Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/66f829-5129-4842-a5c0-3740b0941db8/1/5U7yiwGDZ59p85k0kxH54PBNLy0.roa
File: 5U7yiwGDZ59p85k0kxH54PBNLy0.roa (raw, json)
Hash identifier: Ta+HtyTRhKVzDMukOeP7WD50GyoL65GcTH2o3XhstUE=
Subject key identifier: E5:4E:F2:8B:01:83:67:9F:69:F3:99:34:93:11:F9:E0:F0:4D:2F:2D
Certificate issuer: /CN=9d257190821f7058a8eafd48196974368bad8f14
Certificate serial: 01856BF7D977794433A0DECE90E2453EE7A7
Authority key identifier: 9D:25:71:90:82:1F:70:58:A8:EA:FD:48:19:69:74:36:8B:AD:8F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSVxkIIfcFio6v1IGWl0NoutjxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/66f829-5129-4842-a5c0-3740b0941db8/1/5U7yiwGDZ59p85k0kxH54PBNLy0.roa
Signing time: Sun 01 Jan 2023 06:14:43 +0000
ROA not before: Sun 01 Jan 2023 06:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15491
IP address blocks: 92.241.64.0/19 maxlen: 24
185.51.16.0/22 maxlen: 24
109.238.224.0/20 maxlen: 24
213.131.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:f7:d9:77:79:44:33:a0:de:ce:90:e2:45:3e:e7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d257190821f7058a8eafd48196974368bad8f14
Validity
Not Before: Jan 1 06:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e54ef28b0183679f69f399349311f9e0f04d2f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:91:04:db:80:6b:92:40:66:6c:ea:78:f9:b6:
87:d1:03:6b:c4:ac:0c:ba:f2:71:aa:99:65:2f:d6:
be:83:4c:6b:2d:c3:3d:c0:a0:d3:46:fa:10:59:c6:
bf:87:b6:a5:0e:61:cc:5f:7d:cf:0a:95:d1:02:b3:
d1:49:3f:d2:32:3f:e1:53:b7:0d:23:57:20:8f:db:
da:e9:86:b0:80:7a:61:0f:cc:08:c7:da:10:b7:29:
41:9e:4f:a6:fb:3d:c7:49:48:6f:c4:29:ef:f2:e0:
dd:0f:d9:46:05:40:85:01:0f:c6:6a:02:d9:55:b5:
86:34:03:42:b8:67:ee:82:6f:02:05:4e:5f:2c:5f:
09:68:0b:71:ab:69:2a:fa:57:aa:c9:86:98:4c:b3:
c3:61:01:9a:63:67:2f:3f:5d:5b:da:07:d1:3f:2e:
75:24:49:c1:d9:a2:92:4e:89:ea:00:04:e9:80:94:
8c:be:b7:fd:e6:6a:1f:61:41:88:fe:b9:e4:65:67:
36:b2:ce:14:b9:ce:e8:40:2b:ff:a4:3d:f7:f5:fa:
89:55:ab:64:f1:4f:cd:8b:41:44:07:e4:a5:7e:a0:
10:54:f1:20:2b:10:c9:93:06:36:ee:34:3d:ed:2f:
3b:33:83:22:96:02:d3:6a:8a:3e:d5:8c:af:0a:00:
b7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4E:F2:8B:01:83:67:9F:69:F3:99:34:93:11:F9:E0:F0:4D:2F:2D
X509v3 Authority Key Identifier:
keyid:9D:25:71:90:82:1F:70:58:A8:EA:FD:48:19:69:74:36:8B:AD:8F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSVxkIIfcFio6v1IGWl0NoutjxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/66f829-5129-4842-a5c0-3740b0941db8/1/5U7yiwGDZ59p85k0kxH54PBNLy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/66f829-5129-4842-a5c0-3740b0941db8/1/nSVxkIIfcFio6v1IGWl0NoutjxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.241.64.0/19
