:87:da:c9:6f:99:c0:1f:7c:b4:
7d:4f:62:f8:0e:b0:89:51:90:d5:a4:c8:73:b9:fa:67:9c:25:
9e:f4:22:94:14:cb:38:86:91:0b:6c:e6:dd:06:8b:9a:f0:c9:
15:2c:d0:df:10:0b:21:07:35:1a:65:6d:88:a1:eb:d5:ce:09:
8d:2d:40:f7:c0:a5:e5:02:06:2b:8c:fd:64:c4:fa:33:6a:a8:
5b:34:04:bd:34:9e:ef:d8:9f:4c:a8:f8:3b:05:44:28:d3:df:
6c:34:71:8c:de:c5:7b:b4:0a:b2:fe:ad:86:e1:5d:db:42:5e:
02:c7:56:e6:70:da:8f:dc:bf:c7:74:a0:7e:43:a3:a9:7a:dc:
f6:f1:30:df:13:b6:40:5a:89:e6:f3:75:1c:5b:67:b8:0c:e4:
9b:6e:3d:c1:79:d4:35:e7:3f:76:39:c8:90:13:11:4b:57:44:
a2:ea:96:a3:b2:2b:4a:a6:f7:15:f2:e4:ce:81:f0:40:67:3b:
10:29:17:e1:26:da:6e:a7:f3:9e:1a:55:85:d4:bb:4c:13:88:
25:65:18:cd:99:a1:72:30:a8:d7:f6:fb:c9:da:f6:21:8a:c5:
86:0c:35:60:a9:83:c4:10:c5:a2:b8:70:59:91:2f:d7:8e:ab:
79:0d:40:13
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEEz4kqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDYzMjAxODgwOTg1MjBjMzY2Mjc3Zjc0OWE0Zjc3YTFkNDQ0NDM5MB4XDTIyMDEw
MTAxNTI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdkNTFkNzM1NGJm
ODkyMWY5Njc3MTJkYjA5Y2UwMTUwMjhlZTBmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMN2DWeSKlPglz/UTX+Fbf9SlLVezjCVn1ZhDyvckvy87ad+
3dSm0T+Gq1OQvKaRK+HVYIrMFhB174NNSfh8GJP2ACTTsn0PLIfG/F4hjOO823RF
ECOkBPIj83oKRA5iSx+DqggbNNZ1Y6eGbgufx5CwY/vsYQnJrkxvVNG/B15NdaGf
HLSnFeWlhpPmxkEtoC44uIQzYPal+NpzBGTJQMcKFByYxG3Ul8OUDV0Z9lZOJdNJ
NPbHk94H3FYLgodba2wUIQbWyIdVu29pBUFUvCsi9dZDg9EMVtJmvzhuGY2kVzoH
PxIexQASe0F795+Gjq2hMBuC1VZogDPDtuk0xCUCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRH1R1zVL+JIflncS2wnOAVAo7g/TAfBgNVHSMEGDAWgBS0YyAYgJhSDDZi
d/dJpPd6HUREOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RHTWdHSUNZVWd3MlluZjNTYVQzZWgxRVJEay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvNGFjYjgzLWY5NDAtNDc2Ni1iY2E5LTYwOGU3ZDc3OWJjNy8x
L1I5VWRjMVNfaVNINVozRXRzSnpnRlFLTzRQMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
NGFjYjgzLWY5NDAtNDc2Ni1iY2E5LTYwOGU3ZDc3OWJjNy8xL3RHTWdHSUNZVWd3
MlluZjNTYVQzZWgxRVJEay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwWZ+AMEAx8ZuAMEAyWAgAMEA01J
AAMEA04faAMEA1nIiAMEArlixAMEBdWqADANBAIAAjAHAwUAKgIk4DANBgkqhkiG
9w0BAQsFAAOCAQEAkPP4wIM2V2xDh9rJb5nAH3y0fU9i+A6wiVGQ1aTIc7n6Z5wl
nvQilBTLOIaRC2zm3QaLmvDJFSzQ3xALIQc1GmVtiKHr1c4JjS1A98Cl5QIGK4z9
ZMT6M2qoWzQEvTSe79ifTKj4OwVEKNPfbDRxjN7Fe7QKsv6thuFd20JeAsdW5nDa
j9y/x3SgfkOjqXrc9vEw3xO2QFqJ5vN1HFtnuAzkm249wXnUNec/djnIkBMRS1dE
ouqWo7IrSqb3FfLkzoHwQGc7ECkX4SbabqfznhpVhdS7TBOIJWUYzZmhcjCo1/b7
ydr2IYrFhgw1YKmDxBDForhwWZEv146reQ1AEw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:58 2025 by rpki-client