109.238.224.0/20
185.51.16.0/22
213.131.32.0/19
Signature Algorithm: sha256WithRSAEncryption
71:d0:ec:ec:22:77:35:c2:2f:e5:91:41:9f:79:e9:71:b9:f4:
b7:65:e3:91:4d:3e:14:bc:d4:49:23:3e:df:0d:fc:16:81:c5:
1e:6d:de:91:e0:33:42:a3:45:40:d2:e0:0e:b8:16:35:91:ed:
c2:07:b4:3a:73:85:fd:7a:a7:06:e0:31:b3:d8:4e:5e:62:bb:
82:4d:c8:01:b3:3c:5c:2c:64:8b:78:00:84:b4:fd:dc:16:81:
31:84:c8:ae:3f:b5:12:d0:c2:15:8b:15:8a:50:85:a1:6e:17:
af:88:6f:db:50:4c:7e:4c:b9:c7:40:7e:ce:21:79:ff:1c:4c:
fe:99:c5:e6:14:7f:b8:26:4d:09:e4:82:71:45:88:48:44:fe:
65:93:78:5a:d8:b9:10:51:2e:85:e6:12:fe:43:4f:de:f5:94:
f0:15:49:fb:71:9f:a0:7a:bd:b7:76:81:4e:44:de:3a:18:4b:
bb:34:2a:d0:86:dd:97:8a:84:dd:68:be:12:36:29:67:27:38:
81:7b:46:30:45:d6:f8:1c:8f:69:15:70:88:d9:e4:26:7a:30:
c8:0d:e9:f0:75:74:84:83:db:18:53:c9:69:16:00:e3:c4:1b:
fa:b7:8b:2c:8c:54:5e:ad:3e:90:7d:a5:8b:b2:92:e7:e6:3e:
5a:0e:d0:f8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVr99l3eUQzoN7OkOJFPuenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjU3MTkwODIxZjcwNThhOGVhZmQ0ODE5Njk3NDM2OGJh
ZDhmMTQwHhcNMjMwMTAxMDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTRlZjI4YjAxODM2NzlmNjlmMzk5MzQ5MzExZjllMGYwNGQyZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpEE24BrkkBmbOp4+baH0QNrxKwM
uvJxqpllL9a+g0xrLcM9wKDTRvoQWca/h7alDmHMX33PCpXRArPRST/SMj/hU7cN
I1cgj9va6YawgHphD8wIx9oQtylBnk+m+z3HSUhvxCnv8uDdD9lGBUCFAQ/GagLZ
VbWGNANCuGfugm8CBU5fLF8JaAtxq2kq+leqyYaYTLPDYQGaY2cvP11b2gfRPy51
JEnB2aKSTonqAATpgJSMvrf95mofYUGI/rnkZWc2ss4Uuc7oQCv/pD339fqJVatk
8U/Ni0FEB+SlfqAQVPEgKxDJkwY27jQ97S87M4MilgLTaoo+1YyvCgC3LwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOVO8osBg2efafOZNJMR+eDwTS8tMB8GA1UdIwQY
MBaAFJ0lcZCCH3BYqOr9SBlpdDaLrY8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNWeGtJSWZjRmlvNnYxSUdXbDBOb3V0anhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS82NmY4MjktNTEyOS00ODQyLWE1YzAt
Mzc0MGIwOTQxZGI4LzEvNVU3eWl3R0RaNTlwODVrMGt4SDU0UEJOTHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS82NmY4MjktNTEyOS00ODQyLWE1YzAtMzc0MGIwOTQxZGI4
LzEvblNWeGtJSWZjRmlvNnYxSUdXbDBOb3V0anhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFXPFAAwQE
be7gAwQCuTMQAwQF1YMgMA0GCSqGSIb3DQEBCwUAA4IBAQBx0OzsInc1wi/lkUGf
eelxufS3ZeORTT4UvNRJIz7fDfwWgcUebd6R4DNCo0VA0uAOuBY1ke3CB7Q6c4X9
eqcG4DGz2E5eYruCTcgBszxcLGSLeACEtP3cFoExhMiuP7US0MIVixWKUIWhbhev
iG/bUEx+TLnHQH7OIXn/HEz+mcXmFH+4Jk0J5IJxRYhIRP5lk3ha2LkQUS6F5hL+
Q0/e9ZTwFUn7cZ+ger23doFORN46GEu7NCrQht2XioTdaL4SNilnJziBe0YwRdb4
HI9pFXCI2eQmejDIDenwdXSEg9sYU8lpFgDjxBv6t4ssjFRerT6QfaWLspLn5j5a
DtD4
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:24 2025 by rpki-client